Job ID: NC-603324 (99090816)
Security Analyst with Active Directory, DNS, DHCP, GPO, PKI, SSH, UDP, SSL, LogRhythm, Splunk, ArcSight, WireShark, MetaSploit, ISO, NIST, HiTrust, PCI, HIPAA and Endpoint protection experience
Location: Raleigh, NC (CoR-IT)
Duration: 6+ months
Interview: Both Phone and In Person
Skill Required / Desired Amount of Experience
Knowledge of Active Directory, DNS, DHCP, GPO, PKI. Desired 5 Years
Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.). Required 5 Years
Demonstrated knowledge in SIEM solution(s) (LogRhythm, Splunk, ArcSight, etc.). Desired 3 Years
Expert understanding of varying security applications (WireShark, MetaSploit, etc.). Required 5 Years
Understanding of common security frameworks (ISO, NIST, HiTrust). Required 5 Years
Understanding of varying industry data standards (PCI, HIPAA, etc.). Required 5 Years
Understanding of networking concepts and configurations. Required 5 Years
Demonstrated knowledge with Endpoint protection solutions. Required 5 Years
The City of Raleigh is seeking an individual with good security acumen, an understanding of current technology/processes, and a positive mindset for our Enterprise Information Technology (IT) Security Specialist position.
This position provides centralized coordination, administration and support for the many elements of a distributed security infrastructure operated by City IT. This position will use and apply the knowledge of various technologies to help the City meet its business requirements in a secure manner while managing risk. This position is responsible for assessing information risk and facilitating remediation of identified vulnerabilities & risk across the organization. Acts as a technical resource to associates, department managers, and others within the organization who are seeking more information about information security. The position reports to the Enterprise IT Security Manager and works closely with teams within the Information Technology department as well as other departments throughout the city. This includes business capability owners, application development, technology support and operations to provide guidance on the compliance and protection of the City of Raleigh information assets. Participate in the planning, design, installation, and maintenance of security systems in support of security policies. Work with Information Technology staff and business units to assess risk and address security issues.
Essential Duties and Responsibilities (Not intended to be all inclusive)
• Work within our existing security technology portfolio to report violations, implement security improvements, evaluate trends and anticipate requirements.
• Engage in day-to-day support of the customers, partners, and systems involved in various organizational processes.
• Responsible to monitor and detect risks to the organization, identify sources and methods of attack, locate and preserve electronic evidence as needed.
• Will analyze, recommend, develop, implement and maintain systems and processes that protect business and client information.
• Ensures that the Antivirus platform is properly maintained and that all enterprise computers and devices have proper protection, signatures, and revisions. This includes evaluation of current policy sets and modification where needed to improve security posture or system performance.
• Configure and maintain email security settings. This includes the profiles that dictate permitted flows, including blocked domains, blocked file types, and banner / appended messages.
• Work within Cisco Umbrella to manage policies and evaluate effectiveness related to client and server DNS protection.
• Develop, implement, and operate access management technology and processes as part of an enterprise cyber security program.
• Develop and maintain access management reports and processes to identify access events, exceptions, or trends which require investigation, remediation, or mitigation.
• Enterprise domain experience is a must.
• Knowledge of Active Directory, DNS, DHCP, GPO, PKI.
• Understanding of networking concepts and configurations.
• Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.).
• Demonstrated knowledge in SIEM solution(s) (LogRhythm, Splunk, ArcSight, etc.).
• Demonstrated knowledge with Endpoint protection solutions.
• Expert understanding of varying security applications (WireShark, MetaSploit, etc.).
• Understanding of common security frameworks (ISO, NIST, HiTrust).
• Understanding of varying industry data standards (PCI, HIPAA, etc.).
• Strong understanding of parsing, analyzing and identifying events through security logs.
Bachelor’s degree in information technology or directly related field and two years of professional experience related to assignment.
An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.
Certifications, Licenses, Registrations
• Proven history of being involved in ongoing learning and certifications tracks is beneficial. Security based certifications (CISSP, Security+, Cisco CCNA Security, etc.) are recommended but work experience and knowledge can substituted if adequate.