Douglas County Sheriff's Office
Senior Endpoint Cybersecurity Engineer
Douglas County Sheriff's Office, Castle Rock, Colorado, United States, 80104
Senior Endpoint Cybersecurity Engineer
Employment Type:
0 - Full-time Regular Pay Range:
$108,823.00 - 163,235.00 Location:
Castle Rock, CO Overtime Exempt:
Y Elected Office / Department:
INFORMATION TECHNOLOGY
The Endpoint Cybersecurity Engineer is part of a team that performs three core functions for the County. The first is the day-to-day operations of the in-place security solutions. The second is the identification, investigation and resolution of security breaches detected by those systems. This person will ensure the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, and tracking suspicious computer activity. The third involves the day-to-day operations of the management toolsets we leverage for our endpoint environment, Microsoft Endpoint Configuration Manager and Microsoft Intune. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion and conduct user activity and vulnerability audits where required. This position also includes work that is strategic in nature related to the Cyber Security roadmap.
This person will also participate in the improvement of the overall County Cyber Security Program. This will include support of the County cyber training and new cyber software installations.
Generally, the hiring range is $99,223-$124,029 annually. Qualifications, education and experience as it relates to the position will be taken into consideration when determining hiring salary.
Yourfuture is important to us. Douglas County offers a comprehensive benefits package - including medical,dental, vision, and retirement plans - plus a wide range of additionalresources to support your health, growth, and overall well-being. View the full Employee Benefits Guide
View the full job description here
ESSENTIAL DUTIES AND RESPONSIBILITIES: (The following examples are illustrative only and are not intended to be all inclusive.)
Operational Management (60%)
Work with the IT operations team to maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.). Maintain operational configurations of all in-place security solutions as per the established baselines. Build and secure the task sequences used to deploy our endpoints. Secure our infrastructure by deploying 1st and 3rd party patches on a schedule. Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they be under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic activity. Incident/breach troubleshooting and remediation may require potential after hours' support. Participate in the design and execution of vulnerability assessments, penetration tests and security audits. Strategy & Planning (20%)
Participate in the planning and design of enterprise security architecture. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures). Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan. Assess need for any security reconfigurations (minor or significant). Review, manage, create and maintain policies and conditional access to protect County data. Conduct and present research on emerging products, services, protocols, and standards in support of security enhancement and development efforts. Build and present reports and dashboards demonstrating the Security state at the County. Participating in developing a security incident response plan and protocols. Acquisition & Deployment (20%)
Recommend, schedule, and perform security improvements and upgrades. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically. MINIMUM QUALIFICATIONS:
EDUCATION and/or EXPERIENCE:
A Bachelor's Degree in computer science or equivalent from an accredited college, university or technical school is required. Sufficient experience may be substituted for a degree. A minimum of five years' work experience in cyber security operational environment, IT risk management, IT Compliance, IT audit or similar field is required. A combination of education and experience may be considered.
CERTIFICATES, LICENSES, REGISTRATIONS: At least one current certification in Cyber Security (e.g., CISA, CISM, CISSP, and/or Security+) is required. Suitable experience and education may be considered in lieu of certifications.
ADDITIONAL INFORMATION:
Closing Date: 8/15/2025 5:59PM MST. Review of applications will begin immediately and continue until a suitable candidate is selected.
The job details outlined in this posting may represent amodified summary of the full job description. For a full copy ofthe job description CLICK HERE toview our job classifications.
In the event of an emergency/disaster in or near the County, all County employees are expected to make every effort to be available to assist the County Manager, Elected/Appointed Officials and Department Directors to ensure the continued operation of any and all necessary County functions. This may mean being available to perform additional duties and hours beyond what is normally required. In the event that an exempt employee does work more than 40 hours a week in support of County operations during an emergency, such employee may receive overtime or other appropriate wage compensation in accordance with existing County policies or at the discretion of the County.
Employment Type:
0 - Full-time Regular Pay Range:
$108,823.00 - 163,235.00 Location:
Castle Rock, CO Overtime Exempt:
Y Elected Office / Department:
INFORMATION TECHNOLOGY
The Endpoint Cybersecurity Engineer is part of a team that performs three core functions for the County. The first is the day-to-day operations of the in-place security solutions. The second is the identification, investigation and resolution of security breaches detected by those systems. This person will ensure the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, and tracking suspicious computer activity. The third involves the day-to-day operations of the management toolsets we leverage for our endpoint environment, Microsoft Endpoint Configuration Manager and Microsoft Intune. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion and conduct user activity and vulnerability audits where required. This position also includes work that is strategic in nature related to the Cyber Security roadmap.
This person will also participate in the improvement of the overall County Cyber Security Program. This will include support of the County cyber training and new cyber software installations.
Generally, the hiring range is $99,223-$124,029 annually. Qualifications, education and experience as it relates to the position will be taken into consideration when determining hiring salary.
Yourfuture is important to us. Douglas County offers a comprehensive benefits package - including medical,dental, vision, and retirement plans - plus a wide range of additionalresources to support your health, growth, and overall well-being. View the full Employee Benefits Guide
View the full job description here
ESSENTIAL DUTIES AND RESPONSIBILITIES: (The following examples are illustrative only and are not intended to be all inclusive.)
Operational Management (60%)
Work with the IT operations team to maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.). Maintain operational configurations of all in-place security solutions as per the established baselines. Build and secure the task sequences used to deploy our endpoints. Secure our infrastructure by deploying 1st and 3rd party patches on a schedule. Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they be under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic activity. Incident/breach troubleshooting and remediation may require potential after hours' support. Participate in the design and execution of vulnerability assessments, penetration tests and security audits. Strategy & Planning (20%)
Participate in the planning and design of enterprise security architecture. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures). Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan. Assess need for any security reconfigurations (minor or significant). Review, manage, create and maintain policies and conditional access to protect County data. Conduct and present research on emerging products, services, protocols, and standards in support of security enhancement and development efforts. Build and present reports and dashboards demonstrating the Security state at the County. Participating in developing a security incident response plan and protocols. Acquisition & Deployment (20%)
Recommend, schedule, and perform security improvements and upgrades. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically. MINIMUM QUALIFICATIONS:
EDUCATION and/or EXPERIENCE:
A Bachelor's Degree in computer science or equivalent from an accredited college, university or technical school is required. Sufficient experience may be substituted for a degree. A minimum of five years' work experience in cyber security operational environment, IT risk management, IT Compliance, IT audit or similar field is required. A combination of education and experience may be considered.
CERTIFICATES, LICENSES, REGISTRATIONS: At least one current certification in Cyber Security (e.g., CISA, CISM, CISSP, and/or Security+) is required. Suitable experience and education may be considered in lieu of certifications.
ADDITIONAL INFORMATION:
Closing Date: 8/15/2025 5:59PM MST. Review of applications will begin immediately and continue until a suitable candidate is selected.
The job details outlined in this posting may represent amodified summary of the full job description. For a full copy ofthe job description CLICK HERE toview our job classifications.
In the event of an emergency/disaster in or near the County, all County employees are expected to make every effort to be available to assist the County Manager, Elected/Appointed Officials and Department Directors to ensure the continued operation of any and all necessary County functions. This may mean being available to perform additional duties and hours beyond what is normally required. In the event that an exempt employee does work more than 40 hours a week in support of County operations during an emergency, such employee may receive overtime or other appropriate wage compensation in accordance with existing County policies or at the discretion of the County.