IT Professional 3 - Information Security

About The Position

Requirements

• Bachelor's degree from an accredited college or university in computer science, management information systems, or closely related field and three years of professional IT experience relevant to the duties of the position which may include computer operations, systems administration, network administration, database administration, applications analysis and development, and/or information security, one year of which was at the journey level; OR one year of relevant experience as an IT Professional II in Nevada State service; OR an equivalent combination of education and experience as described above.
• Familiarity with industry-standard information security policies, standards, and frameworks.
• Experience with security technologies such as firewalls, EDR solutions, ransomware indicators, and next-gen vulnerability management.
• Detailed knowledge of basic elements of programming in order to generate all required reports and special projects as required of the data processing section.
• Detailed knowledge of computer operating system including all functions, schedules, workflows, and processes.
• Detailed knowledge of data communication networks.
• Detailed knowledge of principles of operation, capabilities and limitations of a computer system and related environmental equipment in order to efficiently and effectively produce the final work product.
• Detailed knowledge of supervisory principles and techniques.
• Working knowledge of diagnostic procedures as needed in verifying systems.
• Working knowledge of principles of operation, capabilities and limitations of a computer system and related equipment to produce the final work product efficiently and effectively.
• Working knowledge of the principles of operation, capabilities and limitations of a multi-programming computer system and related equipment.
• General knowledge of computer programming documentation techniques as needed in setting up and verifying systems programs.
• Ability to analyze and develop current and proposed computer operation procedures for efficient and effective operations.
• Ability to anticipate changes and new directions within the data processing environment.
• Ability to plan, organize and direct a twenty-four hour, seven-day-a-week shift operation of a computer system.
• Ability to understand and apply technical manuals, environmental requirements and physical planning.
• Detailed knowledge of directory services.
• Detailed knowledge of network operating systems.
• Detailed knowledge of network problem troubleshooting.
• Detailed knowledge of concepts, characteristics, and capabilities of network based applications.
• Detailed knowledge of current and emerging trends in developing computer networking technology.
• Detailed knowledge of principles and practices of data backup and recovery.
• Detailed knowledge of the principles, practices, and techniques used to install, maintain, and support LANs and wide area networks (WANs).
• Detailed knowledge of computer network communication protocols.
• Detailed knowledge of the concepts, characteristics, and capabilities of computer operating systems.
• Working knowledge of the methodology for implementing distributed applications.
• Working knowledge of network authentication.
• Working knowledge of data storage networks.
• Working knowledge of network security design and implementation.
• Working knowledge of network communications hardware such as routers, switches, and firewalls.
• Working knowledge of systems integration and optimization.
• Working knowledge of virtual private networks and virtual LANs.
• Ability to recommend hardware to solve network issues.
• Ability to verify router configuration and optimize routes.
• Ability to perform cost/benefit analysis.
• Ability to present network design concepts to management and users.
• Ability to integrate servers into a geographically dispersed network.
• Ability to participate in vendor interaction and verify that requirements are met.
• Ability to verify efficient interconnectivity of distributed applications.
• Ability to verify network capacity and provide utilization statistics.
• Ability to configure and upgrade data storage networks.
• Ability to solve network problems.
• Ability to interpret technical manuals.
• Detailed knowledge of physical and logical database structure and design.
• Detailed knowledge of database backup and recovery scenarios and methodologies.
• Detailed knowledge of database security management and data integrity.
• Working knowledge of computer and network operating systems, computer hardware, and communications systems.
• Working knowledge of database and operating system performance tuning monitoring.
• Working knowledge of business practices and procedures.
• Working knowledge of customer service standards and procedures.
• Working knowledge of business software, systems analysis, systems design, system development lifecycle, and information architecture to effectively design and create databases.
• Working knowledge of structured query language.
• Ability to coordinate system design, applications and software programming, and computer operations activities relative to the database environment.
• Detailed knowledge of basic programming techniques such as table handling and on-line file updates.
• Detailed knowledge of general purpose programming languages (in software-oriented positions).
• Detailed knowledge of principles, tools and techniques as applied to writing, modifying, and documenting programs.
• Detailed knowledge of techniques of diagramming program flow.
• Working knowledge of access methods and file structures.
• Working knowledge of at least one formal systems design methodology.
• Working knowledge of principles of designing test procedures.
• Working knowledge of principles, practices and procedures required to develop, design, and implement information system-based solutions in a wide range of problem domains.
• General knowledge of project control techniques, including cost estimating and resource scheduling.
• Ability to utilize interactive programming techniques.
• Ability to logically analyze problems of considerable complexity.
• Ability to test and validate information systems.
• Working knowledge of three of the ten security domains.
• Working knowledge of current principles, theories, practices, and procedures of information security management.
• General knowledge of general-purpose security controls.
• General knowledge of current information security trends and technologies.
• Ability to analyze data, solve problems and make appropriate decisions within three of the ten domains.

Nice To Haves

• Familiarity with security technologies such as firewalls, EDR solutions, ransomware indicators, and next-gen vulnerability management.

Responsibilities

• Contribute to and oversee an agency-wide cybersecurity program.
• Manage responses to security incidents in accordance with all responsibilities defined by State policy.
• Coordinate with all Secretary of State divisions.
• Advise Nevada county partners regarding technical issues, cyber intelligence, and cyber incidents or attacks.
• Provide technical explanations, interpretations, and recommendations to Executive Staff.
• Serve as the backup for all ISO responsibilities.
• Conduct detailed alternative analyses and determine end-user requirements through consultation with end-users, technicians, vendors, management, and others.
• Maintain documentation related to the assigned IT specialization’s architecture, operations, and other records of work activities as required.
• Maintain current knowledge of technological trends and advancements in the IT field as well as security management practices, laws, policies, and ethics.
• Participate in recommending and justifying resource allocations and expenditure decisions, tracking, and recording expenditures, preparing purchase requests, and writing technical requirements for grant proposals.
• Perform related duties as assigned.
• Train, supervise, and evaluate the performance of subordinate staff and/or serve as a project leader as assigned.
• Function as a unit leader to include directing the activities of a branch IT support unit, overseeing projects of limited scope, and coordinating activities with other work groups.
• Develop plans to safeguard against accidental or unauthorized modification, destruction or disclosure of data to meet security needs.
• Assess costs and present alternatives for the assigned area of responsibility.
• Participate in long-term projects and strategic planning.
• Organize resources and materials in order to meet project timelines.
• Assess the security and/or vulnerability of information assets to assist in developing a risk assessment.
• Analyze data, solve problems and make appropriate decisions within three of the ten domains.
• Provide effective and responsive customer service.
• Establish and maintain positive working relationships with others.
• Develop and implement information security training materials and workshops.