- Identify security issues and risks and then develop mitigation plans
- Accurate and rapid response to security events, Interpret and apply security policies and procedures. Provide analysis and trending of security log data from various security devices
- Maintains current knowledge of rules, regulations, legislation, technology, and procedures governing network technology
- Coordinates immediate response to imminent threats to the network from internal or external sources
- Manages patch level records to track current patch levels of servers and desktop computers for the purpose of maintaining a reliable and stable technology infrastructure
- Coordinates implementation of urgent or imperative patches or hot fixes to proactively protect servers and desktop systems
- Execute process to identify, track, and report on security patch management.
- Investigates reported breaches of security and coordinates mitigation or responses as needed for the purpose of ensuring the districts sensitive data is kept secure.
- Carry out Annual Security Audit verification, monthly security scanning, implement system hardening rules, execute vulnerability patches implementation
- handling procedures, and report all incidents to the responsible incident response capability.
- Works with Division of Information Services leadership team to review and develop security and acceptable use policies. Keeps current on emerging internet threats and coordinates proactive internal responses
- Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Provide information security reporting, including security metrics as required
- Advise and consult with internal and external stakeholders on risk assessment, threat modelling, and vulnerability management
- Recommend solutions to mitigate risk in any activity that potentially impacts security of existing IT and information management
- Any other ad-hoc duties as required or assigned
- Bachelor Degree or higher in Information Technology / Information Systems / Computer Science, Business IT or other relevant disciplines
- Certified Information Systems Security Professional (CISSP) or other equivalent certifications attained
- At least 3 years of IT Service Outsourcing experience with proven ability to work in large groups and for large accounts
- At least 2 years of demonstrated experience in system, network, and/or application security
- Experience in service-oriented architecture and web services security is desired
- Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration Testing and the development of exploits
- Experience in ISO 27001, PCI Security Standard, etc.
- Excellent interpersonal skills both in written and presentation
- Strong analytical and problem skills, combined with the ability to provide quick resolution to problems
Shortlisted candidates will be offered a 1 Year Agency contract employment.