The City of Tucson values the safety of our employees, our residents, our community, and our visitors. In support of these values, if you are selected for this job, you must be fully vaccinated against COVID-19, except when vaccination is not medically advised or violates your sincerely held religious beliefs. If you are invited to join our team, you must submit proof that you are fully vaccinated against COVID-19 to your initial HR representative, or you must request an exemption from your representative. New employees must either provide proof of vaccination or be granted a medical or religious exemption before working with the City of Tucson.
The Information Technology Department is seeking an experienced Security Administrator
with proven success in the realm of Cyber and Information Systems Security to join our Cyber Security Team.
The Information Technology Department is in the midst of transformational change and is working to reinforce the cyber security posture of the City by bringing on additional talent. The ideal candidate will have strong technical, analytical, and communication skills and a high degree of initiative. The diversity of business functions within the City makes for a dynamic work environment that is both challenging and rewarding. Security Administrators will interact regularly with co-workers in other Divisions of the IT Department, customer departments, external agencies, contractors, and citizens in conveying technical information. Therefore, a person in this position must be able to communicate courteously and effectively with both technical and non-technical individuals.
The City of Tucson Information
Technology Department (ITD) is looking for an experienced Security
Administrator to join our team. This
position will help protect and defend against cybersecurity threats through the
implementation, administration and enhancement of the City’s information
security program and systems. The
diversity of business functions makes for a dynamic work environment that is
both challenging and rewarding. The
Security Administrator’s role will include:
- Recommending security architecture enhancements,
- Identifying host and network-based vulnerabilities,
- Creating department and city-wide security policies and procedures,
- Conducting intrusion and security event investigations,
- Remediating security incidents,
- Educating users on best security practices,
- Reviewing and recommending compliance requirements, and
- Conducting security audits on critical infrastructure to ensure
technology risks are identified and managed according to organizational and
industry risk policies and guidelines.
The Security Administrator will
work as a member of the ITD Security Team and interact closely with a variety
of external agencies, City of Tucson departments, and other ITD teams in
conveying technical information. Therefore, a person in this position must be
able to communicate courteously and effectively with both technical and
Technology Department is a 24/7 operation. The incumbent will be required to
serve in an on-call status to respond to requests and emergencies occurring
after normal business hours. **
- Administer security systems and appliances to defend against
unauthorized access, modification and/or destruction of City data, hardware, or
- Monitor, investigate, and remediate security alerts,
notifications, and alarms.
- Conduct and report on the findings of security and compliance
- Contribute to information system, networks, and application
hardening configurations in accordance with best cybersecurity practices and
- Run vulnerability scans on network endpoints, analyze and
interpret the results, communicate the vulnerability findings with the
appropriate departments or ITD teams, and provide remediation steps for the
vulnerabilities or policy violations.
- Monitor network traffic for anomalies against normal baseline
behavior, review and interpret network, user, and system logs, complete comprehensive
investigations, conduct and oversee the remediation of computer security
- Coordinate and manage the implementation, configuration, and upgrade
of security systems, appliances, and software with vendors and ITD teams, as
- Provide cybersecurity governance and oversight for the City of
Tucson and its partner agency’s project supply chain and vendor access
- Administer the cybersecurity awareness and phishing training
campaigns for the City of Tucson.
The Security Administrator’s work is
widely varied, involving analyzing and evaluating many complex and unique
systems. This position will participate in the development, implementation,
maintenance and/or recommendation of ITD and city-wide security policies and
Security Administrator must always remain calm and professional during
stressful situations and must be able to analyze, organize and prioritize tasks
and request all while meeting multiple deadlines
- Monitor the City of Tucson’s infrastructure to detect, respond to,
and remediate security alerts and incidents.
- Receive alerts and updates from agencies and respond with the
Assess the City of Tucson’s infrastructure for known and potential
vulnerabilities using commercial vulnerability scanners and risk intelligence
- Provide security recommendations based on regulatory compliance
for projects regarding life-cycle upgrades, new system or application
implementations, or other proposed department improvements.
- Meet with the ITD security team and other appropriate staff to
share security information and communicate remediation plans based on the
impact to the affected ITD assets or information system.
- Strong understanding of physical and virtual IT infrastructure, including servers, network devices, desktops, applications, and mobile devices.
- Good understanding of various network and endpoint security technologies.
- Skilled with using Mac, Windows, and Linux operating systems.
- Skilled administering security applications, appliances, and systems.
- Understand how to audit a Windows AD Domain and Microsoft O365 environments.
- Knowledgeable of the different classes of cyberattacks.
Familiar with penetration principals, tactics, tools, techniques, and attack stages that threat actors use.
- Knowledgeable in different network topologies, protocols, and components to apply the principles of a defense-in-depth approach to security and recommend secure network architecture design.
- Understand how to interpret CVE data for system and application security vulnerabilities.
- Capable of performing network packet-level analysis and damage assessment.
- Knowledgeable in the use of social engineering techniques to train users how to identify and avoid them.
EDUCATION LEVEL & TYPE: Bachelor’s degree from an accredited college or university with major course work in computer information systems, business administration, public administration or a degree related to the core functions of this position
EXPERIENCE: Five (5) to Seven (7) years of professional-level experience in computer network and IT systems security associated with a large organization. One year of experience administering security-specific hardware required.
Bachelor’s degree from an accredited college or university in Computer Information Systems (CIS), Cybersecurity, Information Technology (IT), Management Information Systems (MIS), or a degree closely related to the core functions of this position.
Certification in one or more of the following: Certified Ethical Hacker (CEH), CISA, CISM, CISSP, GIAC, Security Essentials Certification (GSEC), Security+
Experience in the following Cybersecurity Domains:
- Security Operations - Investigations and Response, Vulnerability Management, Threat Hunting and Sterilization.
- Security Architecture - Network Design, DDoS Protection, Access Control, Data Protection, Cryptography and Encryption Standards, Cloud Security, Endpoint Security, and Patch Management.
- Threat Intelligence - Provide Internal and External Context on Indicators of Compromise (IOC), Emerging and Persistent Threats, and Threat Actor’s Tactics Techniques and Procedures (TTPs).
- Governance - 1). Policies and Procedures, Laws and Regulations, Frameworks, Standards, and Compliance Enforcement. 2). Payment Card Industry (PCI), Criminal Justice Information Services (CJIS), Health Information Portability and Accountability Act (HIPAA), International Organization for Standards (ISO), Federal Information Security Modernization Act (FISMA), Open Web Application Security Project (OWASP), Center for Internet Security (CIS), National Institute for Standards and Technology (NIST).
- Enterprise Risk Management - Risk Appetite and Acceptance, Crisis Management, Audits, and Risk Registers
- Risk Assessments - Vulnerability Scans, Asset Inventory and Classification, Penetration and Vulnerability Testing, Social Engineering, and Risk Monitoring
- Application Security - Software Development Life Cycle, Security UX, API Security, Source Code and Open-Source Scans
Applicants who meet the minimum qualifications will be evaluated on the education and work experience in their employment profile and the responses to their supplemental questions. The highest scoring applicants will then be invited to participate in an oral board interview.
- Virtual Oral Board interviews will be held on Tuesday November 23, 2021
Upon completion of all examination processes, the highest scoring applicants will be placed on the Civil Service Employment List.
An applicant's ranking on the Civil Service list will be based on their final score which will be calculated as:
20% of your rating for education and work experience
80% of your rating for panel board interview
This recruitment will establish a civil service list that will be utilized to fill vacancies occurring within the next 6 months.
American, or Disability preference points will be added to the final score for
those that are placed on the Civil Service Employment List. If you qualify for preference points as
outlined in the Employment Profile, you must present your documentation prior to your oral board interview. The DD 214
must be a copy that indicates characterization of service.
If you are in need
of Americans with Disabilities Act-related accommodation during the testing
process, please email Erin.Gallego@tucsonaz.gov at least 48 hours prior to the
You are highly encouraged to print this bulletin because it
contains important testing dates and information that you will need to refer to
later, as it will not be available after the closing date.
Communication throughout this process will be sent via email exclusively so please ensure your browser accepts emails from email@example.com and check your email account regularly. Failure to respond or follow instructions will result in disqualification. All email inquiries should be directed to Erin.Gallego@tucsonaz.gov.
Driving Level: Incidental
License Type: Valid and
Unrestricted Class D – Driver
CDL Endorsements: No
Safety Sensitive (driving requirement): No