live chat
Security Engineer Job in Springfield, Ohio US

Security Engineer

Clark County - Springfield, OH

Posted: 6/1/2020 - Expires: 7/31/2020

Job ID: 218102773



Job Description

Applicants interested in the above named position should submit a letter of interest and a resume and an employment application to hr@clarkcountyohio.gov , or fax to (937) 328-2486, or mail or deliver to Springview Government Center, Attn: Personnel Office, 3130 E. Main St., Springfield, Ohio, 45505. Applications are available at the Clark County Commission Office, County Offices/Municipal Courts Building, 5th Floor, 50 E Columbia St., Springfield, Ohio 45502 or at Springview Government Center, Personnel Office, or online at http://www.clarkcountyohio.gov . Applicants needing accommodation in completing this application, please contact 937-521.2015. Applicants not submitting the three required documents will not be considered.

General Responsibilities:
Under the direction of the IS Director, the Security Engineer builds and maintains IT security solutions for the County and its technical infrastructure. In addition to performing duties relating to security for the County’s systems, the Security Engineer may be assigned special projects and be expected to handle any technical problems that arise, identify IT threats and software vulnerabilities, build and test robust security systems (e.g. firewalls) and serve as the “security point person” on policies & procedures. Act as departmental representative and liaison.

Essential Duties:
 Primary technical responsibility for all cyber security efforts and all cyber and IT security requirements
 Ensure compliance with state and local security policies and procedures
 Lead and manage cyber security projects, including security continuous monitoring and situation awareness, cyber security awareness & training, and cyber security assessment & authorization
 Identify / respond to cyber security incidents, supervising forensic investigations, and vulnerability assessments
 Develop and maintain and promote an enterprise-wide cyber security program
 Identify opportunities and develop cost-effective, high-quality cyber security services

Technical and security duties to include:
 Configure, install, monitor firewalls, intrusion detection and other security related systems
 Perform vulnerability testing, risk analyses and security assessments
 Develop automation technique and methods to handle and track incidents
 Investigate intrusion incidents, conduct forensic investigations and mount incident responses
 Collaborate with colleagues on authentication, authorization and encryption solutions
 Evaluate new technologies and processes that enhance security capabilities
 Test security solutions using industry standard analysis criteria
 Respond to information security issues during each stage of a project’s lifecycle
 Supervise cyber security changes in software, hardware, facilities, telecommunications and user needs
 Define, implement and maintain county security policies
 Analyze and advise on new security technologies and program conformance
 Recommend modifications in legal, technical and regulatory areas that affect IT security
 Advanced Persistent Threats (APT) detection and mitigation

Must demonstrate strong knowledge of the following:
 IDS/IPS, penetration and vulnerability testing
 Firewall and intrusion detection/prevention protocols
 Secure coding practices, ethical hacking and threat modeling
 Windows, UNIX and Linux operating systems
 Virtualization technologies
 MySQL/MSSQL database platforms
 Identity and access management principles
 Application security and encryption technologies
 Secure network architectures
 Computer networking principals including but not limited to:
 IPv4 and IPv6 Routing and Subnetting
 DNS
 Current Encryption technologies and standards
 VPNs
 VLANs
 VoIP
 Network routing (BGP, EIGRP, OSPF) etc.
 TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.
 Phishing and social engineering attack methods
 Network access controllers (NAC)
 Network and host based antimalware, endpoint protection, etc.
 Ability to create new ways to solve existing production security issues
 Security Principles, Threat Lifecycle Management, Incident Management & Lifecycle, familiarity with industry standards (NIST 800-53, 800-171, ISO 27001, etc.) and security operations best practices

Communication:
 Acts as liaison between IS Department and other departments
 Prepares written documentation and reports as needed

Requirements:

 Bachelor’s Degree or equivalent education in related field and demonstrated 6+ years’ experience working as an IT Security professional
 Valid driver’s license
 Must pass criminal background check
 Must currently possess a certification from the preferred experience and education section below
 Must maintain active security related certifications once obtained
 Demonstrated ability to present and discuss complex technical information in a way that establishes rapport, persuades others, and gains understanding and approval

Preferred Experience and Education:

 Certified Information Systems Security Professional (CISSP)
 Certified Ethical Hacker
 Cisco Certified Network Professional - Security
 GIAC Security Certifications (4xx and 5xx)
 Local, state and/or federal governmental work experience
 Advanced college degree in engineering, information technology or related area

Clark County is an Equal Opportunity/ADA Compliance Employer, M/F V/H
Clark County does not discriminate on the basis of race, color, national origin, ancestry, sex,
genetic information, sexual orientation, religion, age, disability or military status.

Job Summary


Employment Type:
Full Time Employee
Job type:
Regular Employment
Skill Based Partner:
No
Education Level:
Bachelor's degree
Work Days:
Mon, Tue, Wed, Thu, Fri
Job Reference Code
N/A
Salary
N/A
Licenses / Certifications:
N/A
Display Recommended WorkKeys®Recommended WorkKeys®:
Applied Math: 5
Graphic Literacy: 5
Workplace Documentation: 6