Metropolitan Water Reclamation District of Greater Chicago

IT Security Administrator (#20004315)


General Statement

Ensures the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans and troubleshooting. This position also analyzes and resolves security breaches and vulnerability issues in a timely and accurate fashion, and conducts user activity audits where required.

Essential Job Functions

Essential job functions are fundamental, core functions common to positions in a classification. They are not intended to be an exhaustive list of all job duties for any one position in the class. Since class specifications are designed to be descriptive and not restrictive, incumbents may complete one or all of the job duties listed or tasks of similar kind not specifically listed here.

  • Assists in planning and coordinating computer security measures with Information Technology staff and District management; conducts security testing as needed.
  • Maintains and updates policies, programs and procedures outlining the District-wide computer security program.
  • Monitors and analyzes use of the computer network; conducts investigations related to violations of computer policies and other computer-related incidents.
  • Monitors and enforces software license compliance; ensures compliance with information technology reporting requirements such as GASB-51.
  • Assists in managing user accounts administration for SAP; develops SAP security documentation.
  • Designs, performs, and/or oversees penetration testing of all systems in order to identify system vulnerabilities.
  • Monitors server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity; interprets activity and makes recommendations for resolution.
  • Keeps current with emerging security alerts and issues.
  • Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
  • Manages connection security for local area networks, the District’s Web site, intranet, and e-mail communications.
  • Recommends, schedules (where appropriate), and applies fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
  • Downloads and tests new security software and/or technologies.
  • Performs system backups.
  • Provides on-call security support to end-users.
  • Manages and/or provides guidance to IT Security Analysts and other members of the team.

Other Job Functions

  • Provides after hours and weekend support when required.
  • Performs other duties as assigned.

Environmental Conditions

Work is performed in a typical office environment and requires the use of standard office equipment including computers.

Desirable Knowledge, Skills and Abilities

  • Thorough knowledge of computer operating systems, programming languages and database management.
  • Thorough knowledge of computer security systems and internal controls.
  • Knowledge of information security frameworks, standards and regulations.
  • Knowledge of the principles and methodologies relating to systems analysis and systems design.
  • Knowledge of applicable practices and laws relating to data privacy and protection.
  • Working technical knowledge of current systems software, protocols and standards.
  • Ability to develop security requirements aligned with business needs.
  • Ability to communicate effectively, orally and in writing.

Minimum Qualification Requirements

Graduation from a four-year accredited college or university majoring in information technology, computer science or a closely related field and four years of experience in developing, implementing and/or administering system security standards and procedures.

Substitution

Graduate study in computer science or a closely related field may be substituted for the required experience on a year-for-year basis to a maximum of two years. Full-time paid experience in developing, implementing and/or administering system security standards and procedures may be substituted for the required education on a year-for-year basis. A CISSP certification may be substituted for one year of the required education or experience.

Promotional Requirement

  • Two years of service with the District as an IT Security Analyst or IT Support Coordinator.
  • Civil service status in one of the foregoing classifications.

CLASS: 20004315; EST: 1/1/2016; REV: ;