About the Department

Do you meet our minimum hiring standards?
Please check before applying.

Position Duties

IT Security Engineer I

• Perform level 1 application security functions;
• Design, implement and manage security tools and systems (IDS, IPS, VPN, WAF, DLP, Anti-Virus, Anti-Malware, honeypots, SEIM, Vulnerability Scanners, Web Proxies, Forensic toolkits, MFA, key management) in a heterogeneous computing environment that spans multiple physical and virtual data centers;
• Install, configure and maintain security controls such as intrusion detection systems, packet capture devices, data loss prevention tools, and other commercial off the shelf and open source security tools;
• Enhance the security posture of internal infrastructure and client-facing systems;
• Perform risk assessments, vulnerability management, penetration testing and patch management for Unix/Linux, Mac, Windows systems and web applications;
• Understanding of attack vectors, exploits, and hacking tools;
• Detect, investigate and recover from security incidents as well as assisting with incident response plans;
• Responsible for raising company-wide security awareness and monitoring information security related web sites and newsletters to stay up to date on current attacks and trends;
• Assist the Security Engineering Team with evaluation of new and emerging security tools and technologies;
• Maintain technical documentation;
• Consult team members on secure coding practices;
• Administer network and computing devices/systems that enforce security policies and audit controls in Windows and Unix based environment;
• Perform network traffic inspections, network traffic monitoring, and log analysis;
• Recommend the application of fixes, patches, and recovery procedures in the event of a security incident;
• Recommend software tools and/or other solutions for technical challenges involving IT Security processes.

• In addition to the above; 
• Management of all technical security equipment, including IDS/IPS devices, Data Loss Prevention equipment, web content filtering equipment, SEIM;
• Responding to alerts and investigating potential security incidents;
• Ensure that daily compliance tasks are completed in a timely fashion and tracked in the appropriate ticketing system;
• Perform access certifications and other identity and access management related tasks;
• Work closely with developmental operations and software engineering to proactively identify and fix security flaws and vulnerabilities;
• Knowledge in compliance procedures and protocols for Internal audit;
• Troubleshoot and repair issues with operating systems and security applications;
• Perform on-going security testing and code review to improve software security;
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities;
• Design, implement and maintain networking equipment including but not limited to Firewalls, Switches, Routers, etc.;
• Automate routine day-to-day tasks to reduce operational overhead;
• Create reports from various IT Security systems for the purpose of monitoring critical activities and providing security metrics to IT security management;
• Coordinate external assessment teams to complete audit and security assessments. 

• In addition to above;
• Conducts monthly security risk assessment meetings with the IT Operations team;
• Provide technical expertise and guidance for security tools that control and monitor information security;
• Design architecture to include the software, hardware, and communications to support the total requirements as well as provide for present and future cross-functional requirements and interfaces; 
• Responsible for developing high level system design diagrams;
• Ensures these systems are compatible and in compliance with the standards for open systems architectures, the Open Systems Interconnection (OSI) and International Standards Organization (ISO) reference models, and profiles of standards - such as Institute of Electrical and Electronic Engineers (IEEE) Open Systems Environment (OSE) reference model - as they apply to the implementation and specification of Information Management (IM) solution of the application platform, across the application program interface (API), and the external environment/software application; 
• Evaluates analytically and systematically problems of work flows, organization and planning and develops appropriate corrective action; 
• Assess and review current technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks;
• Conduct vendor risk assessments of critical vendors annually including questionnaires, follow up calls, creating assessment reports and remediation of findings.

• Performs related duties as required. 

Minimum Qualifications

IT Security Engineer I

• Bachelor’s degree from an accredited university in Computer Science or related field or equivalent combination of education and experience;
• Minimum of ten (10) years of experience in Information Technology;
• Minimum of three (3) years of experience in IT Security or Networking is required;
• Minimum of two (2) years of experience in scripting and automation is required;
• Experience in networking and scripting/automation is preferred;
• At least one professional certification required [Security +, OSCP, CISSP, CISM, GIAC, CISA, CCNP];
• Using enterprise vulnerability scanning tools;
• Familiarity with penetration testing techniques, tools, methodologies;
• Good understanding of network protocols and ability to perform network traffic analysis and packet inspection;
• Understanding of DDoS mitigation, and intrusion detection and preventions systems;
• Public and private cloud technologies; 
• Understanding of DevOps, CI/CD, and up and coming mechanisms for automation;
• Well versed in at least one leading scripting language: Python, Ruby, Perl, bash;
• Familiarity with Agile or other Software Development Lifecycle;
• Familiarity with Object-Oriented programming (languages such as C++, Java);
• Operating systems;
• Cryptographic solutions for data at rest, in transit, in use (SSL, PKI, IPSec, x509);
• Standards and Frameworks (NIST, ISO, PCI, SOX, PII, etc.).

• In addition to the above;
• Minimum of twelve (12) years of experience in Information Technology;
• Minimum of four (4) years of experience in IT Security or Networking is required;
• Minimum of three (3) years of experience in scripting and automation is required;
• Experience with monitoring IDS/IPS, AV, DLP, etc in a large enterprise environment;
   Understanding of security best practices, threats, mitigating techniques and the ever-evolving security landscape;
• Experience with firewalls, IDS and IPS systems, both commercial and open-source;
• An understanding of network design principles and common enterprise technologies.

• In addition to the above; 
• Minimum of fifteen (15) years of experience in Information Technology;
• Minimum of five (5) years of experience in IT Security or Networking is required;
• Minimum of four (4) years of experience in scripting and automation is required;
• Minimum eight (8) years’ experience as a Lead Security Engineer;
• Ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff; 
• Preferred: 
  • ITIL Certification
  • Microsoft Certification
  • PMP Certification
  • Unix certification.

• Must possess and maintain a valid driver’s license;
• Must pass a polygraph and background investigation;
• Must treat coworkers, users and the public with the utmost respect and regard for good public relations;
• This position has been designated safety sensitive and therefore the incumbent is subject to random drug testing;
• Working hours are generally dayshift Monday through Friday, but may vary with the needs of the County and may include evening or weekend work in the event of serious systems problems;
• The position is required to be on-call in order to perform the primary job responsibilities.

Other Qualifications

• Work is performed primarily in an office environment and the employee in this class is subject to inside environmental conditions;
• The employee must occasionally lift and/or move up to 40 pounds;
• Requires sufficient personal mobility and physical reflexes, which permits the employee to function in a general office environment to accomplish tasks.