Security Information Officer

Description:

• The Security Information Officer will maintain the confidentiality integrity and accessibility of County data by ensuring that well-functioning information security controls remain in place. This position holds experience in Information Security systems and tools such as servers network systems firewalls network access control vulnerability assessment endpoint encryption anti- virus / anti- malware management endpoint application control host-based intrusion detection systems digital forensic platforms Security Information and Event Management (SIEM) and security awareness training platforms. The position must possess proven communication skills and interact regularly with County staff and technical personnel to assist in the implementation of security controls. The position will also serve on the security incident response team. The Security Information Officer reports directly to the Chief Information Officer.
• This position should be familiar with the administration and maintenance of Palo Alto firewalls Splunk Enterprise Security Information and Event Management (SIEM) Forescout Counteract Network Access Control (NAC) Tenable Nessus vulnerability assessment and Trend Micros Endpoint Protection Suite including Control Manager OfficeScan Endpoint Access Control and Endpoint Encryption. This position should also be familiar with digital forensics platforms such as Encase Enterprise.
• The County has developed a Security Strategic Plan. Lehigh Countys Information Security Strategic Plan adheres closely to the Center for Internet Securitys (CIS) Critical Security Controls. The Security Information Officer will be responsible to continue to develop and enhance the Security Strategic Plan working with the Assistant Systems Security Manager and the Chief Information Officer.

Typical Examples of Work:

• Monitor administer and maintain firewalls.
• Utilize network access control to inventory and control authorized and unauthorized devices.
• Perform vulnerability assessments against clients servers and network devices.
• Audit file server permissions to ensure least privilege.
• Install and maintain endpoint encryption on all mobile devices.
• Monitor administer and maintain anti-virus server and endpoints.
• Perform digital forensic analysis on County endpoints servers and network devices.
• Monitor administer and maintain endpoint application control server and endpoints.
• Create new dashboards and reports in the Security Information and Event Management (SIEM).
• Monitor administer and maintain host-based intrusion detection server and endpoints.
• Perform penetration tests against County systems.
• Monitor administer and maintain Web Application Firewall (WAF).
• Assist with regularly updating clients servers and network devices.
• Monitor administer and maintain Mobile Device Management platform.
• Assist with investigation of security incidents and their resolution.
• Monitor administer and maintain security awareness training platform.
• Monitor administer and maintain data loss prevention platform.
• Administer and maintain multi-factor authentication platform.
• Other duties as assigned by the Chief Information Officer.

Required Knowledge Skills & Abilities:

• Advanced knowledge of Information Security and Digital Forensics principles.
• Skilled at administering and maintaining firewalls network access control vulnerability assessment endpoint encryption anti-virus / anti-malware management endpoint application control host-based intrusion detection systems digital forensic platforms and Security Information and Event Management (SIEM) and security awareness platforms.
• Ability to respond to critical security incidents 24x7 / 365.
• Skilled at problem-solving and performing analysis while under stress.
• Ability to organize and prioritize multiple simultaneous work activities to utilize time efficiently and meet objectives.
• Strong technical writing and communications/presentations skills.
• Strong organization planning and people skills.
• Skilled at learning new technologies in a short amount of time.
• Knowledgeable and up-to-date on the ever-evolving threat landscape.

Schedule:

• Monday through Friday 08:00 A.M. - 4:00 P.M.

Experience:

• In administering and maintaining Information Security systems and tools such as firewalls Network Access Control (NAC) vulnerability assessment endpoint encryption anti-virus / anti-malware management endpoint application control host-based intrusion detection systems digital forensic platforms Security Information and Event Management (SIEM) and security awareness training platform; OR any equivalent combination of acceptable training and experience which has provided the knowledge skills and abilities cited above.

Education:

• Bachelors degree

Crime Check:

• Criminal background check required

Required Experience:

Unclear Seniority