Responsibilities

  • Identify security issues and risks and then develop mitigation plans
  • Accurate and rapid response to security events, Interpret and apply security policies and procedures. Provide analysis and trending of security log data from various security devices
  • Maintains current knowledge of rules, regulations, legislation, technology, and procedures governing network technology
  • Coordinates immediate response to imminent threats to the network from internal or external sources
  • Manages patch level records to track current patch levels of servers and desktop computers for the purpose of maintaining a reliable and stable technology infrastructure
  • Coordinates implementation of urgent or imperative patches or hot fixes to proactively protect servers and desktop systems
  • Execute process to identify, track, and report on security patch management.
  • Investigates reported breaches of security and coordinates mitigation or responses as needed for the purpose of ensuring the districts sensitive data is kept secure.
  • Carry out Annual Security Audit verification, monthly security scanning, implement system hardening rules, execute vulnerability patches implementation
  • handling procedures, and report all incidents to the responsible incident response capability.
  • Works with Division of Information Services leadership team to review and develop security and acceptable use policies. Keeps current on emerging internet threats and coordinates proactive internal responses
  • Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
  • Provide information security reporting, including security metrics as required
  • Advise and consult with internal and external stakeholders on risk assessment, threat modelling, and vulnerability management
  • Recommend solutions to mitigate risk in any activity that potentially impacts security of existing IT and information management
  • Any other ad-hoc duties as required or assigned

Requirements

  • Bachelor Degree or higher in Information Technology / Information Systems / Computer Science, Business IT or other relevant disciplines
  • Certified Information Systems Security Professional (CISSP) or other equivalent certifications attained
  • At least 3 years of IT Service Outsourcing experience with proven ability to work in large groups and for large accounts
  • At least 2 years of demonstrated experience in system, network, and/or application security
  • Experience in service-oriented architecture and web services security is desired
  • Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration Testing and the development of exploits
  • Experience in ISO 27001, PCI Security Standard, etc.
  • Excellent interpersonal skills both in written and presentation
  • Strong analytical and problem skills, combined with the ability to provide quick resolution to problems

Shortlisted candidates will be offered a 1 Year Agency contract employment.