Agency Information Security Professional

Location TBD

• The full performance level class works under general supervision and requires considerable knowledge of electronic data processing, computer science and systems analysis to configure, support and monitor enterprise security tools such as endpoint protection, Security Information and Event Management (SIEM), Intrusion Detection Systems (IDS) to safeguard State assets against malicious activity
• Characterize and monitor network traffic to identify anomalous activity and potential threats to network resources and analyze identified malicious activity to determine weaknesses exploited, exploitation methods and effects on system and information
• Evaluate and support documentation, validation and accreditation processes necessary to assure that new IT systems meet organization’s information assurance and security requirements and/or support security audit activities and review security logs to validate access levels and activity
• Supports vulnerability scanning, remote support software and packet capture to ensure endpoints are patched and updated
• Responds to alerts of malicious activity and work with OISP as a member of the agency Security Point of Contact (SPOC) team
• Support the development of tools and assist with responses, and help support training for the agency Security Incident Response Team (SIRT) Works with IT Security Operations Team to evaluate solutions to meet organization’s information assurance and security requirements
• Creates documentation for security initiatives
• Works with inter-agency contacts to develop solutions for agency initiatives
• Safeguards the organization's information assets and ensures confidentiality, integrity, and availability of systems and data
• Assists in the development, implementation, and maintenance of the enterprise-wide information security program
• Provides input in the creation and enforcement of information security policies, standards, and guidelines
• Ensures security policies align with industry’s best practices and regulatory requirements
• Assists with promoting security awareness by helping staff with understanding security policies and best practices
• Provides input with risk assessments that identifies vulnerabilities and assesses the potential impact on the organization
• Collaborates with various teams to develop and implement risk mitigation strategies
• Participates in the development and execution of incident response plans Analyzes and responds to security incidents, providing timely resolution and analysis
• Monitors and manages vulnerability scanning tools
• Coordinates remediation efforts and ensure timely closure of identified vulnerabilities
• Ensure compliance with relevant laws, regulations, and industry standards
• Assists in preparing for and participating in audits and assessments Monitors security alerts and incidents
• Analyzes and responds to security events
• Proactively utilizes security information and event management (SIEM) systems
• Maintains comprehensive documentation related to security policies, procedures, and incidents
• Provides regular reports on the status of the information security program Functions as mentor and primary contact for Security Analyst, Apprentice, and/or interns assigning work, developing, and assigning training, developing work structure and tasks for security initiatives, and evaluating deliverables
• Stays current regarding new technologies in area of IT assigned

36 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
-Or completion of associate core program in computer science; 18 mos. trg. or 18 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
-Or completion of undergraduate core program in computer science; 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
-Or 12 mos. exp. as Information Technology Apprentice, 69910; successful completion of Ohio Cyber Apprenticeship program; additional 12 mos. trg. or exp. in Information Systems/Information Technology with a focus in one of the following areas:
Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, or IT Security.
-Or equivalent of Minimum Class Qualifications for Employment noted above.

Note:

The Ohio Cyber Apprenticeship program is a program offered by the Department Administrative Services. 2000 hrs. of on-the-job experience and 200 certified instructional credits must be earned in order to complete this program.
Job Skill:
Cybersecurity