Senior Cybersecurity Administrator 26-E-08

Illinois Attorney General•Chicago, IL

About The Position

Under the direction of the Chief Information Security Officer, the Senior Cybersecurity Administrator will serve as a senior technical resource responsible for administering, securing, and maintaining the Office’s on-premises and cloud-hosted cybersecurity infrastructure. This position will provide advanced technical leadership for enterprise cybersecurity services, including server environments, identity and access management, endpoint detection and response, vulnerability management, and other security technologies. The Senior Cybersecurity Administrator will be responsible for designing, building, configuring, securing, and maintaining virtual servers and related infrastructure in support of cybersecurity operations and administration. The position will assist with capacity planning, system hardening, baseline configuration, lifecycle management, backup coordination, server decommissioning, and documentation of server builds, configurations, and administrative procedures. This position will also support enterprise vulnerability and patch management by evaluating, testing, deploying, tracking, and reporting on operating systems, applications, and security patches, and coordinating remediation across servers, workstations, and related infrastructure. The Senior Cybersecurity Administrator will manage and support information security tools and technologies; develop and standardize management reporting; and lead the implementation, integration, customization, and administration of identity and access management tools such as Okta, Duo, CyberArk, Azure Active Directory, and related platforms. This position will oversee role-based access systems to ensure least privilege access throughout the enterprise and will work closely with business and technology leaders to deploy and maintain network micro-segmentation, endpoint protection, access controls, and other security architecture improvements. The Senior Cybersecurity Administrator will deploy, update, maintain, and troubleshoot leading endpoint detection and response technologies; assist with vulnerability and threat management operations; and prepare technical and executive-level metrics related to vulnerabilities, patch compliance, system health, and security risk. The position will review and implement privilege access requests, changes to Active Directory Group Policies, Access Control Lists, and Directory Services; identify unusual patterns of activity; and provide senior-level technical support to cybersecurity compliance and operations functions. Additional responsibilities include performing periodic reviews of credential utilization and entitlements across the enterprise; maintaining digital certificates and domain registry services; responding to, investigating, and remediating security incidents as part of the incident response team; and recommending improvements to administrative and security processes. The Senior Cybersecurity Administrator will also assist with onboarding and offboarding processes to ensure least privilege access; train and develop junior and mid-level technical staff; develop and maintain technical documentation, standards, and procedures; and support continuous improvement of the Office’s cybersecurity program.

Requirements

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field from an accredited college or university.
A minimum of seven years of hands-on experience configuring, supporting, securing, and administering enterprise servers and cybersecurity environments, or any equivalent combination of education and related experience.
At least one certification such as Security+, Network+, CCNA, CCNP, PCNSE, CISSP, or a comparable cybersecurity, networking, systems administration, or cloud security certification is required.
Ability to effectively coordinate, prioritize, troubleshoot, document, and collaborate across technical and non-technical teams.
Outstanding written and verbal communication skills.
Attendance and the ability to maintain satisfactory working relationships with OAG employees and the general public.

Nice To Haves

Experience with endpoint detection and response tools such as Cylance, Carbon Black, CrowdStrike, or similar products.
Experience with email security tools such as Mimecast, Microsoft Defender for Office 365, Proofpoint, or similar platforms.
Experience with vulnerability management tools such as Rapid7, Qualys, Tenable, or similar solutions.
Experience with IT scripting tools such as Python, PowerShell, or similar languages.
Experience with Group Policy.
Experience with IT automation and configuration tools.

Responsibilities

Administering, securing, and maintaining the Office’s on-premises and cloud-hosted cybersecurity infrastructure.
Providing advanced technical leadership for enterprise cybersecurity services, including server environments, identity and access management, endpoint detection and response, vulnerability management, and other security technologies.
Designing, building, configuring, securing, and maintaining virtual servers and related infrastructure in support of cybersecurity operations and administration.
Assisting with capacity planning, system hardening, baseline configuration, lifecycle management, backup coordination, server decommissioning, and documentation of server builds, configurations, and administrative procedures.
Supporting enterprise vulnerability and patch management by evaluating, testing, deploying, tracking, and reporting on operating systems, applications, and security patches, and coordinating remediation across servers, workstations, and related infrastructure.
Managing and supporting information security tools and technologies.
Developing and standardizing management reporting.
Leading the implementation, integration, customization, and administration of identity and access management tools such as Okta, Duo, CyberArk, Azure Active Directory, and related platforms.
Overseeing role-based access systems to ensure least privilege access throughout the enterprise.
Working closely with business and technology leaders to deploy and maintain network micro-segmentation, endpoint protection, access controls, and other security architecture improvements.
Deploying, updating, maintaining, and troubleshooting leading endpoint detection and response technologies.
Assisting with vulnerability and threat management operations.
Preparing technical and executive-level metrics related to vulnerabilities, patch compliance, system health, and security risk.
Reviewing and implementing privilege access requests, changes to Active Directory Group Policies, Access Control Lists, and Directory Services.
Identifying unusual patterns of activity.
Providing senior-level technical support to cybersecurity compliance and operations functions.
Performing periodic reviews of credential utilization and entitlements across the enterprise.
Maintaining digital certificates and domain registry services.
Responding to, investigating, and remediating security incidents as part of the incident response team.
Recommending improvements to administrative and security processes.
Assisting with onboarding and offboarding processes to ensure least privilege access.
Training and developing junior and mid-level technical staff.
Developing and maintaining technical documentation, standards, and procedures.
Supporting continuous improvement of the Office’s cybersecurity program.