$25.70-$45.16 Hourly / $53,456.00-$93,932.00 Yearly
Salary Grade: 715
This position is responsible for actively upholding the City’s stated mission and values. This position is also responsible to support and administer the City’s information security program and management infrastructure that ensures technology risks are identified and managed according to established risk policies and guidelines.
Regulatory compliance: PCI, HIPPA, CJIS, FTC Red Flags Rule.
Work is widely varied, involving analyzing and evaluating many complex and significant variables. City-wide policies, procedures, or precedents may be developed and recommended.
Configuring security systems, analyzing security requirements, and recommending improvements. Monitoring network traffic for suspicious behavior. Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.
Receive alerts and updates from agencies and respond with the appropriate action.
Meet with team/staff to share information, meetings with management, cross-training.
Work on projects regarding life-cycle, new systems, and software, other proposed department improvements.
Knowledge of, or ability to learn, policies, procedures, and guidelines established by professional organizations
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution, etc.)
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
Knowledge of penetration testing principles, tools, and techniques (e.g., Metasploit, Neosploit, etc.)
Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth)
Skill in talking to others to convey information effectively
Skill in analyzing and organizing technical dataSkill in using computer applications including spreadsheet, database, and word processing software
Skill in the use of social engineering techniques
Ability to process information logically
Ability to analyze, organize, and prioritize work while meeting multiple deadlines
Ability to develop, interpret, and evaluate policies and procedures
EDUCATION LEVEL & TYPE: Bachelor’s degree from an accredited college or university with major course work in computer information systems, business administration, public administration or a degree related to the core functions of this position
Five (5) to Seven (7) years of professional-level experience in computer network and IT systems security associated with a large organization. One year of experience administering security-specific hardware required.
This position operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, and fax machines.
This position would require the ability to Sit, Stand, Bend, Reach, View Monitors, Use Repetitive Motions, as well as Talking, Listening, Customer/Client Contact.
FLSA Status: Exempt
Occupational Group Code: 06
Occupational Group Description: Data Processing
EEO Job Category Code: B
EEO Job Category Description: Officials and Administrators
Organizational Level: Administrator/Program Officer
Bargaining Unit: No Representation
Driving Level: Incidental
License Type: Valid and Unrestricted Class D – Driver
CDL Endorsements: No
Safety Sensitive (driving requirement): No
This description is not intended to limit or in any way, modify the right of management to assign, direct, and control the work of employees under supervision. The listing of duties and responsibilities shall not be held to exclude other duties not mentioned that are of similar kind or level of difficulty. They are intended to describe the general nature and level of work being performed by individuals assigned to this position.
We are an Equal Opportunity Employer.