Mission: The mission of the Office of the Secretary of State is to exceed the expectations of our customers, the taxpayers, by operating at the highest levels of accuracy, cost-effectiveness, and accountability in a customer-centered environment.

Supervisor: Director of Information Technology

Summary: Responsible for information security risk management program in our Azure and AWS environments. Will work closely and collaborate with the State cyber team. Additionally identify, evaluate, and report on regulatory, IT, and cybersecurity risks to information assets while supporting and advancing business objectives. This position will need to have an understanding of both internal and external business environments to ensure our information systems are maintained in a fully secure manner in line with our compliance obligations. This position will further the understanding that securing information assets and associated technology, applications, systems, and processes in the wider ecosystem in which the organization operates is as important as protecting information within the organization's perimeter.

This role drives complex security design, development, and implementation activities aligned with several technologies including, but not limited to Active Directory, Radius, Windows security, Azure, and AWS implementations. This position is based in Nashville, TN. Local candidates will be considered first. 

Duties/Responsibilities

• Ensure authentication systems align with the company's Information Security policies, standards, and the industry best practices
• Design, deployment, and maintenance of enterprise Azure / AWS cyber security elements.
• Identify opportunities to innovate, extend, and enhance service delivery everywhere possible.
• Improve and maintain cloud security solutions for monitoring, vulnerability remediation, and incident response.
• Continually review and recommend improvements to operational processes and procedures.
• Apply engineering skills to help eliminate operational issues to improve operations.
• Triage incidents and follow standard change management practices while executing configuration changes.
• Continuously monitor cloud infrastructure and respond to security incidents
• Follow DevSecOps methodologies by automating security as much as possible.
• Play an active role in maintaining compliant infrastructure and policies.
• Track, report, and remediate outstanding incidents/issues.
• Maintain a commitment to professionally grow and share knowledge within the team.

Minimum Qualifications:

Education and Experience:

• Education equivalent to graduation from an accredited four-year college or university.
• 5 years of working experience with Azure and AWS Experience with Azure /Amazon Web Services Architecture/Infrastructure, and security
• CISSP Certification preferred

Knowledge and Abilities:

• Good understanding of cloud service architecture with emphasis on security in the cloud.
• Hands-on experience in automating Cloud Security Configurations, Monitoring, and Compliance
• Experience in patching OS, Application & Network vulnerabilities
• Knowledge of vulnerability scoring frameworks
• Experience with production workloads running in the cloud is a must
• A solid understanding of information security standards & Cloud Compliance requirements
• Hands-on security experience, with knowledge of security, scaling in the cloud
• Solid understanding of modern information security methodologies and standards
• Hands-on experience with logging and monitoring cloud infrastructure and identifying security threats
• Experience responding to security incidents in a timely and efficient manner
• Develop tools to automate security operations and enable more efficient discovery and resolution of operations security problems
• Will have considerable AWS, Azure, and Linux skills.
• Excellent verbal and writing skills and the ability to communicate effectively with all levels
• Deep understanding of network protocols such as BGP, OSPF, TCP, and DNS
• Detailed understanding and hands-on experience working with AWS and Azure Networking components, Transit Gateway, Virtual Gateway, Internet Gateway, VPC, Shared VPC, ELB, NLB, Flow logs, Web Application Firewalls, and Route53
• Knowledge and hands-on management of Palo Alto Firewall appliances
• Ability to design and support secure networks within and across accounts in AWS and Azure.
• Experience developing and applying Access Control Lists and Security Groups to protect virtual assets and services.
• Strong analytical skills to solve complex problems with multiple variables

Physical Requirements

• Requires normal visual acuity and field of vision, hearing, and speaking.
• Ability to move and lift objects 35 pounds or more.

Health, safety, and collections security

• Assist the organization in creating a safe and healthy working environment by working safely with the equipment provided.
• Follow instructions given for health and safety purposes and immediately report any unsafe working practices or hazardous working conditions.
• Take whatever measures are necessary to protect materials, property, and/or the collections from loss, mutilation, or theft.

Salary: Commensurate with experience and State of Tennessee benefits package. Please include your salary requirements in your cover letter.
This position is based in Nashville, TN. Local candidates will be considered first.