IT Security Engineer I

About The Position

Requirements

• Associate’s degree in computer science or a related field in information technology is required, or alternatively, three years of relevant work experience in an IT function related to the position. This experience must include information security or a related IT field, such as IT support or system administration. Any equivalent combination of education and experience will be considered
• Fundamental IT Security principles and frameworks such as National Institute of Standards and Technology (NIST) and Center for Internet Security (CIS) and have basic knowledge of common attack vectors, threats, and vulnerabilities.
• The candidate should have a basic understanding of network, systems, or application security and should be able to understand regulatory compliance and cyber risk management.
• Analytical and Problem-Solving under direction as it relates to security risks, identifying potential threats, triaging alerts, and recommending mitigations.
• Candidate must have basic technology skills and proficiencies (e.g., Windows, Linux, PowerShell, Python) or other applications and technologies.
• Candidate must be able to effectively write and verbally communicate with supervisors and other team members as part of being an effective team member.
• Must be able to communicate information/ideas to others, recognize a problem, and apply general rules to specific problems to come up with logical answers.
• Candidate must have the ability to follow multi-step instructions; combine separate pieces of information, or specific answers to problems, to form general rules or conclusions; concentrate and not be distracted while performing a task over a period of time; efficiently shift back and forth between two or more activities or sources of information.
• Candidate must be of high integrity as they will have access to confidential and sensitive information.
• Qualified candidates will demonstrate: a strong work ethic; a high level of accountability for project and operations success; dedication to the development of high-quality products; dedication to creating a culture of excellence; dedication to fostering an atmosphere of teamwork and collaboration.

Nice To Haves

• Hands-on experience with security tools, including firewalls, antivirus software, SIEM tools, or other cybersecurity and compliance tools; knowledge of State Government and especially knowledge of Nebraska tax programs.
• Previous work experience with the IRS or State Auditor’s Office is also preferred.

Responsibilities

• Monitoring real-time security alerts, logs, and events using organizationally established tools (e.g., Security Information and Event Management (SIEM).
• Perform initial triage and information gathering of security alerts, escalating complex issues to senior staff as needed.
• Review and remediate deficiencies identified in fundamental security and vulnerability scans and assessments and meticulously document the findings and remediation strategies.
• Create and deliver IT security awareness training and help with employee onboarding regarding security protocols.
• Assists in developing and maintaining Agency cybersecurity and compliance policies and procedures documentation
• Facilitate security incident investigations, document findings and assist with incident reports.
• Participate in the management of the Agency Security Program by identifying and tracking security gaps and Plan of Action and Milestones (POAM) associated with the security program.
• Assist in the administration, review, and coordination of State and Federal audits needed to support the agency security programs i.e.(IRS, SSA, etc.).
• Performs related work as assigned.

Benefits

• We offer a comprehensive package of pay, benefits, paid time off, retirement and professional development opportunities to help you get the most out of your career and life.
• Your paycheck is just part of your total compensation.
• For more information on benefits, please visit: https://statejobs.nebraska.gov/index.html#benefits