Employment Opportunity


Information Systems & Cyber Security Engineer

City of Rockville Department of Information Technology, Rockville, Maryland

Salary: $90,572.00 - $144,914.00 Annually

Final Filing Date: March 7, 2019

The Information Systems & Cyber Security Engineer (ISCSE) is responsible for researching, designing, engineering, implementing, supporting and managing security solutions for the City of Rockville.

Duties and Requirements Click to read more

Duties:

  • Support a complex security architecture that includes IDS/IPS, next generation firewalls, web filtering, network access control, DLP, vulnerability management, log monitoring, endpoint protection, and forensic analysis
  • Review security architectures, firewall and proxy configurations, IDS/IPS, and security controls for new and proposed systems
  • Engage in prevention, early detection and resolution of risks to high value assets
  • Architect, design, implement, support and evaluate security-focused tools and services
  • Manage enterprise security technologies e.g., Next Gen Firewalls, SPLUNK, Cisco ISE, etc.
  • Support security logging processes and projects, including log collection, normalization and operational monitoring in Splunk.
  • Develop, update, communicate and enforce security policy. Ensure that the policy is up to date with evolving security requirements.
  • Validate current- and future-state architectural models to assess impact across assigned cybersecurity technology systems.
  • Oversee security requirements and technical specifications to guide project implementation toward successful solution delivery.
  • Act as trusted security professional with ability to provide strategic and technical direction in leading activities in computer security concepts including Identity & Access Management, Network Security, Application Security, Incident Management, and Risk & Compliance.
  • Deliver technical security configuration expertise in implementing enterprise-wide IAM ecosystem
  • Actively participate in the vulnerability management program, including pre-deployment risk and compliance assessments
  • Perform on-going threat analysis and research
  • Analyze and interpret network packet captures
  • Acts as a subject matter expert and engineering resource for security remediation projects, incident response activities, and forensics information gathering
  • Play a significant role in responding to and containing information security related incidents
  • Play a significant role in the selection and architecture of new information security technologies
  • Provide technical assistance to effectively translate security policy and best practices into action within the desktop support, infrastructure engineering and operations teams, and user communities
  • Audit vendor products with security requirements as needed.
  • Design, test, and support implementation of the approved security architecture improvements and secure system development lifecycles.
  • Design and support implementation of approved policies for security vulnerability and penetration testing.
  • Plans and conducts internal and external cyber security audits; interprets and documents audit results; recommends and implements corrective actions.
  • Maintains knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
  • Builds and maintains effective relationships with management, peers, project managers, and internal customers.
  • Designs and engineers solutions to align with the City's Cybersecurity Strategy.
  • Plan and conduct cyber security awareness assessments, communication, and end-user training.

Requirements:

  • Bachelor's degree or equivalent experience in an IT-related discipline (preferably with an emphasis on security).
  • Minimum of 4 years' experience in a combination of system, network and information security, demonstrating a progressive growth in responsibility.
  • Must have experience in one or more Identity Management disciplines, such as: Identity Lifecycle Management, Authentication, Authorization, Federation, Access Management, Access recertification, Role and Entitlement models, Directory technologies etc.
  • Must have solid understanding of applications and system IAM architectures and best practices
  • Communication - Must be able to communicate effectively both verbally and in writing, be courteous and professional when interacting with colleagues and clients, demonstrate a solid ability to identify and solve problems, and be able to work successfully in a team environment.
  • Automation - Experience with automated configuration management, network, server provisioning and/or system monitoring tools.
  • Develop programs, scripts, or code segments as necessary to facilitate operation, administration, maintenance or analysis of data and systems in Bash, Ruby, Python, and/or Perl.
  • Technology - Familiar with enterprise security network and system architectures
  • Hands-on experience with underlying technologies relevant to cyber security and the ability to combine technical knowledge with strategic vision.
  • Good understanding of TCP/IP and related protocols.
  • Comfortable dealing with users with varying levels of IT and non-IT knowledge
  • Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures, and cloud computing
  • Must be able to work with minimal supervision following guidelines and meeting deadlines.
  • Professional certification such as CCNA and/or CCNA-Security is required.
  • Must be detail-oriented.
Preferred Qualifications:
  • Professional certifications such as COMPTIA Security+, CCNA, CCNA-Security, CCNP-Security, CISM, CISSP, CISA, CEH and/or CISM preferred.
  • Knowledge and direct experience with vulnerability management, SIEM and log management, file integrity, proxy servers, DLP, IPS/IDS, VPN, PKI, multiple-factor authentication, cryptography.
  • Strong analytic and problem-solving skills.
  • Strong management and organizational skills.
  • Excellent written, verbal communication and presentation skills.
  • Experience with programming and/or scripting
Knowledge, Skills, and Abilities
  • Familiarity with Information Security directives, regulations, guidance, and controls specific to National Institute and Standard Technology (NIST) Framework.
  • Strong understanding of an enterprise technical environment and system administration actions:
    • Experience with operating in a MS Active Directory environment
    • Experience with applications and tools within a highly diverse enterprise environment
    • Experience with virtual and physically managed infrastructures
    • Experience working within a diverse and heterogeneous network environment
  • System Development:
    • Understanding of securing internet tools and protections associated with DMZ on a public facing network
    • Understanding network infrastructure and network devices
  • Event Detection and Incident Response:
    • Ability to configure, deploy, monitor and tune IDS/IPS signatures, security/threat intelligence feeds
    • Ability to configure and upgrade firewalls, add/delete rules, analyze logs, implement management server redundancy, optimize and audit rule base.
    • Ability to configure and maintain VPN, add rules, add routers, maintain SSL certificates
    • Ability to install and configure entire vulnerability management system, upgrade, expand scanning segments as needed, create and maintain reports. Create and schedule asset, vulnerability and configuration scans for the enterprise.
    • Ability to administer anti-virus system, upgrade system, create file/directory scanning exclusions.
    • Experience with Network Access Control (NAC): Configure, deploy and administer NAC system. Refine device classification and clarification.
    • Familiarity and understanding of tools and techniques to manage the identification of abnormal behavior, including Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) systems such as Splunk, and other relevant tools.
  • Prepare reports and supporting recommendations
  • Keep up-to-date on cyber security threats and stay current on intrusion detection and prevention hardware and software technologies
  • Proven penetration testing abilities, especially in an enterprise environment. These will include the ability to use automated pen-testing tools as well as carry out manual pen testing
  • Ability to pen-test and review web application, source code, operating system, and network security architectures; finding vulnerabilities and defining effective strategies for remediation and hardening.
  • Ability to perform strategic end-to-end security design reviews at key points of project lifecycles to identify security requirements, any risks or capability gaps that need addressing, and be able to make recommendations about relevant security hardening and risk mitigation controls that should be implemented
  • Proven ability to program and script in a variety of programming/scripting languages
  • Offensive/Red-team experience
  • Threat Modelling experience

Do you have the Education Required? See available on-line and campus-based degree programs now!

How to apply: Apply online

Posted: February 11, 2019


NOTE: The crime-scene-investigator.net is not responsible for typographical errors or omissions in employment notices on this web site. Often, employers change final filing dates, change duties and/or requirements, or close employment openings without notice. If you are interested in a job posted on this site be sure to contact the employer to see if changes in the filing date or job announcement have been made. Employers can also provide more information about open positions that does not appear in the announcements on these pages.