JOB
A successful candidate will play an active role in the City of College Park’s existing operational success. The purpose of this position is to ensure information security controls are prioritized and maintained when users and/or vendors require access to internal databases/applications.
EXAMPLE OF DUTIES
Independent judgment is required to identify, select and apply the most appropriate available guidelines and procedures as well as interpret precedents. This is a highly technical hands-on position responsible for implementing processes and methods for auditing and addressing non-compliance with IT security standards and facilitating the migration of non-compliant environments to compliant environments. The IT security administrator will participate in the planning and implementation of security requirements for IT projects and make recommendations for security applications to assist with the implementation of changes to work methods and procedures, making them more effective to strengthen security measures.Facilitate and promote activities to create information security awareness within the organization including matters of strict confidence. Includes preparation of complex computer spreadsheets.Perform information security risk assessments regarding security issues and after-action reviews as appropriate.Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager. Monitor the internal control systems to ensure that appropriate access levels are maintained.Continue to develop skills, knowledge, and ability to improve processes and procedures as well as to keep updated on trends and developments in the industry. This includes meeting annual personal development goals.Maintain information security policies and procedures to ensure security strategies are followed to meet the organizational security goals and standards.Identify and resolve risks following the Organization’s security risk assessment processes.Document all security policies and promote activities and procedures to create a general awareness of the significance of security within the Organization.Review system security plans implemented throughout the entire network of the Organization and uphold the responsibilities of an information security professional.Act as a liaison to the city for IT security-related topics and monitor compliance with security standards. Direct unsolved issues to the appropriate stakeholders/system owners.Monitor the internal controlling systems to ensure accessibility whenever it is required by the users.Report information security incidents as per the incident response policy and manage RCA and remediation, as directed by the Chief Information Officer. Manages Incident response plansCoordinate all the IT maintenance window activities along with change control procedures. Facilitate information security programs as needed and when instructed by the Chief Information Officer.Perform vulnerability scanning on critical systems regularly and report gaps to appropriate team leads.Collaborate with teams to provide subject matter expertise on the security of servers, applications, and networks. Performs other administrative duties as required. The omission of specific duties does not preclude the supervisor from assigning duties that logically relate to the position.
SUPPLEMENTAL INFORMATION
A Bachelor’s degree in Computer Science, Information Systems, or a related field and/or any equivalent combination of training, education, and experience. A minimum of 5 years of information technology work experience. Experience desired in areas such as systems security analyst, network and/or systems administration, computer operations and user support, etc.Must have proven proficiency with Microsoft Active Directory Management, Group Policy Object management, GPO development, testing, implementation, and troubleshooting.Windows Server 2016, 2019 Administration, and understanding of Windows Event Management experience is required. Networking and Next Gen Firewall experience highly desired. Knowledge of host hardening, auditing, logging, and monitoring, network security, security analytics, anomaly detections, etc.Information security certifications (e.g., CISSP, CISA, etc.) are preferred. Would accept Sec with demonstratable progress with an advanced IT security certification. Experience with change management preferred.Experience in communicating with diverse communities, and in establishing and maintaining cooperative working relationships.Proficiency in MS Office Suite, as well as knowledge and understanding of the organizational structure, workflow, and operating procedures.Extensive hours and weekends will be required at times.Pre-Employment screening is required: criminal background check and drug testing.