Analyst - Information Security
- Employer
- Jefferson County Public Schools
- Location
- Golden, Colorado, United States
- Salary
- $70,376 - $98,290
View more
- Job Category
- Support Staff, Safety / Security, Product, Services & Policy, Data / Analysis
You need to sign in or create an account to save a job.
SUMMARY Ensure a balance of information technology security and privacy based on confidentiality, integrity and availability of enterprise systems. Provide district-wide leadership in Incident Response, Malware Analysis and Vulnerability Assessments. Lead and conduct forensics of computer security incidents to determine root cause analysis of events and develop Indicators of Compromise for mitigation of future risks. Assist interdepartmental groups with the implementation and management of system security requirements.
Monitor the health and performance of IT security systems such as Network Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), and Antivirus Systems. Coordinate efforts to remediate security risks and vulnerabilities with teams throughout the district.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
Develop risk assessment score of Enterprise applications and assets to assign a Threat Risk profile for the district.
Develop vulnerability assessment and penetration testing procedures of enterprise applications and assets.
Develop guidelines and procedures for hardening of enterprise applications and assets.
Implement and maintain a quarterly infrastructure auditing process using industry standard tools such as Rapid 7, Nessus and MBSA. Coordinate remediation and mitigation efforts with infrastructure services teams.
Maintain and monitor the network intrusion prevention system to limit the spread of malicious code and network degradation. Escalate known network abnormalities to the appropriate teams as necessary.
Maintain the Internet filtering and caching appliances and provide basic technical support to groups such as teachers, system administrators, and district leadership.
Develop documentation concerning policy and implementation of proactively monitoring intrusion detection and intrusion prevention in supporting operational confidentiality, integrity and availability.
Detect, quarantine and eradicate virus and malicious code to secure the IT infrastructure. Provide team leadership for enterprise projects and Tier III support to all District locations.
Consult with other departments in the District on hardware and software purchases, including Food Service, Human Resources, Legal, and Assessment.
Perform other duties as assigned.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
EXPERIENCE 5 years minimum experience in network administration, including 2-3 years experience in IT security.
EDUCATION AND TRAINING Bachelor's degree in Computer Science, Engineering, Business, or equivalent professional experience.
CERTIFICATES, LICENSES, REGISTRATIONS Industry standard certifications such as Cisco Certified Security Professional, Security Plus, GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), or Microsoft Certified System Administrator, preferred for hire. Valid Colorado driver's license.
SKILLS, KNOWLEDGE, & EQUIPMENT Must have knowledge of securing computers, networks, and management information systems. Ability to secure and manage District-wide infrastructure in order to protect productivity and reduce costs. System engineering knowledge of perimeter security, virtual private networks, web filtering, log management, intrusion protection as well as the combination of these technologies in a single, integrated solution. Background knowledge of Microsoft Enterprise Software, and Cisco hardware along with experience with Rapid 7, Splunk, Trend Micro, Palo Alto, SourceFire, Checkpoint, Cisco ASA, and FireEye.
DECISION MAKING Responsible for the proactive security oversight and management of critical network systems. Must be able to mitigate threats and vulnerability that expose the District to inconsistent confidentiality, availability and data integrity. Critical decisions are made daily that impact students and employees of the District. Errors could potentially result in substantial embarrassment and/or cost to the District.
COMMUNITY RELATIONS Daily contact with classified staff within/outside department to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, and interpret policy; and with advisory committees to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters. Weekly contact with professional staff within department to discuss routine internal matters, obtain/furnish information, and resolve routine corrections/adjustments; and school support team and vendors, contractors, engineers and developers to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters. Monthly contact with professional staff outside department to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, and maintain relationships; with Administrative leadership team and the general public and community members to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters.
SPAN OF CONTROL This position does not have supervisory responsibilities.
COMPLEXITY OF WORK Work is assigned by the Executive Director, Data Privacy and Security. Assign high level duties, milestones, tasks and responsibilities during weekly staff meetings or via workflow automation software. Must have skills and abilities required to problem solve necessary steps for defending systems and networks against actively exploited computer based threats. Must have thorough understanding of intrusion detection and prevention technology, web filtering, antivirus, log management, as well as security management practices hardening operating systems and network devices.
The physical demands, mental functions, and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
PHYSICAL DEMANDS While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, or crouch; and talk or hear. The employee must occasionally lift and/or move up to 100 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, and ability to adjust focus.
MENTAL FUNCTIONS While performing the duties of this job, the employee is regularly required to compare, analyze, communicate, copy, coordinate, instruct, compute, synthesize, evaluate, use interpersonal skills, compile, and negotiate.
WORK ENVIRONMENT While performing the duties of this job, the employee is occasionally exposed due to working in data centers and construction areas to wet or humid conditions; work near moving mechanical parts, work in high, precarious places; fumes or airborne particles; toxic or caustic chemicals; outdoor weather conditions; extreme cold (non-weather); extreme heat (non-weather); risk of electrical shock; work with explosives; risk of radiation, and vibration. The noise level in the work environment is usually moderate.
Important Notice Regarding Licensed Positions:
Job Status Type is Referenced Above in Job Posting:
Job Status: Ongoing
A successful external applicant will be issued a probationary contract. A successful internal applicant that currently holds a probationary or non-probationary contract with Jeffco Public Schools will maintain that contract status.
Job Status: Temporary
A successful external applicant will be issued a one year, temporary contract. A successful internal applicant currently holding a Jeffco probationary contract will be issued a one year, temporary contract. A successful internal applicant currently holding a Jeffco non-probationary contract, will forfeit their non-probationary status. Please contact Employment Services for questions.
Equal Employment Opportunity
The Jefferson County School District does not discriminate on the basis of disability, race, color, creed, religion, national origin, age, sexual orientation, marital status, political affiliation, pregnancy, sex, disability.
Salary:
http://www.jeffcopublicschools.org/employment/salaries/
Benefits:
http://www.jeffcopublicschools.org/employment/benefits/
Monitor the health and performance of IT security systems such as Network Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), and Antivirus Systems. Coordinate efforts to remediate security risks and vulnerabilities with teams throughout the district.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
Develop risk assessment score of Enterprise applications and assets to assign a Threat Risk profile for the district.
Develop vulnerability assessment and penetration testing procedures of enterprise applications and assets.
Develop guidelines and procedures for hardening of enterprise applications and assets.
Implement and maintain a quarterly infrastructure auditing process using industry standard tools such as Rapid 7, Nessus and MBSA. Coordinate remediation and mitigation efforts with infrastructure services teams.
Maintain and monitor the network intrusion prevention system to limit the spread of malicious code and network degradation. Escalate known network abnormalities to the appropriate teams as necessary.
Maintain the Internet filtering and caching appliances and provide basic technical support to groups such as teachers, system administrators, and district leadership.
Develop documentation concerning policy and implementation of proactively monitoring intrusion detection and intrusion prevention in supporting operational confidentiality, integrity and availability.
Detect, quarantine and eradicate virus and malicious code to secure the IT infrastructure. Provide team leadership for enterprise projects and Tier III support to all District locations.
Consult with other departments in the District on hardware and software purchases, including Food Service, Human Resources, Legal, and Assessment.
Perform other duties as assigned.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
EXPERIENCE 5 years minimum experience in network administration, including 2-3 years experience in IT security.
EDUCATION AND TRAINING Bachelor's degree in Computer Science, Engineering, Business, or equivalent professional experience.
CERTIFICATES, LICENSES, REGISTRATIONS Industry standard certifications such as Cisco Certified Security Professional, Security Plus, GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), or Microsoft Certified System Administrator, preferred for hire. Valid Colorado driver's license.
SKILLS, KNOWLEDGE, & EQUIPMENT Must have knowledge of securing computers, networks, and management information systems. Ability to secure and manage District-wide infrastructure in order to protect productivity and reduce costs. System engineering knowledge of perimeter security, virtual private networks, web filtering, log management, intrusion protection as well as the combination of these technologies in a single, integrated solution. Background knowledge of Microsoft Enterprise Software, and Cisco hardware along with experience with Rapid 7, Splunk, Trend Micro, Palo Alto, SourceFire, Checkpoint, Cisco ASA, and FireEye.
DECISION MAKING Responsible for the proactive security oversight and management of critical network systems. Must be able to mitigate threats and vulnerability that expose the District to inconsistent confidentiality, availability and data integrity. Critical decisions are made daily that impact students and employees of the District. Errors could potentially result in substantial embarrassment and/or cost to the District.
COMMUNITY RELATIONS Daily contact with classified staff within/outside department to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, and interpret policy; and with advisory committees to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters. Weekly contact with professional staff within department to discuss routine internal matters, obtain/furnish information, and resolve routine corrections/adjustments; and school support team and vendors, contractors, engineers and developers to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters. Monthly contact with professional staff outside department to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, and maintain relationships; with Administrative leadership team and the general public and community members to discuss routine internal matters, obtain/furnish information, resolve routine corrections/adjustments, interpret policy, recommend policy, and negotiate controversial matters.
SPAN OF CONTROL This position does not have supervisory responsibilities.
COMPLEXITY OF WORK Work is assigned by the Executive Director, Data Privacy and Security. Assign high level duties, milestones, tasks and responsibilities during weekly staff meetings or via workflow automation software. Must have skills and abilities required to problem solve necessary steps for defending systems and networks against actively exploited computer based threats. Must have thorough understanding of intrusion detection and prevention technology, web filtering, antivirus, log management, as well as security management practices hardening operating systems and network devices.
The physical demands, mental functions, and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
PHYSICAL DEMANDS While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, or crouch; and talk or hear. The employee must occasionally lift and/or move up to 100 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, and ability to adjust focus.
MENTAL FUNCTIONS While performing the duties of this job, the employee is regularly required to compare, analyze, communicate, copy, coordinate, instruct, compute, synthesize, evaluate, use interpersonal skills, compile, and negotiate.
WORK ENVIRONMENT While performing the duties of this job, the employee is occasionally exposed due to working in data centers and construction areas to wet or humid conditions; work near moving mechanical parts, work in high, precarious places; fumes or airborne particles; toxic or caustic chemicals; outdoor weather conditions; extreme cold (non-weather); extreme heat (non-weather); risk of electrical shock; work with explosives; risk of radiation, and vibration. The noise level in the work environment is usually moderate.
Important Notice Regarding Licensed Positions:
Job Status Type is Referenced Above in Job Posting:
Job Status: Ongoing
A successful external applicant will be issued a probationary contract. A successful internal applicant that currently holds a probationary or non-probationary contract with Jeffco Public Schools will maintain that contract status.
Job Status: Temporary
A successful external applicant will be issued a one year, temporary contract. A successful internal applicant currently holding a Jeffco probationary contract will be issued a one year, temporary contract. A successful internal applicant currently holding a Jeffco non-probationary contract, will forfeit their non-probationary status. Please contact Employment Services for questions.
Equal Employment Opportunity
The Jefferson County School District does not discriminate on the basis of disability, race, color, creed, religion, national origin, age, sexual orientation, marital status, political affiliation, pregnancy, sex, disability.
Salary:
http://www.jeffcopublicschools.org/employment/salaries/
Benefits:
http://www.jeffcopublicschools.org/employment/benefits/
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert