IT Security Engineer I

About The Position

Requirements

• Associate’s degree in computer science or a related field in information technology is required, or alternatively, three years of relevant work experience in an IT function related to the position. This experience must include information security or a related IT field, such as IT support or system administration. Any equivalent combination of education and experience will be considered.
• Regular and reliable attendance required.
• Knowledge of: Fundamental IT Security principles and frameworks such as NIST, CIS, or ISO. Have basic knowledge of common attack vectors, threats, and vulnerabilities. Have a rudimentary understanding of network, systems, or application security. Be able to understand regulatory compliance and cyber risk management.
• Skills in: Analytical and Problem-Solving under direction as it relates to security risks, identifying potential threats, triaging alerts, and recommending mitigations. A person must have basic technology skills and proficiencies (e.g., Windows, Linux, PowerShell, Python) or other applications and technologies. A person in this role must be able to effectively write and verbally communicate with supervisors and other team members as part of being an effective team member.
• Ability to: Must be able to communicate information/ideas to others, recognize a problem, and apply general rules to specific problems to come up with logical answers. A person in this role must have the ability to follow multiple step instructions; combine separate pieces of information, or specific answers to problems, to form general rules or conclusions; concentrate and not be distracted while performing a task over a period of time; efficiently shift back and forth between two or more activities or sources of information. The person for this role must be of high integrity as they could potentially have access to confidential and sensitive information.

Nice To Haves

• Hands-on experience with security tools, including firewalls, antivirus software, SIEM tools, or other cybersecurity and compliance tools.

Responsibilities

• Monitor real-time security alerts, logs, and events using organizationally established tools such as a Security Information and Event Management (SIEM).
• Perform initial triage and information gathering of security alerts, escalating complex issues to senior staff as needed.
• Perform fundamental security and vulnerability scans and assessments and meticulously document the findings.
• Aid in maintaining and updating cybersecurity and compliance documentation.
• Document security incidents and assist with incident reports.
• Participate in the management of the Agency Security Program by identifying and tracking security gaps and Plan of Action and Milestones (POAM) associated with the security program. This involves properly assigning and resolving security gaps including risk acceptance, remediation and compensating controls.
• Other duties as assigned and within the scope of the classification.

Benefits

• 13 paid holidays
• Vacation and sick leave that begin accruing immediately
• Military leave
• 156% (that's not a typo!) state-matched retirement
• Tuition reimbursement
• Employee assistance program
• 79% employer paid health insurance plans
• Dental and vision insurance plans
• Employer-paid $20,000 life insurance policy
• Public Service Loan Forgiveness Program (PSLF) through the Federal government
• Wide variety and availability of career advancement as the largest and most diverse employer in the State
• Opportunity to be part of meaningful work and make a difference through public service
• Training and Development based on your career aspirations
• Fun, inviting teammates
• A safe and secure environment