Cowlitz County
IT Security Engineer
Cowlitz County, Kelso, Washington, United States, 98626
Salary :
$91,440.00 - $107,580.00 Annually
Location :
Kelso, WA
Job Type:
Full Time
Job Number:
2024-061
Department:
Information Technology
Opening Date:
11/21/2024
FLSA:
Non-Exempt
Bargaining Unit:
1262
General Position Summary
The IT Cyber Security Engineer is a is a key role at Cowlitz County, primarily responsible for the protection of Cowlitz County's information technology infrastructure, applications, and data against the ever-evolving cyber threats. This role is considered a "hybrid" security role consisting of both technical "hands-on" elements as well as administrative tasks (e.g., process, and procedure development).
As a cyber security expert, the security engineer has in-depth knowledge of Security, Virtualization, Networking, and Cloud. They anticipate potential impacts, address security threats, develop effective sustainable strategies, troubleshoot complex issues, and review advanced technical configurations.
This role involves looking beyond current practices, standards, and procedures to reduce business risks by enhancing the organization's cyber security and compliance posture. They use their experience and advanced knowledge to drive innovation and maturity.
The Security Engineer role focuses on delivering customer-oriented, business-appropriate solutions within a collaborative team setting. It ensures the cybersecurity program effectively addresses Cowlitz County's needs by understanding business requirements, engaging with end users, continually improving skills, and actively participating in industry technical groups statewide.
They serve as a technical subject matter expert for applications and infrastructure cyber security solutions including web and cloud-based systems; operate products in-place; pro-actively monitor for security threats; investigate and resolve security breaches; conduct vulnerability audits and assessments; establish and maintain policies and procedures related to cyber security. Their secondary purpose is supporting the county's IT systems and infrastructure engineering.
This position is open until filled. Please review supplemental questions before submitting an application.
Salary Information: The 2024 salary for the IT Security Engineer is currently on a seven (7) step progression schedule. The starting salary ($7,620.00/mo.) may be negotiable with documented experience and/or certifications
Benefits Information: Cowlitz County offers a generous benefits package which includes: Medical/Dental/Vision (includes dependent coverage) VEBA/Health Retirement Account for those who qualify Retirement through Washington State Public Employees Retirement System Life Insurance Deferred Compensation plans available (457b) Vacation, Bonus and Leave Days Paid 11 Paid Holidays Reasonable work hours The County: Cowlitz County is a great place to live and work. Located along the Columbia River less than an hour from the Cascade Mountains and the Pacific Ocean, Cowlitz County provides an abundance of outdoor recreational opportunities and easy access to the Arts. The I-5 corridor runs right through Cowlitz County providing quick access to the Vancouver, Washington and Portland, Oregon metropolitan areas. Essential Duties and Responsibilities
Enhance Security Posture:
Continuously improve Cowlitz County's information security by staying updated on the latest threats, trends, and technology. Define and drive the security roadmap. Identify and Mitigate Vulnerabilities:
Monitor vulnerability notifications and perform penetration testing to identify and address security vulnerabilities. Coordinate with teams to ensure timely patching and remediation. Recommend Remediation:
Recommend and coordinate actions to mitigate risks and implement solutions and tools to address security vulnerabilities. Implement Security Measures:
Engineer, implement, and monitor security measures to protect computer systems, networks, and information. Collaborate on IT Projects:
Work closely with IT leadership to support global IT projects, conduct security assessments, and remediate non-compliant systems and processes. Ensure Compliance:
Support Public Record Coordinators to comply with Washington state data retention and disposal laws. Develop Security Policies:
Create and enforce Information Security Plans and enterprise cybersecurity policies. Set Best Practices : Assess security requirements and establish appropriate best practices and standards. Research Solutions:
Research and develop cybersecurity technology solutions and work with vendors when appropriate. Stay Informed:
Maintain a strong knowledge of current security threats and use this information to identify and address new threats in a rapidly changing environment. Mitigate Vulnerabilities:
Implement and maintain security solutions, configure and troubleshoot security infrastructure, and design countermeasures to protect against breaches. Monitor and Investigate:
Monitor for security breaches, investigate incidents, and ensure management is informed quickly. Advise internal stakeholders on breaches, including root cause analysis and remediation. Analyze Network Traffic:
Analyze network traffic and packet captures to identify and address abnormal activity, making configuration changes to prevent future issues. Lead IT Staff:
Oversee and direct the work of subordinate IT staff and/or peers on assigned projects, ensuring effective teamwork and project completion. Prepare Reports and Documentation:
Prepare reports for Executive staff and internal department such as HR and Legal, draft correspondence, and participate in committees, task forces, meetings, and training sessions. Conduct Compliance Audits:
Support and conduct audits to ensure adherence to security standards, such as CJIS and PCI, and collaborate with auditors, the risk management office, or others to address any issues. Coordinate with Agencies:
Work with local, state, and federal organizations on cybersecurity matters. Provide Engineering Analysis:
Offer cybersecurity engineering analysis and systems integration across various areas, including firewalls, networks, remote access devices, IDS/IPS, servers, and endpoint security solutions. Manage MFA Platform:
Oversee the multi-factor authentication platform, including its implementation, administration, and user support to enhance security. Manage the Extended Detection Response and Data Security Posture Platforms:
Oversee the security platforms, including monitoring, threat detection, and incident response to protect sensitive information. Manage PAM and Password Management:
Oversee Privileged Access Management (PAM) and password management software, including user management and access controls. Oversee SIEM System:
Manage the Security Information and Event Management (SIEM) system and log management, including monitoring and analyzing logs to respond to security incidents. Manage Security Education:
Manage the security education and awareness program using tools like KnowBe4 to conduct simulated phishing attacks and deliver training. Support Disaster Recovery:
Participate in developing and implementing disaster recovery strategies, including planning, testing, and updating procedures Vendor and Asset Management:
Assist with product procurement, inventory management, and accurate asset accounting. Problem-Solving:
Perform problem-solving and analysis, including incident and problem management and root cause analysis. Manage Projects and Priorities:
Utilize project management and change management practices to manage work and priorities. Planning and Reporting:
Participate in work planning activities and provide status reports Continue Learning:
Stay current with technology, industry standards, and best practices for Cyber Security engineering by proactively attending training, classes, events, webinars, and reading industry publications to maintain or develop skills. On-Call Duties:
Be available for regular, periodic on-call duties and work beyond standard hours, including evenings, weekends, and holidays, to address critical issues and system upgrades. Additional Duties:
Complete other tasks and projects as assigned by IT Department leadership. Minimum Qualifications
Education, Experience and Training: 5 (Five) years' experience supporting information technology systems as a subject matter expert across two or more technology layers (application, server, networks, etc.) with three years specifically in cyber security, required. A Bachelor's degree in Information Systems, Computer Science or related field is desired, Industry standard license and certification such as CEH, or OSCP, CISSP, CISM is desired - OR - Any equivalent combination of education, experience and/or training sufficient to demonstrate the required knowledge, skills and abilities is acceptable. General knowledge of Information Technology industry and best practices and expertise in cyber security. Preferred Qualifications
Certifications such as: CEH, CISSP, CISM, GIAC, ITIL, Security+ Working knowledge of:
Vulnerability management Compliance frameworks and auditing Anti-Virus or EDR / XDR tool management SIEM platform and log management Multi-factor authentication platform management Firewalls IDS/IPS Proxies Virtualization Networking Scripting BCDR methods and products
Required Skills and Abilities
Communication:
Clearly convey information and ideas at various levels, both orally and in writing. Prepare clear, concise reports, support documentation, presentations, and user training materials. Innovation and Motivation:
Exhibit a self-starting attitude and innovative mindset. Alignment:
Ensure tasks and responsibilities align with departmental operations and strategic goals. Ownership and Follow-Through:
Take responsibility for assignments, seek guidance as needed, and ensure tasks are completed. Time Management:
Perform well under tight deadlines and manage time effectively. Interpersonal and Customer Service Skills:
Build and maintain effective relationships with county employees and other contacts. Teamwork and Independence:
Collaborate effectively with IT staff, system users, management, and vendors, while excelling in both team and independent settings. Stress Management:
Handle job-related stress effectively and interact positively with others in the workplace. Knowledge Sharing:
Share expertise and information with the IT team and clients willingly. Analytical Skills:
Independently assess and identify problems, develop corrective actions, and implement effective solutions. Technical Aptitude:
Learn and manage the administrative and functional components of enterprise cyber security, Infrastructure, software applications, and providing comprehensive support and maintenance. Continuous Improvement:
Continuously upgrade skills through training and other resources.
Cowlitz County offers a competitive benefits package for Full-Time employees, including:
Health Insurance: Variety of Medical, dental, life, vision, and prescription insurance for employee and family. Employees who are covered under another person's medical plan have the option of an HRA (Health Retirement Account) in lieu of medical insurance. HSA and FSA plans are also available, depending on eligibility. 11 Paid holidays, vacation, and sick leave. Retirement: All full-time employees must participate in a Washington State Retirement Services plan, and may participate in a Deferred Compensation Plan, if desired. Employee Assistance Program employees and family members for help with personal or family issues. Group Life Insurance: Basic life and Accident insurance is provided to employee, with additional insurance available to purchase.
01
Have you reviewed the salary and benefits package provided for this role?
Yes No
02
Do you have the legal right to work in the United States?
Yes No
03
Will you require employment visa sponsorship now or in the future to work in the United States?
Yes No
04
Which of the following work arrangements are you open to? (Onsite, Remote, Hybrid) *Note: Onsite and Hybrid work arrangements are preferred.*
05
How long would it take you to drive to the office in Kelso, Washington? (for example: 1 hour, 3 hours, 5 hours)
06
How many years of experience do you have working in cybersecurity-related roles?
07
How many years of experience do you have supporting information technology infrastructure? (e.g., networks, servers, systems)
08
Please indicate the number of years of experience you have with the following (feel free to list your experience in the most convenient format for you):a. Network and firewall managementb. Windows server administration.c. Linux server administrationd. Azure / AWS /m365 administratione. Vulnerability managementf. SIEM platform use or managementg. Anti-Virus or EDR/XDR platform management h. 3rd Party Audit support and coordination i. BC/DR planning and testing
09
On a scale of 0-5, please rate your proficiency in the following areas, where 0 is no experience, 1 is basic knowledge, and 5 is expert level (feel free to list your experience in the most convenient format for you):a. Network and firewall managementb. Windows server administration.c. Linux server administrationd. Azure / AWS /m365 administratione. Vulnerability managementf. SIEM platform use or managementg. Anti-Virus or EDR/XDR platform management h. 3rd Party Audit support and coordination i. BC/DR planning and testing
10
Which IT certifications have you achieved? Please list them.
11
Are you comfortable managing both defensive and offensive cybersecurity strategies?
Yes No
12
Do you have experience working in a small IT department supporting 500 to 5,000 users?
Yes No
13
Why are you interested in this position? Please describe briefly. (1-2 sentences)
Required Question
$91,440.00 - $107,580.00 Annually
Location :
Kelso, WA
Job Type:
Full Time
Job Number:
2024-061
Department:
Information Technology
Opening Date:
11/21/2024
FLSA:
Non-Exempt
Bargaining Unit:
1262
General Position Summary
The IT Cyber Security Engineer is a is a key role at Cowlitz County, primarily responsible for the protection of Cowlitz County's information technology infrastructure, applications, and data against the ever-evolving cyber threats. This role is considered a "hybrid" security role consisting of both technical "hands-on" elements as well as administrative tasks (e.g., process, and procedure development).
As a cyber security expert, the security engineer has in-depth knowledge of Security, Virtualization, Networking, and Cloud. They anticipate potential impacts, address security threats, develop effective sustainable strategies, troubleshoot complex issues, and review advanced technical configurations.
This role involves looking beyond current practices, standards, and procedures to reduce business risks by enhancing the organization's cyber security and compliance posture. They use their experience and advanced knowledge to drive innovation and maturity.
The Security Engineer role focuses on delivering customer-oriented, business-appropriate solutions within a collaborative team setting. It ensures the cybersecurity program effectively addresses Cowlitz County's needs by understanding business requirements, engaging with end users, continually improving skills, and actively participating in industry technical groups statewide.
They serve as a technical subject matter expert for applications and infrastructure cyber security solutions including web and cloud-based systems; operate products in-place; pro-actively monitor for security threats; investigate and resolve security breaches; conduct vulnerability audits and assessments; establish and maintain policies and procedures related to cyber security. Their secondary purpose is supporting the county's IT systems and infrastructure engineering.
This position is open until filled. Please review supplemental questions before submitting an application.
Salary Information: The 2024 salary for the IT Security Engineer is currently on a seven (7) step progression schedule. The starting salary ($7,620.00/mo.) may be negotiable with documented experience and/or certifications
Benefits Information: Cowlitz County offers a generous benefits package which includes: Medical/Dental/Vision (includes dependent coverage) VEBA/Health Retirement Account for those who qualify Retirement through Washington State Public Employees Retirement System Life Insurance Deferred Compensation plans available (457b) Vacation, Bonus and Leave Days Paid 11 Paid Holidays Reasonable work hours The County: Cowlitz County is a great place to live and work. Located along the Columbia River less than an hour from the Cascade Mountains and the Pacific Ocean, Cowlitz County provides an abundance of outdoor recreational opportunities and easy access to the Arts. The I-5 corridor runs right through Cowlitz County providing quick access to the Vancouver, Washington and Portland, Oregon metropolitan areas. Essential Duties and Responsibilities
Enhance Security Posture:
Continuously improve Cowlitz County's information security by staying updated on the latest threats, trends, and technology. Define and drive the security roadmap. Identify and Mitigate Vulnerabilities:
Monitor vulnerability notifications and perform penetration testing to identify and address security vulnerabilities. Coordinate with teams to ensure timely patching and remediation. Recommend Remediation:
Recommend and coordinate actions to mitigate risks and implement solutions and tools to address security vulnerabilities. Implement Security Measures:
Engineer, implement, and monitor security measures to protect computer systems, networks, and information. Collaborate on IT Projects:
Work closely with IT leadership to support global IT projects, conduct security assessments, and remediate non-compliant systems and processes. Ensure Compliance:
Support Public Record Coordinators to comply with Washington state data retention and disposal laws. Develop Security Policies:
Create and enforce Information Security Plans and enterprise cybersecurity policies. Set Best Practices : Assess security requirements and establish appropriate best practices and standards. Research Solutions:
Research and develop cybersecurity technology solutions and work with vendors when appropriate. Stay Informed:
Maintain a strong knowledge of current security threats and use this information to identify and address new threats in a rapidly changing environment. Mitigate Vulnerabilities:
Implement and maintain security solutions, configure and troubleshoot security infrastructure, and design countermeasures to protect against breaches. Monitor and Investigate:
Monitor for security breaches, investigate incidents, and ensure management is informed quickly. Advise internal stakeholders on breaches, including root cause analysis and remediation. Analyze Network Traffic:
Analyze network traffic and packet captures to identify and address abnormal activity, making configuration changes to prevent future issues. Lead IT Staff:
Oversee and direct the work of subordinate IT staff and/or peers on assigned projects, ensuring effective teamwork and project completion. Prepare Reports and Documentation:
Prepare reports for Executive staff and internal department such as HR and Legal, draft correspondence, and participate in committees, task forces, meetings, and training sessions. Conduct Compliance Audits:
Support and conduct audits to ensure adherence to security standards, such as CJIS and PCI, and collaborate with auditors, the risk management office, or others to address any issues. Coordinate with Agencies:
Work with local, state, and federal organizations on cybersecurity matters. Provide Engineering Analysis:
Offer cybersecurity engineering analysis and systems integration across various areas, including firewalls, networks, remote access devices, IDS/IPS, servers, and endpoint security solutions. Manage MFA Platform:
Oversee the multi-factor authentication platform, including its implementation, administration, and user support to enhance security. Manage the Extended Detection Response and Data Security Posture Platforms:
Oversee the security platforms, including monitoring, threat detection, and incident response to protect sensitive information. Manage PAM and Password Management:
Oversee Privileged Access Management (PAM) and password management software, including user management and access controls. Oversee SIEM System:
Manage the Security Information and Event Management (SIEM) system and log management, including monitoring and analyzing logs to respond to security incidents. Manage Security Education:
Manage the security education and awareness program using tools like KnowBe4 to conduct simulated phishing attacks and deliver training. Support Disaster Recovery:
Participate in developing and implementing disaster recovery strategies, including planning, testing, and updating procedures Vendor and Asset Management:
Assist with product procurement, inventory management, and accurate asset accounting. Problem-Solving:
Perform problem-solving and analysis, including incident and problem management and root cause analysis. Manage Projects and Priorities:
Utilize project management and change management practices to manage work and priorities. Planning and Reporting:
Participate in work planning activities and provide status reports Continue Learning:
Stay current with technology, industry standards, and best practices for Cyber Security engineering by proactively attending training, classes, events, webinars, and reading industry publications to maintain or develop skills. On-Call Duties:
Be available for regular, periodic on-call duties and work beyond standard hours, including evenings, weekends, and holidays, to address critical issues and system upgrades. Additional Duties:
Complete other tasks and projects as assigned by IT Department leadership. Minimum Qualifications
Education, Experience and Training: 5 (Five) years' experience supporting information technology systems as a subject matter expert across two or more technology layers (application, server, networks, etc.) with three years specifically in cyber security, required. A Bachelor's degree in Information Systems, Computer Science or related field is desired, Industry standard license and certification such as CEH, or OSCP, CISSP, CISM is desired - OR - Any equivalent combination of education, experience and/or training sufficient to demonstrate the required knowledge, skills and abilities is acceptable. General knowledge of Information Technology industry and best practices and expertise in cyber security. Preferred Qualifications
Certifications such as: CEH, CISSP, CISM, GIAC, ITIL, Security+ Working knowledge of:
Vulnerability management Compliance frameworks and auditing Anti-Virus or EDR / XDR tool management SIEM platform and log management Multi-factor authentication platform management Firewalls IDS/IPS Proxies Virtualization Networking Scripting BCDR methods and products
Required Skills and Abilities
Communication:
Clearly convey information and ideas at various levels, both orally and in writing. Prepare clear, concise reports, support documentation, presentations, and user training materials. Innovation and Motivation:
Exhibit a self-starting attitude and innovative mindset. Alignment:
Ensure tasks and responsibilities align with departmental operations and strategic goals. Ownership and Follow-Through:
Take responsibility for assignments, seek guidance as needed, and ensure tasks are completed. Time Management:
Perform well under tight deadlines and manage time effectively. Interpersonal and Customer Service Skills:
Build and maintain effective relationships with county employees and other contacts. Teamwork and Independence:
Collaborate effectively with IT staff, system users, management, and vendors, while excelling in both team and independent settings. Stress Management:
Handle job-related stress effectively and interact positively with others in the workplace. Knowledge Sharing:
Share expertise and information with the IT team and clients willingly. Analytical Skills:
Independently assess and identify problems, develop corrective actions, and implement effective solutions. Technical Aptitude:
Learn and manage the administrative and functional components of enterprise cyber security, Infrastructure, software applications, and providing comprehensive support and maintenance. Continuous Improvement:
Continuously upgrade skills through training and other resources.
Cowlitz County offers a competitive benefits package for Full-Time employees, including:
Health Insurance: Variety of Medical, dental, life, vision, and prescription insurance for employee and family. Employees who are covered under another person's medical plan have the option of an HRA (Health Retirement Account) in lieu of medical insurance. HSA and FSA plans are also available, depending on eligibility. 11 Paid holidays, vacation, and sick leave. Retirement: All full-time employees must participate in a Washington State Retirement Services plan, and may participate in a Deferred Compensation Plan, if desired. Employee Assistance Program employees and family members for help with personal or family issues. Group Life Insurance: Basic life and Accident insurance is provided to employee, with additional insurance available to purchase.
01
Have you reviewed the salary and benefits package provided for this role?
Yes No
02
Do you have the legal right to work in the United States?
Yes No
03
Will you require employment visa sponsorship now or in the future to work in the United States?
Yes No
04
Which of the following work arrangements are you open to? (Onsite, Remote, Hybrid) *Note: Onsite and Hybrid work arrangements are preferred.*
05
How long would it take you to drive to the office in Kelso, Washington? (for example: 1 hour, 3 hours, 5 hours)
06
How many years of experience do you have working in cybersecurity-related roles?
07
How many years of experience do you have supporting information technology infrastructure? (e.g., networks, servers, systems)
08
Please indicate the number of years of experience you have with the following (feel free to list your experience in the most convenient format for you):a. Network and firewall managementb. Windows server administration.c. Linux server administrationd. Azure / AWS /m365 administratione. Vulnerability managementf. SIEM platform use or managementg. Anti-Virus or EDR/XDR platform management h. 3rd Party Audit support and coordination i. BC/DR planning and testing
09
On a scale of 0-5, please rate your proficiency in the following areas, where 0 is no experience, 1 is basic knowledge, and 5 is expert level (feel free to list your experience in the most convenient format for you):a. Network and firewall managementb. Windows server administration.c. Linux server administrationd. Azure / AWS /m365 administratione. Vulnerability managementf. SIEM platform use or managementg. Anti-Virus or EDR/XDR platform management h. 3rd Party Audit support and coordination i. BC/DR planning and testing
10
Which IT certifications have you achieved? Please list them.
11
Are you comfortable managing both defensive and offensive cybersecurity strategies?
Yes No
12
Do you have experience working in a small IT department supporting 500 to 5,000 users?
Yes No
13
Why are you interested in this position? Please describe briefly. (1-2 sentences)
Required Question