The Information Technology Department is seeking an experienced Security Administrator
with proven success in the realm of Cyber and Information Systems Security to join our Cyber Security Team.
The Information Technology Department is in the midst of transformational change and is working to reinforce the cyber security posture of the City by bringing on additional talent. The ideal candidate will have strong technical, analytical, and communication skills and a high degree of initiative. The diversity of business functions within the City makes for a dynamic work environment that is both challenging and rewarding. Security Administrators will interact regularly with co-workers in other Divisions of the IT Department, customer departments, external agencies, contractors, and citizens in conveying technical information. Therefore, a person in this position must be able to communicate courteously and effectively with both technical and non-technical individuals.
This position is responsible for actively upholding the City’s stated mission and values. This position is also responsible to support and administer the City’s information security program and management infrastructure that ensures technology risks are identified and managed according to established risk policies and guidelines.
Regulatory compliance: PCI, HIPPA, CJIS, FTC Red Flags Rule.
· Assists in the development and implementation of information security procedures, policies and system security plans.
· Responsible for conducting security and compliance audits, security audit log reviews, and comprehensive investigation and remediation of computer security incidents.
· Analyze existing practices and recommend new policies and procedures based on the dynamically changing information technology environment.
· Contributes to information system and application hardening configurations in accordance with the City’s cybersecurity standards.
· Run compliance and vulnerability scans on systems, analyze the findings, and work with IT Department teams to apply applicable remediation manually or via administrative tools
· Provide customer service to end users of the information systems for cyber security-related requests and issues such as data transfers, user account management activities, software approval requests, and end user cyber security training.
· Assist with product research and testing utilizing open-source resources as well as coordination with appropriate vendors
· Respond to Cyber Security alerts and conduct investigations under the direction of Section’s IT Manager – Monitoring, responding, investigating SIEM, WAF, IDS alerts/alarms and MS-ISAC ALBERT alerts.
· Instructs users on the importance of good cyber hygiene and administers security phishing and email awareness training for the city of Tucson.
· Participate in the various department processes and procedures such as Change Control reviews and asset inventory reviews.
· Recommend, oversee, and provide guidance for best practice configurations and implementations for new software solutions to stay abreast of the ever-evolving landscape of cyber attacks to advise on potential threats and solutions.
· Coordination with the various divisions and sections within the IT Department to address remediation of vulnerabilities, policy violations, and directives.
· Security governance project coordination and vendor management for 3rd party security affiliations.
· Cylance AV monitoring, maintenance, requests and response.
· Other duties, as assigned.
Work is widely varied, involving analyzing and evaluating many complex and significant variables. City-wide policies, procedures, or precedents may be developed and recommended.
Configuring security systems, analyzing security requirements, and recommending improvements.
Monitoring network traffic for suspicious behavior. Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.
Receive alerts and updates from agencies and respond with the appropriate action.
Meet with team/staff to share information, meetings with management, cross-training.
Work on projects regarding life-cycle, new systems, and software, other proposed department improvements.
- Knowledge of, or ability to
learn, policies, procedures, and guidelines established by professional
Knowledge of different classes
of attacks (e.g., passive, active, insider, close-in, distribution, etc.)
- Knowledge of system and
application security threats and vulnerabilities (e.g., buffer overflow, mobile
code, cross-site scripting, PL/SQL and injections, race conditions, covert
channel, replay, return-oriented attacks, and malicious code)
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
- Knowledge of penetration testing principles, tools, and techniques (e.g., Metasploit, Neosploit, etc.)
- Knowledge of general attack
stages (e.g., foot printing and scanning, enumeration, gaining access,
escalation of privileges, maintaining access, network exploitation, covering
- Knowledge of what constitutes a
network attack and the relationship to both threats and vulnerabilities
- Knowledge of network security
architecture concepts including topology, protocols, components, and principles
(e.g., application of Defense-in-Depth)
Skill in talking to others to
convey information effectively
Skill in analyzing and
organizing technical dataSkill in using computer
applications including spreadsheet, database, and word processing software
Skill in the use of penetration testing tools and techniques
Skill in performing the packet-level analysis (e.g., Wireshark, TCP-dump, etc.)Skill in performing damage
- Skill in the use of social
- Ability to process information
- Ability to analyze, organize,
and prioritize work while meeting multiple deadlines
Ability to develop, interpret,
and evaluate policies and procedures
EDUCATION LEVEL & TYPE: Bachelor’s degree from an accredited college or university with major course work in computer information systems, business administration, public administration or a degree related to the core functions of this position
EXPERIENCE: Five (5) to Seven (7) years of professional-level experience in computer network and IT systems security associated with a large organization. One year of experience administering security-specific hardware required.
Strong written communication skills and the
ability to document and diagram information systems and procedures.
Strong interpersonal skills and the ability to
work autonomously and on a team.
Experience with one or more of the following
Cyber Security tools/disciplines
- Network Access Control
- Spam Filtering
- Cloud Security
- Venerability Scanning and Management
- Security Assessment and Testing
- Security Training
- CASB / DLP
- Identity and Access Management
- Certified Ethical Hacker
- Security +
- GISA Security Essentials
As part of the online application process all applicants are required to submit their Resume and Cover Letter as ONE DOCUMENT. Applications received without a resume AND cover letter will be considered incomplete.
Applicants who meet the minimum qualifications will be evaluated on the education and work experience in their employment profile and the responses to their supplemental questions. The highest scoring applicants will then be invited to participate in a phone screen interview.
- Phone Screens will be held on Wednesday June 23, 2021
The highest scoring applicants from the phone screen will be invited to participate in an Oral Board interview.
- Virtual Oral Board interviews will be held on Wednesday June 30, 2021
Upon completion of all examination processes, the highest scoring applicants will be placed on the Civil Service Employment List.
An applicant's ranking on the Civil Service list will be based on their final score which will be calculated as:
10% of your rating for education and work experience
10% of your rating for phone screen
80% of your rating for panel board interview
This recruitment will establish a civil service list that will be utilized to fill vacancies occurring within the next 6 months.
American, or Disability preference points will be added to the final score for
those that are placed on the Civil Service Employment List. If you qualify for preference points as
outlined in the Employment Profile, you must present your documentation prior to your oral board interview. The DD 214
must be a copy that indicates characterization of service.
If you are in need
of Americans with Disabilities Act-related accommodation during the testing
process, please email Erin.Gallego@tucsonaz.gov at least 48 hours prior to the
You are highly encouraged to print this bulletin because it
contains important testing dates and information that you will need to refer to
later, as it will not be available after the closing date.
Communication throughout this process will be sent via email exclusively so please ensure your browser accepts emails from email@example.com and check your email account regularly. Failure to respond or follow instructions will result in disqualification. All email inquiries should be directed to Erin.Gallego@tucsonaz.gov.
Driving Level: Incidental
License Type: Valid and
Unrestricted Class D – Driver
CDL Endorsements: No
Safety Sensitive (driving requirement): No