Division of Technology Services (DTS)
Information Risk Management
1720 W. Madison Ave.
Security Engineering Specialist
Working under the direction of the Chief Information Security Officer, as the senior Security Engineer, the Security Engineering Specialist, conducts penetration testing, security defense-in-depth strategy development and designs of security systems and processes to support said strategy. This position assists as a Vulnerability Management Specialist as needed, directly supervises two staff who are involved with either Vulnerability Management and Security Engineering, performs Enterprise Security Engineer/Architect Duties which includes: identifying security needs at system/network entry points and security zones, conducting risk assessments to determine appropriate intrusion detection and vulnerability management monitoring solutions. The incumbent performs Vulnerability Management Duties as directed and conducts analysis of network infrastructure to identify critical business nodes (devices, systems, etc.) upon which to place vulnerability baseline monitoring solutions. This position also creates Security Engineering Policies, Standards, and Procedures; and performs other data security functions as needed in support of DES Information Risk Management Team.
KNOWLEDGE, SKILLS AND ABILITIES (KSAs):
KNOWLEDGE of: Network, Application, Data and Information Security Engineering and Architectural principles and best practices; current and evolving security technologies; information security principles and practices; working experience with intrusion detection systems; installation, configuration, monitoring and response to SIEM security system(s); understanding of advanced security protocols and standards; experience with software and security architectures; evaluating and developing an approach to solutions; proactively assessing potential items of risk and opportunities of vulnerability in the network; security practices of Intranet and Extranet; practical experience with various firewall technologies; UNIX, AIX, Linux, Cisco Network IDS, Cisco Host-based IDS, Access Control Solutions, ESM, and IDS and current encryption technologies, Digital Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture.
SKILLS in: Conducting penetration testing; understanding of technology platforms; documenting business/security processes and determining where changes are needed; being customer centric, self-driven; advanced verbal and written communication skills including proficiency with grammar and syntax and to express technical information in oral and written form understandable to technical and non-technical personnel; demonstrating excellent interpersonal skills for communication with customers and peers; and problem solving and analysis.
ABILITY to: Effectively communicate technical information to a wide range of audiences; grasp functional requirements quickly; lead multiple projects with competing deliverables and deadlines in a fast paced environment; develop partnerships and credibility across an organization; perform independent research; be proficient in a variety of requirement gathering and documenting methodologies; possess a strong work ethic and attention to detail and work independently with little to no supervision; work with the Division's and Administration's employees, customers and vendors; recognize potential issues and pro-actively address and solve; take personal ownership of tasks, requests for information, and external due dates; provide completed documentation to satisfy tasks, requests, and other documentation required by immediate supervisor, project team or standards and policies; analyze comprehensive business processes, perform in-depth work analysis and develop computer generated flow charts.
PREFERRED/IDEAL CANDIDATE: Will have a Bachelor's degree in Computers, Technology or related field from an accredited college or university; have knowledge and/or Certification(s) in CISSP, CSSLP, Sophos; Certification(s) in some area of Data Security and Information Resource Management; and Certificate of completion in formal Data Security software and at least three to five years of enterprise experience in information technology or information security engineering.
NOTE: This position directly maintains or has responsibilities to alter system functions and/or modify functions of computers and will be required to apply for and show proof of receipt of a valid Arizona Fingerprint Clearance Card that meets DES requirements for a Level One card.
All newly hired employees are subject to the E-Verify Employment Eligibility Verification Program.
Comprehensive benefits package includes 12 days sick leave, 13 days vacation, 10 holidays per year, health & dental insurance, retirement plan, life & long-term disability. Optional benefits for short-term disability, deferred compensation & supplemental life insurance are available.
You must apply on line no later than the close date of this announcement 5:00 p.m., Mountain Standard Time. You will not be able to apply after the close date/time because job postings are removed from the job board site at that time, unless a sufficient number of resumes are received prior to the apply by date.
Persons with a disability may request a reasonable accommodation such as a sign language interpreter or an alternative format by contacting Human Resources Administration at (602) 771-2870. Requests should be made as early as possible to allow time to arrange the accommodation. AZ State Gov't is an EOE/ADA Reasonable Accommodation Employer.
AGENCY JOB BOARD ID: DES
State of Arizona - 22 months ago