IT Specialist - Cyber Security

About the position The purpose of this position is to increase the overall cybersecurity posture of the organization by identifying and reducing or eliminating technical risk, completing low to moderately complex technical assignments and project-based work. This class specification represents only the core areas of responsibilities; specific position assignments will vary depending on the needs of the department.

Responsibilities

• Maintains all internal cybersecurity-related systems, including but not limited to vulnerability management, intrusion detection/prevention, firewalls, and security information and event management.
• Collaborates within IT and throughout the organization to assess organizational information security risks and identify paths forward in mitigating or remediating those risks.
• Responsible for network security and logging.
• Stays up to date on emerging threats, industry issues and trends, and the global information security landscape.
• Maintains working knowledge of, and recommends changes to, information security policies.
• Participates in external security assessments and penetration testing.
• Participates in the development and testing of business continuity and incident response plans.
• Performs regular vulnerability scans, reviews findings, and remediates as needed.
• Works with internal and external auditors to document, test, and validate various IT controls.
• Creates documentation related to policies, processes, and systems owned by the Cybersecurity team.
• Provides on site or remote access diagnoses and resolution to IT security problems by responding to service desk requests and planned work requests.
• Manages low to medium complexity service requests through resolution or escalation to another team member by performing work in a manner that minimizes disruption to existing business use.
• Effectively communicates changes to the organization or relevant parties as needed.
• Administers the security awareness training and internal simulated phishing campaigns.
• Administers the following: Vulnerability management platform, Next-Gen Firewall(s) (NGFW), VPN, Host-based firewalls, Network-based Intrusion Detection and Intrusions Prevention system (NIDS/NIPS), Security Information and Event Management (SIEM) platform, Data Loss Prevention (DLP), Endpoint protection (Next-gen Anti-virus (NGAV), Endpoint Detection and Response (EDR/XDR), Host-based Intrusion Detection and Intrusion Prevention Systems (HIDS/HIPS).
• Contributes to team effort by promoting a culture of service and excellence.
• Performs other duties of a similar nature and level as assigned.

Requirements

• Associate degree in information technology or a related field to the area of assignment and two years of technology experience designing and maintaining IT security including networks, security, and hardware; or an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job.
• Maintain Security Identification Display Area (SIDA) clearance.
• Obtain and maintain position appropriate NIMS & emergency training.

Nice-to-haves

• Knowledge of Identity and Access Management
• Network Security
• Access Control Lists (ACL)
• Intrusion Detection and Prevention (IDS/IPS)
• Firewall administration
• Virtual Private Network (VPN)
• Risk Management
• Security Information and Event Management (SIEM)
• Vulnerability Management
• Security Framework(s)
• Payment Card Industry Data Security Standard (PCI-DSS)
• National Institute of Standards and Technology (NIST)
• Microsoft Active Directory and all associated tools
• File system access controls
• Endpoint security, including Windows, Linux, macOS, iOS, and Android
• Microsoft 365 Compliance and Security
• Azure Security

Benefits

• Competitive medical, dental, vision and life insurance coverage options.
• Health Savings Account, Dependent Care Flexible Spending Account and wellness programs.
• CVGAA offers a $0 premium medical plan option and does not charge a working spouse surcharge.
• Employer and employee contributions to KY Public Pension Authority retirement plan 401(k) and 457 options.
• Generous paid time off including 10 holidays a year.
• Employee Assistance Program.
• Tuition Reimbursement and Professional Development programs.
• Performance Reward Program.

Apply tot his job Apply To this Job