Cyber Security Administrator
Cyber Security Administrator
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Posting Close Date:
Applicants must submit their completed application byat 11:59 p.m. MSTApplication and Special Instructions
As part of the application process all applicants are required to submit a chronological resume and cover letter at the time of the application.Applications that do not include both documents by the closing date of the recruitment will be considered incomplete and may not receive further consideration for this recruitment.
In your cover letter please ensure to include responses to the following:
1. SIEM Detection Engineering:
Describe a time when you engineered or significantly improved detections in a SIEM platform (e.g. Splunk Falcon LogScale) in response to evolving threats.
Include how you identified detection gaps designed and tuned correlation rules validated effectiveness and referenced any frameworks (e.g. MITRE ATT&CK) or data sources used.
2. Security Framework Application in Complex Environments:
Share an example where you applied a security framework (e.g. CIS Benchmarks NIST CSF Zero Trust) to harden a complex environmentsuch as a hybrid cloud OT/ICS or segmented network.
What constraints did you encounter (e.g. uptime vendor lock-in legacy systems) and how did you evaluate the effectiveness of the controls
3. Security Automation Development:
Detail a security automation you developed or implemented (e.g. for detection incident response or vulnerability management).
Explain the workflow tools/languages used triggers and outcomes. How did it improve scalability reduce analyst workload or close security gaps
The City of Tucson does not provide VISA sponsorship. Candidates must be legally authorized to work in the United States at the time of application and throughout the duration of employment.
Relocation expenses will not be provided for this position. Candidates are responsible for all costs associated with relocating to the Tucson area if applicable.
**Save the date: Interviews will be conducted virtually on the week of June 30 2025.
Recruiter contact information: If you have any questions please contact Liliana Almeraz at (520 )837-4303 or
ABOUT THIS JOB
Position Specific Summary
The Cyber Security Administrator position at the City of Tucsons Information Technology Department is responsible for designing implementing and optimizing cybersecurity solutions to protect the Citys infrastructure- including cyber-physical systems and operational environments. This role supports strategic initiatives by deploying and tuning tools and developing automation to enhance detection and response.
Worked is performed under the supervision of the Information Technology Manager. This position does not supervise.
Duties and Responsibilities
- Designs cybersecurity solutions that protect enterprise Information Technology (IT) and Operational Technology (OT) environments including Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS). Implements and maintains tools such as Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) vulnerability management platforms email security and cloud-native solutions. Collaborates with cross-functional teams to embed security into technology projects and deployments. Supports cloud migrations by reviewing architecture and offering secure configuration guidance.
- Develops threat detection capabilities by creating custom correlation rules dashboards and alerts. Optimizes incident response by identifying patterns and gaps. Automates security workflows to streamline operations and reduce response times.
- Conducts technical investigations using log correlation forensic analysis and root cause identification. Responds to cybersecurity incidents in real time. Coordinates remediation efforts with IT and operations teams to restore services and prevent recurrence.
- Monitors systems continuously using security tools and telemetry data. Identifies misconfigurations vulnerabilities and signs of malicious activity. Prioritizes risks based on severity and impact. Recommends remediation actions using current threat intelligence.
- Provides education and technical advice for securing systems and field devices including servers workstations mobile devices and OT assets. Aligns system settings with Center for Internet Security (CIS) Benchmarks National Institute of Standards and Technology (NIST) guidelines and City policy.
- Implements technical controls based on Zero Trust architecture and the NIST Cybersecurity Framework (CSF). Maintains secure access data protection segmentation and endpoint visibility to enhance resilience and meet regulatory requirements.
- Develops security documentation such as configuration guides standard procedures and internal knowledge base articles. Maintains documentation to support consistent operations training and audit readiness.
- Performs all other duties and tasks as assigned.
Working Conditions
Mostly office environment. Requires on-site presence.
All duties and responsibilities listed are subject to change.
MINIMUM QUALIFICATIONS
EducationBachelors Degree
Experience
Minimum of three (3) years ofdirectly related experience
Preferred Qualifications
Degree in Cybersecurity Information Technology Computer Science or a related field.
GIAC certifications such as:
GCIH GIAC Certified Incident Handler
GSEC GIAC Security Essentials Certification
GSTRT GIAC Security Threat Intelligence
(ISC) certifications such as:
CISSP Certified Information Systems Security Professional
SSCP Systems Security Certified Practitioner
CompTIA certifications such as:
Security
CySA Cybersecurity Analyst
Equivalent certifications from other recognized industry organizations.
Experience in
Endpoint detection and response (EDR) platforms such as CrowdStrike Falcon Carbon Black and Microsoft Defender XDR including investigation and response workflows.
SIEM administration and detection engineering using tools such as Splunk and Falcon LogScale including use of regex dashboard development and alert tuning.
Security automation and scripting including PowerShell Python Bash and regex for threat detection remediation workflows and data parsing.
Network and forensic analysis tools such as Wireshark NetScout and capabilities in network memory and endpoint forensics.
Cloud administration and security across platforms such as Google Cloud Platform (GCP) Google Workspace and Azure including IAM integration and security control implementation.
Firewall administration (e.g. Palo Alto) Cisco CLI and virtualization technologies.
Various operating systems including Windows Server 2016/2019 Windows 711 macOS and Linux distributions using CIS benchmarks and secure baselines.
Email and threat protection systems such as Proofpoint TAP/TRAP and cloud-native defense
Collaboration problem-solving and continuous learning mindset with ability to work across teams and adapt to evolving threats.
POSITION DETAILS
Job Profile
J0771 - Security AdministratorTo view the full job profile including classification specifications and physical demands click here.
Compensation Grade
G110Hourly Range
$35.37 - 53.05 USDThe City of Tucson considers several factors when extending an offer including but not limited to the role and associated responsibilities a candidates work experience education/training key skills and internal equity.
FLSA
ExemptPosition Type
RegularTime Type
Full timeDepartment
Information TechnologyDepartment Link
No WebsiteBackground Check: This position has been designated to require a criminal background check.
ABOUT US
Benefits: The City of Tucson offers a generous benefits package for benefit-eligible positions. The comprehensive flexible and affordable coverage is designed to optimize health and well-being security and future and peace of mind. Benefits begin with medical dental vision life disability and FSA coverage surpassing your standard 401(k) program by offering a rich pension plan plus optional Roth and pretax deferred compensation savings. With your well-being in mind our paid time off program provides new hires with 38 paid days off in the first year of employment with time off increasing steadily in subsequent years. We offer twelve weeks of paid parental leave paid tuition reimbursement student loan repayment off- and on-the-job training and opportunities to forge connections with peers and the community through employee resource groups and paid volunteer hours. You can learn more about our benefits at The City of Tucson employs only U.S. Citizens and lawfully authorized non-U.S. Citizens. All new employees must show employment eligibility verification as required by the U.S. Citizenship and Immigration Status.
City of Tucson is an Equal Opportunity/Affirmative Action/Veterans/Disability Employer and does not discriminate based on race color religion sex (including sexual orientation gender identity and pregnancy) national origin veteran status age disability genetic testing or any other protected status. If you believe you have been a victim of discrimination you may file a complaint with the City of Tucsons Office of Equal Opportunity Programs U.S. Equal Employment Opportunity Commission (EEOC) or Arizona Attorney Generals Office of the Civil Rights Division (ACRD). Click for more information from ACRD about employment discrimination and how to file a complaint with ACRD
The City of Tucson is committed to providing access and reasonable accommodation for individuals with disabilities or who require religious accommodation; please contact Human Resources at or .
Recruiter Name
Liliana Almeraz (99363)Recruiter Email
For Human Resources general questions please contact .
Required Experience:
Unclear Seniority
Employment Type
Full-Time
