Ohio
Agency Information Security Professional 1 (20101539)
Ohio, Columbus, Ohio, United States, 43224
Location TBD
The full performance level class works under general supervision and requires considerable knowledge of electronic data processing, computer science and systems analysis to configure, support and monitor enterprise security tools such as endpoint protection, Security Information and Event Management (SIEM), Intrusion Detection Systems (IDS) to safeguard State assets against malicious activity
Characterize and monitor network traffic to identify anomalous activity and potential threats to network resources and analyze identified malicious activity to determine weaknesses exploited, exploitation methods and effects on system and information
Evaluate and support documentation, validation and accreditation processes necessary to assure that new IT systems meet organization’s information assurance and security requirements and/or support security audit activities and review security logs to validate access levels and activity
Supports vulnerability scanning, remote support software and packet capture to ensure endpoints are patched and updated
Responds to alerts of malicious activity and work with OISP as a member of the agency Security Point of Contact (SPOC) team
Support the development of tools and assist with responses, and help support training for the agency Security Incident Response Team (SIRT) Works with IT Security Operations Team to evaluate solutions to meet organization’s information assurance and security requirements
Creates documentation for security initiatives
Works with inter-agency contacts to develop solutions for agency initiatives
Safeguards the organization's information assets and ensures confidentiality, integrity, and availability of systems and data
Assists in the development, implementation, and maintenance of the enterprise-wide information security program
Provides input in the creation and enforcement of information security policies, standards, and guidelines
Ensures security policies align with industry’s best practices and regulatory requirements
Assists with promoting security awareness by helping staff with understanding security policies and best practices
Provides input with risk assessments that identifies vulnerabilities and assesses the potential impact on the organization
Collaborates with various teams to develop and implement risk mitigation strategies
Participates in the development and execution of incident response plans Analyzes and responds to security incidents, providing timely resolution and analysis
Monitors and manages vulnerability scanning tools
Coordinates remediation efforts and ensure timely closure of identified vulnerabilities
Ensure compliance with relevant laws, regulations, and industry standards
Assists in preparing for and participating in audits and assessments Monitors security alerts and incidents
Analyzes and responds to security events
Proactively utilizes security information and event management (SIEM) systems
Maintains comprehensive documentation related to security policies, procedures, and incidents
Provides regular reports on the status of the information security program Functions as mentor and primary contact for Security Analyst, Apprentice, and/or interns assigning work, developing, and assigning training, developing work structure and tasks for security initiatives, and evaluating deliverables
Stays current regarding new technologies in area of IT assigned
36 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or completion of associate core program in computer science; 18 mos. trg. or 18 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or completion of undergraduate core program in computer science; 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or 12 mos. exp. as Information Technology Apprentice, 69910; successful completion of Ohio Cyber Apprenticeship program; additional 12 mos. trg. or exp. in Information Systems/Information Technology with a focus in one of the following areas: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, or IT Security. -Or equivalent of Minimum Class Qualifications for Employment noted above. Note: The Ohio Cyber Apprenticeship program is a program offered by the Department Administrative Services. 2000 hrs. of on-the-job experience and 200 certified instructional credits must be earned in order to complete this program. Job Skill: Cybersecurity
#J-18808-Ljbffr
The full performance level class works under general supervision and requires considerable knowledge of electronic data processing, computer science and systems analysis to configure, support and monitor enterprise security tools such as endpoint protection, Security Information and Event Management (SIEM), Intrusion Detection Systems (IDS) to safeguard State assets against malicious activity
Characterize and monitor network traffic to identify anomalous activity and potential threats to network resources and analyze identified malicious activity to determine weaknesses exploited, exploitation methods and effects on system and information
Evaluate and support documentation, validation and accreditation processes necessary to assure that new IT systems meet organization’s information assurance and security requirements and/or support security audit activities and review security logs to validate access levels and activity
Supports vulnerability scanning, remote support software and packet capture to ensure endpoints are patched and updated
Responds to alerts of malicious activity and work with OISP as a member of the agency Security Point of Contact (SPOC) team
Support the development of tools and assist with responses, and help support training for the agency Security Incident Response Team (SIRT) Works with IT Security Operations Team to evaluate solutions to meet organization’s information assurance and security requirements
Creates documentation for security initiatives
Works with inter-agency contacts to develop solutions for agency initiatives
Safeguards the organization's information assets and ensures confidentiality, integrity, and availability of systems and data
Assists in the development, implementation, and maintenance of the enterprise-wide information security program
Provides input in the creation and enforcement of information security policies, standards, and guidelines
Ensures security policies align with industry’s best practices and regulatory requirements
Assists with promoting security awareness by helping staff with understanding security policies and best practices
Provides input with risk assessments that identifies vulnerabilities and assesses the potential impact on the organization
Collaborates with various teams to develop and implement risk mitigation strategies
Participates in the development and execution of incident response plans Analyzes and responds to security incidents, providing timely resolution and analysis
Monitors and manages vulnerability scanning tools
Coordinates remediation efforts and ensure timely closure of identified vulnerabilities
Ensure compliance with relevant laws, regulations, and industry standards
Assists in preparing for and participating in audits and assessments Monitors security alerts and incidents
Analyzes and responds to security events
Proactively utilizes security information and event management (SIEM) systems
Maintains comprehensive documentation related to security policies, procedures, and incidents
Provides regular reports on the status of the information security program Functions as mentor and primary contact for Security Analyst, Apprentice, and/or interns assigning work, developing, and assigning training, developing work structure and tasks for security initiatives, and evaluating deliverables
Stays current regarding new technologies in area of IT assigned
36 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or completion of associate core program in computer science; 18 mos. trg. or 18 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or completion of undergraduate core program in computer science; 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. -Or 12 mos. exp. as Information Technology Apprentice, 69910; successful completion of Ohio Cyber Apprenticeship program; additional 12 mos. trg. or exp. in Information Systems/Information Technology with a focus in one of the following areas: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, or IT Security. -Or equivalent of Minimum Class Qualifications for Employment noted above. Note: The Ohio Cyber Apprenticeship program is a program offered by the Department Administrative Services. 2000 hrs. of on-the-job experience and 200 certified instructional credits must be earned in order to complete this program. Job Skill: Cybersecurity
#J-18808-Ljbffr