Job ID: NC-679016 (95090405)
Security Analyst with Active Directory, DNS, DHCP, GPO, PKI, Azure, SIEM, firewalls, IDS/IPS, vulnerability scanners, antivirus, DLP, TCP, UDP, SSH, SSL, networking, WireShark, MetaSploit, ISO, PCI, HIPAA and NIST experience
Location: Raleigh, NC
Duration: 6 months
Interview : Webcam Interview Only
REQUIRED SKILLS/EXPERIENCE :
Enterprise domain experience is a mustRequired3Years
Knowledge of Active Directory, DNS, DHCP, GPO, PKIRequired3Years
Experience with cloud environments such as AzureRequired3Years
Experience implementing, maintaining, and operating a variety of SIEM tools, firewalls, IDS/IPS, vulnerability scanners, antivirus, DLP, etcRequired3Years
Experience in all phases of cyber incident responseRequired3Years
Experience in incident response process development and executionRequired3Years
Understanding of networking concepts and configurationsRequired3Years
Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.)Required3Years
Demonstrated knowledge with Endpoint protection solutionsRequired3Years
Expert understanding of varying security applications (WireShark, MetaSploit, etc.)Required3Years
Understanding of common security frameworks (ISO, NIST)Required3Years
Understanding of varying industry data security standards (PCI, HIPAA, etc.)Required3Years
Strong understanding of parsing, analyzing and identifying events through security logsRequired3Years
Strong written and verbal communications skills including the ability to influence and delegateRequired3Years.
The City of Raleigh is seeking an individual with good security acumen, an understanding of current technology/processes, and a positive mindset for our Enterprise IT Security Engineer position.
The City of Raleigh is seeking an individual with good security acumen, an understanding of current technology/processes, and a positive mindset for our Enterprise IT Security Engineer position. The individual should also be able to provide operational and tactical direction.
This position provides centralized coordination, administration and support for the many elements of a distributed security infrastructure operated by the City IT organization. In this role you will use and apply the knowledge of various technologies to help the City meet its business requirements in a secure manner while managing risk. The Enterprise IT Security Engineer is responsible for assessing information risk and facilitating remediation of identified vulnerabilities & risk across the organization. Acts as a technical resource to associates, department managers, and others within the organization who are seeking more information about information security.
The position reports directly to the Chief Information Security Officer and works closely with teams within the Information Technology department as well as other departments throughout the city. This includes business capability owners, application development, technology support and operations to provide guidance on the compliance and protection of the City of Raleigh information assets. Participate in the planning, design, installation, maintenance, and operation of security systems in support of security policies. Work with Information Technology staff and business units to assess risk and address security issues.
The IT Department plays a major role in the City’s recognition for innovation. The department has recently won the following awards:
•2019 Drexel LeBow Analytics 50 Award for analytics innovation
•2019 IDC Smart Cities North America Award for Urban Planning and Land Use
Raleigh is recognized frequently in the national media for a variety of measures of the health of our community. Some of those accolades include:
•Third Best City to Work In (Fortune, 2019)
•Third Best State Capital in Which to Live (WalletHub, 2019)
•Second Place in Livability.com’s 2019 Top 100 Best Places to Live
The City employs more than 4,100 staff across 20 departments to support its nearly 490,000 residents and is consistently ranked as one of the top locations in the nation to live, work and play.
Essential Duties and Responsibilities (Not intended to be all inclusive)
•Work within our existing security technology portfolio to report violations, implement security improvements, evaluate trends and anticipate requirements.
•Engage in day-to-day support of the customers, partners, and systems involved in various organizational processes.
•Responsible to monitor and detect risks to the organization, identify sources and methods of attack, locate and preserve electronic evidence as needed.
•Will analyze, recommend, develop, implement and maintain systems and processes that protect business and client information.
•Be a key member of the cyber incident response team
•Manage, maintain, operate, and analyze a comprehensive suite of enterprise security tools to ensure the establishment and maintenance of the desired security posture.
•Ensure that the Antivirus platform is properly maintained and that all enterprise computers and devices have proper protection, signatures, and revisions. This includes evaluation of current policy sets and modification where needed to improve security posture or system performance, and responding to incidents and events reported by the system
•Configure and maintain email security settings. This includes the profiles that dictate permitted flows, including blocked domains, blocked file types, and banner / appended messages.
•Work within Cisco Umbrella to manage policies and evaluate effectiveness related to client and server DNS protection.
•Monitor and analyze access management technology and processes as part of an enterprise cyber security program.
•Develop and maintain access management reports and processes to identify access events, exceptions, or trends which require investigation, remediation, or mitigation.
Education and Experience :
Bachelor’s degree in information technology or directly related field and five years of professional experience in area related to assignment.
OR
An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above, unless otherwise subject to any other requirements set forth in law or regulation.
Licensing/Certifications
•Valid North Carolina Driver’s License.
•Professional certifications (such as CISSP, CISM, CISA, GIAC) desirable
•OEM product certifications desirable
Preferred Qualifications and Experience
•Enterprise domain experience is a must
•Knowledge of Active Directory, DNS, DHCP, GPO, PKI
•Experience with cloud environments such as Azure
•Experience implementing, maintaining, and operating a variety of SIEM tools, firewalls, IDS/IPS, vulnerability scanners, antivirus, DLP, etc
•Experience in all phases of cyber incident response
•Experience in incident response process development and execution
•Understanding of networking concepts and configurations
•Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.)
•Demonstrated knowledge with Endpoint protection solutions
•Expert understanding of varying security applications (WireShark, MetaSploit, etc.)
•Understanding of common security frameworks (ISO, NIST)
•Understanding of varying industry data security standards (PCI, HIPAA, etc.)
•Strong understanding of parsing, analyzing and identifying events through security logs
•Strong written and verbal communications skills including the ability to influence and delegate
Knowledge of:
•Supervisory principles, practices and techniques (based on assignment)
•Techniques and methods for organizing, prioritizing, assigning and monitoring work (based on assignment)
•Practices and methods of coaching and leading the work of others (based on assignment)
•Software application, programming language and system functionality related to area of assignment
•Application software development and maintenance practices and methods
•Principles and practices of program administration and management
•Principles and applications of critical thinking and analysis
•Principles and methods of qualitative and quantitative research
•Best practices, trends and emerging technologies
•Project management principles
•Modern budget practices
•Applicable federal, state and local laws, codes, regulations (based on assignment)
•Customer service principles
•Specialized equipment relevant to area of assignment
•Modern office technology.
Skill In:
•Supervising and evaluating staff performance (based on assignment)
•Training and coaching staff (based on assignment)
•Developing and maintaining applicable code based on technical specifications
•Overseeing the implementation and adherence to quality assurance and standards
•Gathering data, analyzing findings and applying logic and reason
•Researching industry trends, solutions and best practices
•Interpreting, monitoring and reporting data and statistics.
•Monitoring project schedules, status and compliance
•Organizing and maintaining technical and process documentation, schedules, records and files
•Exercising political acumen, tact and diplomacy
•Coordinating deadlines, prioritizing work demands and assigning/monitoring work performed
•Working effectively under pressure, with multiple deadlines and changing priorities
•Authoring and preparing original reports, technical documents and presentations
•Facilitating group discussions and building consensus using persuasive reasoning
•Interpreting and applying applicable laws, codes, regulations and standards (based on assignment)
•Providing customer service
•Utilizing a computer and relevant software applications
•Utilizing communication and interpersonal skills as applied to interaction with coworkers, supervisors, the general public and others to sufficiently exchange or convey information and to receive work direction