SECURITY ADMINISTRATOR

Recruitment #2105-0771-001

Introduction


The Information Technology Department is seeking an experienced Security Administrator 

with proven success in the realm of Cyber and Information Systems Security to join our Cyber Security Team. 

The Information Technology Department is in the midst of transformational change and is working to reinforce the cyber security posture of the City by bringing on additional talent. The ideal candidate will have strong technical, analytical, and communication skills and a high degree of initiative.  The diversity of business functions within the City makes for a dynamic work environment that is both challenging and rewarding.  Security Administrators will interact regularly with co-workers in other Divisions of the IT Department, customer departments, external agencies, contractors, and citizens in conveying technical information. Therefore, a person in this position must be able to communicate courteously and effectively with both technical and non-technical individuals.

General Description

This position is responsible for actively upholding the City’s stated mission and values. This position is also responsible to support and administer the City’s information security program and management infrastructure that ensures technology risks are identified and managed according to established risk policies and guidelines.

Regulatory compliance: PCI, HIPPA, CJIS, FTC Red Flags Rule.

Primary Responsibilities

·       Assists in the development and implementation of information security procedures, policies and system security plans.

·       Responsible for conducting security and compliance audits, security audit log reviews, and comprehensive investigation and remediation of computer security incidents.

·       Analyze existing practices and recommend new policies and procedures based on the dynamically changing information technology environment.

·       Contributes to information system and application hardening configurations in accordance with the City’s cybersecurity standards.

·       Run compliance and vulnerability scans on systems, analyze the findings, and work with IT Department teams to apply applicable remediation manually or via administrative tools

·       Provide customer service to end users of the information systems for cyber security-related requests and issues such as data transfers, user account management activities, software approval requests, and end user cyber security training.

·       Assist with product research and testing utilizing open-source resources as well as coordination with appropriate vendors

·       Respond to Cyber Security alerts and conduct investigations under the direction of Section’s IT Manager – Monitoring, responding, investigating SIEM, WAF, IDS alerts/alarms and MS-ISAC ALBERT alerts.

·       Instructs users on the importance of good cyber hygiene and administers security phishing and email awareness training for the city of Tucson.

·       Participate in the various department processes and procedures such as Change Control reviews and asset inventory reviews.

·       Recommend, oversee, and provide guidance for best practice configurations and implementations for new software solutions to stay abreast of the ever-evolving landscape of cyber attacks to advise on potential threats and solutions.

·       Coordination with the various divisions and sections within the IT Department to address remediation of vulnerabilities, policy violations, and directives.

·       Security governance project coordination and vendor management for 3rd party security affiliations.

·       Cylance AV monitoring, maintenance, requests and response.

·       Other duties, as assigned.

Distinguishing Characteristics

Work is widely varied, involving analyzing and evaluating many complex and significant variables. City-wide policies, procedures, or precedents may be developed and recommended. Configuring security systems, analyzing security requirements, and recommending improvements.

Monitoring network traffic for suspicious behavior. Creating network policies and authorization roles and defending against unauthorized access, modifications, and destruction.

Essential Functions

Receive alerts and updates from agencies and respond with the appropriate action.
Meet with team/staff to share information, meetings with management, cross-training.
Work on projects regarding life-cycle, new systems, and software, other proposed department improvements.
Regulatory Compliance

Knowledge/Skills/Abilities

  • Knowledge of, or ability to learn, policies, procedures, and guidelines established by professional organizations Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution, etc.)
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
  • Knowledge of penetration testing principles, tools, and techniques (e.g., Metasploit, Neosploit, etc.) 
  • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.) 
  • Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth)
  • Skill in talking to others to convey information effectively
  • Skill in analyzing and organizing technical dataSkill in using computer applications including spreadsheet, database, and word processing software
  • Skill in the use of penetration testing tools and techniques
  • Skill in performing the packet-level analysis (e.g., Wireshark, TCP-dump, etc.)Skill in performing damage assessments
  • Skill in the use of social engineering techniques
  • Ability to process information logically
  • Ability to analyze, organize, and prioritize work while meeting multiple deadlines
  • Ability to develop, interpret, and evaluate policies and procedures       

Minimum Qualifications

EDUCATION LEVEL & TYPE: Bachelor’s degree from an accredited college or university with major course work in computer information systems, business administration, public administration or a degree related to the core functions of this position

EXPERIENCE: Five (5) to Seven (7) years of professional-level experience in computer network and IT systems security associated with a large organization. One year of experience administering security-specific hardware required.

Preferred Qualifications

Strong written communication skills and the ability to document and diagram information systems and procedures. Strong interpersonal skills and the ability to work autonomously and on a team.
  
Experience with one or more of the following Cyber Security tools/disciplines
  • SIEM
  • Network Access Control
  • Spam Filtering
  • Encryption
  • Cloud Security
  • Venerability Scanning and Management
  • Security Assessment and Testing
  • Security Training
  • CASB / DLP
  • Identity and Access Management
  • DDoS
Preferred Certifications
  • Certified Ethical Hacker
  • Security +
  • CISSP
  • CISA
  • CISM
  • GISA Security Essentials

Selection Plan

As part of the online application process all applicants are required to submit their Resume and Cover Letter as ONE DOCUMENT.  Applications received without a resume   AND cover letter will be considered incomplete. 
 
Applicants who meet the minimum qualifications will be evaluated on the education and work experience in their employment profile and the responses to their supplemental questions. The highest scoring applicants will then be invited to participate in a phone screen interview. 

  • Phone Screens will be held on Wednesday June 23, 2021
The highest scoring applicants from the phone screen will be invited to participate in an Oral Board interview.

  • Virtual Oral Board interviews will be held on Wednesday June 30, 2021 
Upon completion of all examination processes, the highest scoring applicants will be placed on the Civil Service Employment List.

An applicant's ranking on the Civil Service list will be based on their final score which will be calculated as:
  
  •  10% of your rating for education and work experience 
  •  10% of your rating for phone screen 
  •  80% of your rating for panel board interview      

  • This recruitment will establish a civil service list that will be utilized to fill vacancies occurring within the next 6 months.

    Veterans, Native American, or Disability preference points will be added to the final score for those that are placed on the Civil Service Employment List.  If you qualify for preference points as outlined in the Employment Profile, you must present your documentation prior to your oral board interview. The DD 214 must be a copy that indicates characterization of service.  

    If you are in need of Americans with Disabilities Act-related accommodation during the testing process, please email Erin.Gallego@tucsonaz.gov at least 48 hours prior to the evaluation.

    Conclusion

    You are highly encouraged to print this bulletin because it contains important testing dates and information that you will need to refer to later, as it will not be available after the closing date.

    Communication throughout this process will be sent via email exclusively so please ensure your browser accepts emails from jobs@tucsonaz.gov and check your email account regularly.  Failure to respond or follow instructions will result in disqualification.  All email inquiries should be directed to Erin.Gallego@tucsonaz.gov.

    Driving Requirements

    Driving Level: Incidental

    License Type: Valid and Unrestricted Class D – Driver

    CDL Endorsements: No

    Safety Sensitive (driving requirement):  No