The Senior Information Security Engineer plays an essential role in protecting the confidentiality, integrity and availability of State of Arizona information and systems.
This position ensures that the appropriate security controls, standards and procedures are in place and are properly configured, to protect confidential information used by the State from known and unknown internal or external threats. These threats include, but are not limited to, identity theft, data loss, data damage, unauthorized access and cyber-attacks.
This position defends the State against attacks which disrupt, destroy, or threaten the delivery of essential services for the State.
Day-to-day operational support of the hardware and software solutions that support the detection of, protection from, and response to cyber attacks against State of Arizona systems and networks from internal and external threats and performs analysis, design, and implementation of information security solutions along with any required maintenance and upgrades.
Ensures controls and state information systems are designed and configured in compliance with Statewide Information Security policies, NIST, CIS, and other standards in the organization.
Participates and assist with information security incident response.
T0042: Coordinate with Cyber Defense Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications.
Responds promptly to any state agency's requests for assistance while maintaining adherence to organization's goal of customer service excellence.
T0261: Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
Participates in enterprise projects by evaluating infrastructure and applications as they relate to information security architecture, directives and policies and participates with defining enterprise security policies and standards.
T0348: Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
T0420: Administer test bed(s), and test and evaluate cyber defense applications, hardware infrastructure, rules/signatures, access controls, and configurations of platforms managed by Cyber Command.
T0180: Perform system administration on specialized cyber defense applications and systems or devices, to include installation, configuration, maintenance, backup, and restoration.
T0335: Build, install, configure, and test dedicated cyber defense hardware.
T0483: Identify potential conflicts with implementation of any cyber defense tools.
Reviews and recommends the need for new information security equipment, resources and software.
Other duties as assigned as related to the position.
• Considerable working knowledge of information security technologies industry trends and best practices in the areas of risk assessment, compliance and vulnerability management
• Considerable knowledge of specific regulatory information protection standards (HIPAA, CGIS, IRS, etc. as appropriate)
• Knowledge of the concepts of NIST 800, CIS, and other security standards in the organization
• K0001: Knowledge of computer networking concepts and protocols, and network security methodologies
• K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
• K0003: Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
• K0004: Knowledge of cybersecurity and privacy principles
• K0005: Knowledge of cyber threats and vulnerabilities
• K0006: Knowledge of specific operational impacts of cybersecurity lapses
• K0021: Knowledge of data backup and recovery
• K0033: Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists)
• K0042: Knowledge of incident response and handling methodologies
• K0044: Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• K0058: Knowledge of network traffic analysis methods
• K0061: Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL])
• K0062: Knowledge of packet-level analysis
• K0104: Knowledge of Virtual Private Network (VPN) security
• K0106: Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities
• K0135: Knowledge of web filtering technologies
• K0157: Knowledge of cyber defense and information security policies, procedures, and regulations
• K0179: Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• K0205: Knowledge of basic system, network, and OS hardening techniques
• K0258: Knowledge of test procedures, principles, and methodologies
• K0324: Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications
• K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
• K0334: Knowledge of network traffic analysis (tools, methodologies, processes)
• Excellent interpersonal, written and oral communication skills
• Excellent technical troubleshooting and problem solving skills
• Strong customer service skills
• A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• Demonstrated ability to lead initiatives to develop solutions and processes to meet needs; identifies unique innovative approaches
• Demonstrated ability to apply creative solutions to business problems to ensure business needs are most effectively met
• Demonstrated ability to build strong relationships inside and outside the organization
• Demonstrated ability to work collaboratively in teams and across organizations
• Demonstrated ability to synthesize feedback and adjust plans accordingly
• Demonstrated ability to balance, prioritize and organize multiple tasks
• Demonstrated ability to develop and write technical documentation
• Demonstrated ability to evaluate and test emerging technologies
• Bachelor’s degree plus 8 years of extensive experience in information security systems engineering (or equivalent experience)
• Certified Information Security Systems Professional preferred
• Required to drive on State business; must possess a valid Arizona driver's license
The State of Arizona offers a comprehensive benefits package to include:
• Optional employee benefits include short-term disability insurance, deferred compensation plans, and supplemental life insurance
• Life insurance and long-term disability insurance
• Vacation with 10 paid holidays per year
• Health and dental insurance
• Retirement plan
• Sick leave
For a complete list of benefits provided by The State of Arizona, please visit our benefits page
• Positions in this classification participate in the Arizona State Retirement System (ASRS)
• Please note that enrollment eligibility will become effective after 27 weeks of employment
• If you have any questions please feel free to contact Ariel Gonzalez at email@example.com for assistance
ARIZONA MANAGEMENT SYSTEM (AMS)
All Arizona state employees operate within the Arizona Management System (AMS), an intentional, results-driven approach for doing the work of state government whereby every employee reflects on performance, reduces waste, and commits to continuous improvement with sustainable progress. Through AMS, every state employee seeks to understand customer needs, identify problems, improve processes, and measure results.
State employees are highly engaged, collaborative and embrace a culture of public service.
The State of Arizona is an Equal Employment Opportunity Employer.