Information Technology Specialist (Information Systems Security Specialist)

About The Position

Requirements

• Bachelor's degree in computer science, information technology, management, public administration, or a related field.
• Four (4) years of technical experience in the duties and infrastructure support required for the position.
• Any combination of education and experience equivalent to eight (8) years of experience that typically supports the knowledge, skills, and abilities for the position.
• Current driver's license and an acceptable driving record.

Nice To Haves

• Experience developing and implementing cybersecurity methodology.
• Experience on cybersecurity response teams.
• Experience participating on an IT response team.
• Experience monitoring IT security vulnerabilities and risks across on-site and cloud-based networks.
• Experience performing risk assessment activities.
• Experience communicating complex security issues in a manner that end users can understand.
• Current certification in ISP, CISSP, CCSP, GSEC, Security+, or an equivalent.
• Strong knowledge of Zero Trust Principles.
• Expertise in application development security (devsec).

Responsibilities

• Develop, implement, and monitor strategic, comprehensive enterprise IT security and risk management functions across OJD's IT enterprise and cloud services.
• Develop and modify information security architecture standards for OJD data centers, networks, systems, and applications.
• Review, implement, and monitor patch management for OJD systems, applications, and networks.
• Develop and implement security methodology within the systems development life cycle.
• Review, analyze, manage, and communicate information security incidents as part of the Security Incident Response Team; recommend corrections and changes.
• Review vendor and contractor agreements and contracts, and provide confidentiality and security requirements recommendations.
• Conduct computer forensic analysis on OJD computers and systems to aid in investigations and security breaches.
• Review latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities and provide recommendations for IT security changes.
• Guide project teams on information security requirements and potential systems, networks, applications, and cloud services vulnerabilities.
• Investigate information security incidents and assist in public information requests through eDiscovery services.
• Contribute to IT continuity and disaster recovery efforts.
• Work with OJD business partners to ensure secure information transfers and exchanges.
• Review, research, resolve, and respond to OJD help tickets for information security incidents.
• Develop, revise, implement, publish, and communicate information security policies, procedures, and standards.
• Provide training to OJD personnel on information security awareness.
• Scan and test OJD systems, networks, and applications for information security vulnerabilities.
• Monitor networks, systems, and applications traffic for potential security breaches and information leakage.
• Manage OJD enterprise-wide anti-virus/anti-malware suite of reporting and protection tools.

Benefits

• Health, dental, and vision coverage.
• Paid leave.
• Optional employee-paid benefits including life insurance, long- and short-term disability, long-term care, flexible spending accounts, and commuter benefits.
• Participation in the Oregon Public Service Retirement Plan (OPSRP) and the Individual Account Program (IAP) after six months of employment.
• Opportunity to participate in the Oregon Savings Growth Plan, a 457(b) deferred compensation retirement plan.