Agency Information Security Professional 1 (20101539)

Requirements

• Configure, support and monitor enterprise security tools
• Characterize and monitor network traffic to identify anomalous activity and potential threats to network resources
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods and effects on system and information
• Evaluate and support documentation, validation and accreditation processes
• Support vulnerability scanning, remote support software and packet capture
• Respond to alerts of malicious activity and work with OISP as a member of the agency Security Point of Contact (SPOC) team
• Support the development of tools and assist with responses, and help support training for the agency Security Incident Response Team (SIRT)
• Works with IT Security Operations Team to evaluate solutions to meet organization’s information assurance and security requirements
• Creates documentation for security initiatives
• Works with inter-agency contacts to develop solutions for agency initiatives
• Safeguards the organization's information assets and ensures confidentiality, integrity, and availability of systems and data
• Assists in the development, implementation, and maintenance of the enterprise-wide information security program
• Provides input in the creation and enforcement of information security policies, standards, and guidelines
• Ensures security policies align with industry’s best practices and regulatory requirements
• Assists with promoting security awareness by helping staff with understanding security policies and best practices
• Provides input with risk assessments that identifies vulnerabilities and assesses the potential impact on the organization
• Collaborates with various teams to develop and implement risk mitigation strategies
• Participates in the development and execution of incident response plans
• Analyzes and responds to security incidents, providing timely resolution and analysis
• Monitors and manages vulnerability scanning tools
• Coordinates remediation efforts and ensure timely closure of identified vulnerabilities
• Ensure compliance with relevant laws, regulations, and industry standards
• Assists in preparing for and participating in audits and assessments
• Monitors security alerts and incidents
• Analyzes and responds to security events
• Proactively utilizes security information and event management (SIEM) systems
• Maintains comprehensive documentation related to security policies, procedures, and incidents
• Provides regular reports on the status of the information security program
• Functions as mentor and primary contact for Security Analyst, Apprentice, and/or interns assigning work, developing, and assigning training, developing work structure and tasks for security initiatives, and evaluating deliverables
• Stays current regarding new technologies in area of IT assigned

Benefits

• Medical Coverage
• Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period
• Paid time off, including vacation, personal, sick leave and 11 paid holidays per year
• Childbirth, Adoption, and Foster Care leave
• Education and Development Opportunities
• Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation)