Information Security Administrator
Frederick County Government 5 reviews - Frederick, MD

This job posting is no longer available on Frederick County Government. Find similar jobs:Information Security Administrator jobs - Frederick County Government jobs

Exempt; full-time; 40 hours per week; Monday - Friday; 7:30 a.m. - 4:30 p.m.; full-benefits

This professional position is responsible for the design, administration, controls, analysis, response, and management of all aspects of Frederick County’s information security environment. This includes, but is not limited to, policies, access, and controls for enterprise applications and data, firewalls, wired and wireless networks. Direction may be given to contractors, technical and clerical support staff; supervision is received from the IIT Chief Information Security Officer.

Examples of Work:
  • Maintain, monitor, analyze and enhance enterprise information security
  • Provide information security planning, assessment services, technical support, and incident management to County departments/agencies and partners on the county network
  • Lead and participate in information security investigations and remediations
  • Assess and recommend security solutions; remediate security vulnerabilities
  • Identify and implement security compliance requirements including PCI, HIPPA, CJIS
  • Create and maintain security policies, procedures and standards
  • Lead research and testing, provide cost-benefit analysis and manage deployments of information security initiatives, technologies and processes
  • Direct contractors and technical staff
  • Recommend, procure, implement, and manage security tools necessary to secure information and reduce risk
  • Develop and promote security awareness across the enterprise
  • Serve as the technology security lead and resource on enterprise projects
  • Lead and respond to security audits
  • Participate in development and administration of information security budgets
  • Develop information security requirements for requests for proposals and evaluate security response proposals
  • As appropriate, function as lead, team-member, or back-up on security initiatives, services, projects, audits and responses
  • Perform other related duties as required

Qualifications & Requirements:
  • Bachelor's degree in Information Security, Information Technology, or related field
  • Minimum 6 years of work experience in the information security field – 5 years additional information security experience or current security certifications may reduce the education requirement to a related Associate's degree
  • Demonstrated strong information security troubleshooting skills, including the ability to review and analyze log files, identify trends and patterns, and use security software and tools to identify, detect and mitigate potential risks in a thorough and timely manner
  • Ability and work experience to analyze existing security environments, services, and needs and proactively implement solutions and standards
  • Ability to lead information security audits, investigations, responses and remediations
  • Self-directed to remain current with technologies, security threats and vulnerabilities
  • Work experience developing and implementing strategies to improve information security services and/or reduce costs and risks
  • Ability to work independently or with a team
  • Demonstrated effective project management skills
  • Ability to organize, prepare, and communicate clear, concise and accurate assessment, remediation and incident reports
  • Effectively plan and organize work schedule and manage multiple priorities with minimal supervision
  • Develop and maintain effective working relationships with co-workers, government agencies and the general public
  • Strong and effective spoken and written (English) communication skills
  • Physical requirements include the ability to walk, stand, sit for extended periods of time, and lift or move hardware up to 40 lbs.

Preference may be given for:
  • Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Business Continuity Professional (CBCP) or Certified Public Sector Continuity Professional (CPSCP)
  • Work experience using Nitro Security or similar security information event management (SIEM) software
  • Work experience managing CheckPoint firewalls
  • Work experience managing and maintaining intrusion detection/prevention software
  • Work experience managing Internet usage and filtering
  • Work experience managing remote access
  • Compliance training / certification in any of the following areas PCI, HIPPA, CALEA, or CJIS
  • Work experience managing information security customer and vendor relationships
  • Work experience leading projects from conception to implementation and maintenance
  • Work experience developing information security policies and procedures
  • Work experience as part of a security incident management team

Additional Information/Examination Process:
  • Provide own transportation as needed for meetings and other departmental priorities
  • Available for off hours support coverage and occasional evening/weekend work required for special projects and/or emergency situations

KIND OF EXAMINATION (may include):

1) An evaluation of training and experience

2) One or more interviews

3) Pre-employment physical examination and drug testing

About this company
5 reviews