Senior Endpoint Cybersecurity Engineer

Senior Endpoint Cybersecurity Engineer

Employment Type:

Full-time Regular | Pay Range: $ - $ |

Location:

Castle Rock, CO | Overtime Exempt: Y | Elected Office / Department: INFORMATION TECHNOLOGY

The Endpoint Cybersecurity Engineer is part of a team that performs three core functions for the County. The first is the day-to-day operations of the in-place security solutions. The second is the identification, investigation and resolution of security breaches detected by those systems. This person will ensure the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, and tracking suspicious computer activity.

The third involves the day-to-day operations of the management toolsets we leverage for our endpoint environment, Microsoft Endpoint Configuration Manager and Microsoft Intune. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion and conduct user activity and vulnerability audits where required. This position also includes work that is strategic in nature related to the Cyber Security roadmap.

This person will also participate in the improvement of the overall County Cyber Security Program. This will include support of the County cyber training and new cyber software installations.

• Work with the IT operations team to maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they are under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.).
• Maintain operational configurations of all in-place security solutions as per the established baselines.
• Build and secure the task sequences used to deploy our endpoints.
• Secure our infrastructure by deploying 1st-Party 3rd‑party patches on a schedule.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Review logs and reports of all in-place devices, whether they are under direct control (e.g., security tools) or not (e.g., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Participate in investigations into problematic activity. Incident/breach troubleshooting and remediation may require potential after-hours support.
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.

• Participate in the planning and design of enterprise security architecture.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan.
• Assess need for any security reconfigurations (minor or significant).
• Review, manage, create and maintain policies and conditional access to protect County data.
• Conduct and present research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Build and present reports and dashboards demonstrating the Security state at the County.
• Participate in developing a security incident response plan and protocols.

• Recommend, schedule, and perform security improvements and upgrades.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Perform the deployment, integration and initial configuration of all new security solutions and any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

• A Bachelor’s Degree in computer science or equivalent from an accredited college,…