Job Description

Job Summary:  This job performs critical information security services in the operation of the City's information security program including vulnerability management, security and event monitoring, threat evaluation, risk management, incident response, and compliance activities. Responsible for the operations of various security related applications, reviewing system architecture submittals, perform risk-based analysis, and participate in security incidents, DevSecOps processes, and compliance related activities. perform related work as required. May be expected to participate in a 24x7 operational rotation as a member of the network and security operations center staff.

Job Responsibilities:

• Perform compliance activities and audits such as policy reviews, process reviews, and third-party security audits.
• Monitor, configure, and operate an enterprise class anti-virus/anti-malware system including policy, scanning and remediation activities.
• Conduct and participate in cybersecurity related investigations and incidents.
• Evaluate application and IT infrastructure for risk and threat assessment.
• Evaluate vulnerability and threat information to assess, measure, and prioritize mitigations based on risk.
• Participate in DevSecOps processes and familiarity with programming practices, threat modeling and testing methodologies.
• May be expected to participate in a twenty-four by seven (24x7) operational rotation as a member of the network and security operations center staff.
• Analyze and install manufacturer supplied or internally developed system software and/or hardware to maintain or enhance the City’s information technology systems and configurations. Once systems are installed, test system and troubleshoot bugs to ensure proper connectivity and compatibility/integration with interconnected systems.
• Collaborate with other information technology professionals to plan and administer projects to determine impact and establish scope and schedules in order to ensure satisfactory and timely completion of work.
• Provide technical advice to management and other personnel on software and hardware capabilities, limitations, and costs; perform troubleshooting and problem solving to provide around-the-clock system availability.
• May train and direct work of junior staff; coordinate with other information technology professionals to tailor system components and configurations to optimize performance.
• Perform other job duties requiring skills, knowledge and physical requirements as demanded by those duties described or less. Individual assignments will be determined by the supervisor based on then current workloads and department needs.

Required Skills:

• Knowledge of principles of cyber security best practices and concepts.
• Experience with performing compliance activities and audits such as policy reviews, process reviews and third-party security audits.
• Familiarity with HIPAA, CJIS, Virginia CDPA along with other Federal and state privacy regulations as they pertain to data privacy and information security control requirements.
• Experience with the monitoring and operation of SEIM applications.
• Experience with configuring and operating an enterprise class anti-virus/anti-malware system including policy, scanning and remediation activities.
• Experience conducting and participating in cyber security related investigations and incidents.
• Familiarity with database, network, virtualization and OT operations concepts and design.
• Experience evaluating application and IT infrastructure for risk and threat assessment.
• Experience with security architecture and security best practices for AWS, Azure, Google Cloud and/or other public cloud platforms.
• Experience with evaluating vulnerability and threat information to assess, measure and prioritize mitigations based on risk.
• Experience in participating in DevSecOps processes and familiarity with programming practices, threat modeling and testing methodologies.
• Familiarity with NIST Cyber Security Framework and ISO 27001 Framework.

Preferred Qualifications

• BS/BA degree in related discipline strongly preferred (i.e. Engineering, Computer Science, or similar technical degree).
• 1+ years’ experience in networking, programming, IT infrastructure or related discipline.
• 3+ years’ experience in cyber security risk management, compliance or threat management or related discipline.
• Holds one or more of the following certifications: Security+, CCNA Security, CCNP Security, GSEC or CISSP

Position Details: 

• Pay Rate / Range: $57.00 

???????The above salary range represents the range expected for the position; however, final salary offers are based on a number of factors such as the position’s responsibilities; the candidate’s experience, education, and skills; location; travel required; and current market conditions. 

This program requires US Citizenship

• Benefits (Regular, Full Time Employees):  
• Medical, Dental, and Vision offerings
• Weekly Direct Deposit
• Paid Holidays and Personal Time Off
• 401(k) with match
• Voluntary Life and AD&D, Short / Long Term Disability, plus other voluntary coverages
• Pre-Paid Legal and Employee Assistance Programs
• Northwest Federal Credit Union Membership
• BB&T @ Work Program

ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans

Job Tags

Full time, Contract work, Temporary work,

Similar Jobs