SENIOR INFO TECH BUS CONSULTANT - 37020868 1

About The Position

Requirements

• Superior communication skills, both verbal and written
• Extensive experience in technical information security roles
• Experience with principles of enterprise information security
• Experience in researching and implementing security technologies
• Experience with computer networking concepts and protocols, and network security methodologies
• Experience in analyzing network traffic and packet-level analysis
• Knowledge of cyber threats and vulnerabilities
• Knowledge of business continuity and disaster recovery continuity of operations plans
• Knowledge of cyber attackers (e.g., hacktivists, insider threat, non-nation state sponsored, and nation sponsored APT)
• Experience in recognizing and categorizing types of vulnerabilities and their associated attacks
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
• Knowledge of Cloud service models
• Experience in identifying, capturing, containing, and reporting malware
• Experience in troubleshooting security events on windows endpoint and server operating systems
• Experience in working with organization’s information classification program and procedures for information compromise
• Experience in designing and implementing IAM policies for both on prem and cloud-based identity management
• Excellent coordination and collaboration skills
• Ability to maintain a valid driver’s license and travel, as needed
• 3 years of enterprise cybersecurity work experience
• Experience in Cybersecurity incident response
• Experience participating in Cybersecurity or IT audits
• Experience with Active Directory
• Experience with cloud architecture
• Valid Driver’s License

Nice To Haves

• The ideal candidate will be a confident communicator, comfortable engaging with both internal and external stakeholders.
• They must exhibit exceptional organization and troubleshooting skills, attention to detail, along with strong written and verbal communication.
• Flexibility is essential, as the role will at times require availability outside of standard 8-5 business hours.
• We seek a proactive team member who can also work independently, demonstrating a strong working knowledge of enterprise cybersecurity solutions and practices.
• The ability to take direction, execute and document tasks efficiently is crucial.
• Additionally, the candidate should be comfortable with emerging technologies and an ever-changing threat landscape.

Responsibilities

• Assist with maintaining the information security incident response plans and procedures to comply with Florida State standards and rules.
• Maintaining procedures to ensure security requirements are incorporated into the change control process
• Maintaining the protection of the physical and virtual operating environment for agency-owned or managed IT resources
• Maintaining a policy and procedure review process that facilitates continuous improvement of IAM security
• Maintaining a policy and procedure review process that facilitates continuous improvement to security standards
• Establishing an information security program that includes information security policies, procedures, standards, and guidelines; an information security awareness program; an information security risk management process, including the comprehensive risk assessment required by section 282.318, F.S.; a Cybersecurity Incident Response Team; and a disaster recovery program that aligns with the agency’s Continuity of Operations Plan (COOP). Proactively researching latent security threats and recommending risk mitigation actions
• Performing information security investigations in conjunction with the Inspector General’s Office and law enforcement agencies
• Developing, maintaining, and executing the department’s IT Security Strategic Plan
• Review and modify identity and access management policies
• Review and modify firewall rules iteratively to be more secure
• Respond to information security incidents and execute countermeasures
• Review access requests and provide access control oversight when needed
• Maintain technical skillset in order to adapt to new technologies as they emerge including researching and recommending security focused training for themselves and others in the division
• Monitor e-mail filtering and spam control systems and configure as necessary to improve security
• Ensure cryptographic standards are maintained in systems and applications
• Assist with ensuring compliant CJIS (criminal justice) systems, and recommend technologies and procedures for on-premise and cloud-based CJIS infrastructure
• Evaluate desktop policies to ensure proper patching levels and security policies are maintained
• Assist the ISM with strategic tasks including information security risk assessments, audits and governance
• Perform other duties as assigned

Benefits

• Annual and Sick Leave benefits
• Nine paid holidays and one Personal Holiday each year
• State Group Insurance coverage options, including health, life, dental, vision, and other supplemental insurance options
• Retirement plan options, including employer contributions
• Tuition waivers