Security Engineering Information Technology Apprentice/Infrastructure Specialist Associate

What You'll Do

Works under immediate supervision & requires some knowledge of information technology in order to assist Office of Information Security and Privacy staff for assigned program area during rotation:

Security Engineering

• Assists in providing support, administration, and maintenance necessary to ensure effective and efficient information security systems
• Assists in conducting technology assessment and integration process
• Provides and supports a prototype capability and/or evaluates its utility
• Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions
• Provides guidance to customers about applicability of information systems to meet business needs
• Assists to develop and conduct test of systems to evaluate compliance with specification and requirements by applying principles and methods for cost-effective planning, evaluation, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.
  
  

Security Incident Response Team

• Assists in investigation of cybersecurity events related to information technology (IT) systems, networks, and digital evidence
• Assists to identify, analyze, and mitigate threats to internal information technology (IT) systems, and/or networks
• Assists to test, maintain, and review infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and re-sources
• Monitors network to actively remediate unauthorized activities.
• Assists in the response to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats.
• Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security
  
  

Risk and Compliance

• Assists in performance of security reviews, to identify gaps in security architecture, and develop a security risk management plan
• Assists in reviewing authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network
• Assists with review of qualifications of the cloud service providers to thoroughly vet cloud vendors
• Assists in performing risk analysis (e.g., threat, vulnerability, and probability of occurrence) on new systems and applications for initial installations and major updates
  
  

Vulnerability Management

• Assists in conducting assessments of threats and vulnerabilities; determining deviations from acceptable configurations, enterprise or local policy; assessing the level of risk and determining appropriate mitigation countermeasures in operational and nonoperational situations
• Assists in the measuring the effectiveness of defense-in-depth architecture against known vulnerabilities
• Supports penetration testing on networks, systems or elements of systems
• Assists to identify systemic security issues based on the analysis of vulnerability and configuration data
• Assists in the preparation of vulnerability reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
  
  

Minimum Qualifications

Apprentice: 1 course or 2 months experience in Information Systems/Information Technology, or a related field including but not limited to: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network,

IT Security and Help Desk/Customer Support

Associate: 18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining,

configuring, upgrading, &/or administering/operating a single technology domain.

• Or successful completion of IT Apprenticeship program at designated agency.
• Or completion of associate core program in computer science or information systems
  
  

Knowledge Of

• Computer hardware and software
• Ticketing software (e.g. Service Now) *
• Customer Service techniques and standards*
• State IT policies, procedures and applicable laws *
• Operations and processes for diagnosing common or recurring system problems*
• Computer Network Defense and vulnerability assessment tools, including open source tools, and their capabilities*
• Current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities*
• Database procedures used for querying security tools to gather information *
• Classes of attacks (e.g., passive, active, insider, close-in, distribution, etc.)*
• Different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored])*
• Electronic devices (e.g., computer systems/components, access control devices, digital cameras, electronic organizers, hard drives, memory cards, modems, network components, printers, removable storage devices, scanners, telephones.
• How traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI)*
• Incident response and handling methodologies*
• System and application security threats and vulnerabilities*
• Personally Identifying Information (PII)
• System and application security threats and vulnerabilities*
• Operations and processes for diagnosing common or recurring system problems*
• Principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence*
• Organization's core business/mission processes*
  
  

Skill In

• Technical writing and documentation practices (e.g standard operating procedures, training documents, work flow diagrams) *
• Reading/verbal comprehension (i.e. comprehend and apply written & verbal instructions)
• Operating PC Hardware and Software (e.g. MS Word, Excel, PPT, Outlook)
• Critical thinking (i.e. impact analysis, troubleshooting)
• Conducting open source research for troubleshooting network and client-server issues*
• Basic operation of computers
• Using network analysis tools to identify vulnerabilities*
• Preserving evidence integrity according to standard operating procedures or national standards*
• Securing network communications*
  
  

Abilities

• Communication (e.g. Oral, Written, Active Listening)
• Problem sensitivity/problem solving
• Time Manage (e.g. organization and prioritization)
• Active learning
• Match the appropriate knowledge repository technology for a given application or environment*
• Identify systemic security issues based on the analysis of vulnerability and configuration data*
• Accurately define incidents, problems, and events in the trouble ticketing system*
• Apply techniques for detecting host and network-based intrusions using intrusion detection technologies*
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)*
• Share meaningful insights about the context of an organization’s threat environment that improve its risk management posture*
• Developed after employment
  
  

Organization

Administrative Services

Agency Contact Name and Information

Alexis Hill (Alexis.Hill@das.ohio.gov)

Unposting Date

May 12, 2026, 11:59:00 PM

Primary Location

United States of America-OHIO-Franklin County-Columbus

Compensation

$24.16-$25.77

Schedule

Full-time

Classified Indicator

Classified

Union

OCSEA

Technical Skills

Information Technology, Cybersecurity

Professional Skills

Attention to Detail, Critical Thinking

Primary Technology

Not Applicable

Agency Overview

• This posting may be used to fill multiple openings*
  
  

About Us

The Ohio Department of Administrative Services (DAS) takes great pride in its work to support the priorities of the DeWine-Tressel administration to ease access for those doing business with the state, secure state data and technology resources, and create efficiencies for our state government partners while keeping costs in check.

DAS is the engine of state government, providing innovative solutions and supporting the efficient operation of state agencies, boards, and commissions. DAS program areas serve our Ohio government customers, who in turn directly serve the interests of Ohioans. We help procure goods and services, deliver information technology and mail, recruit and train personnel, promote equal access to the state workforce, lease and manage office space, process payroll, print publications, and perform a variety of other services.

The Office of Information Security and Privacy  supports the productivity, innovation, and organizational objectives of the state in providing secure services to the people of Ohio. We provide technology, policies, standards, architecture, information, and solutions to enhance the privacy and security of Ohio's data and systems.