CITY OF OVERLAND PARK - POSITION DESCRIPTION
JOB SUMMARY STATEMENT: Implements, maintains, and monitors the organization's security environment and infrastructure. Includes supporting existing security applications including but not limited to endpoint protection, monitoring systems, IDPS, NAC, Enterprise NGFW. Reviews current system environment and recommends and implements enhancements. Conducts regular system tests and ensures continuous monitoring of network security. Maintains and organizes the practice of disaster recovery plans and procedures. Responds to security incidents and provides thorough post-event analysis. Assists IT leadership with cultivating a culture of security awareness including regular training, assessments and policy review and enforcement. Diagnoses and resolves complex network and system issues. Plans for and designs security infrastructure (physical and virtual)
DUTIES AND RESPONSIBILITIES:
Supports the organization's security environment including planning, installation, maintenance, monitoring and replacement/upgrade recommendations.
Keeps up-to-date on cybersecurity industry trends, and technology developments. Make recommendations as appropriate.
Supports the organization's security fabric, including planning, installation, maintenance, monitoring and replacement/upgrade recommendations. Security services include but are not limited to endpoint protection, monitoring systems, IDPS, NAC, NGFW.
Manage and conduct Threat Intelligence and Threat hunting analysis activities.
Keeps up-to-date on security threats and trends. Makes recommendations for compliance and threat mitigation.
Designs security infrastructure for the purpose of providing highly dependable and secure connectivity systems.
Develops project plans, time and cost estimates, implementation schedules, and project timelines.
Reviews, evaluates and recommends disaster recovery strategies.
Creates and maintains comprehensive documentation for all supported systems.
Evaluates vendor products in hardware, software, and telecommunications equipment.
Assist in preparation of proposals and solution presentations.
Participates in long- and short-range technology planning. Recommends purchases consistent with the organization's short- and long-term objectives.
Recommends networking and security policies and standards to ensure efficient use of Organizational resources and adherence to good security practices.
Closely coordinates internally and maintains contact with outside organizations in the maintenance, service, recommendation, implementation, problem solving and/or purchase of security services, software and hardware.
Troubleshoots security hardware and software problems and is typically consulted on the organization's most difficult and complex hardware/software problems and projects.
Attends classes, seminars, conferences, user groups and reviews professional literature to enhance knowledge of trends and developments related to local area network systems.
Answers Help Desk phones calls and participates in on-call rotation as required.
Performs other duties as assigned.
The employee must work the days and hours necessary to perform all assigned responsibilities and tasks. Must be available (especially during regular business hours or shifts) to communicate with peers, subordinates, supervisors, customers, vendors and any other persons or organization with whom interaction is required to accomplish work and employer goals.
The employee must be punctual and timely in meeting all requirements of performance, including, but not limited to, attendance standards and work deadlines; beginning and ending assignments on time; and scheduled work breaks, where applicable.
EDUCATION & SPECIAL LICENSE(S)/CERTIFICATIONS:
Bachelor's degree in computer science, cyber security, computer science, engineering, information technology, mathematics or a related field, or an equivalent combination of formal education and work experience. Must have a valid driver's license and maintain an insurable driving record.
Access to the Kansas Criminal Justice Information System (KCJIS) may be required, so the following KCJIS requirements apply: must be at least 18 years of age; must not have been convicted of a felony; must not have been convicted of a serious misdemeanor; and must not have an arrest history the nature and severity of which warrant disqualification.
Five to ten years' experience with configuration, installation and maintenance of enterprise IT security environments.
Working knowledge of IT security environments to include security infrastructure, Firewall, SIEMS, Sandox, XDR\MDR, server, and client hardware.
Five to ten years of experience with configuration, installation and management of cybersecurity enterprise systems.
CISSP certification is preferred.
Fortinet NSE 4, NSE 5 preferred.
Fortinet NSE 6 & NSE 7 desired.
Certification in networking or server administration is preferred.
Compliance knowledge of NIST and CIS Control Frameworks
SKILLS - Five years' experience in at least five of the following:
Next generation Fortinet firewall administration/support.
Endpoint Protection support/administration.
Information security and/or IT risk management with a focus on security, performance and reliability
Security protocols, cryptography, authentication
Tenable SC+ & Tenable CS
Current IT risks and experience implementing security solutions
Threat Hunting and Threat Intelligence Analysis
Multi-factor authentication, single sign-on, identity management or related technologies
OSI Model, IEEE 802.x protocols, UDP, TCP/IP, SNMP.
Routing protocols such as OSPF and MPLS.
GIAC GCWN Security Administrator
Ethernet based data network transport technologies.
Administration of IP addressing, subnets.
Test equipment and protocol analyzers to aid in diagnosis and solution of problems encountered in a complex networking environment.
Advanced administration, implementation, and support experience in: Google applications, Microsoft Azure, MDM applications, virtualization software, and/or servers and datacenter environments.
Advanced working knowledge in either virtualization software or active directory.
Fortinet Firewalls and Fortinet Unified Threat Management environment.
Ability to document and evaluate current environment and use best practice methodologies to ensure highest level investment utilization.
Strong organizational and time-management skills.
Advanced written, verbal, reading and communication skills.
Ability to perform intermediate level mathematical calculations.
Excellent interpersonal skills with ability to communicate effectively with others.
Ability to work independently.
Ability to prioritize work.
Ability to analyze complex problems and recommend possible solutions.
Alpha and numeric recognition.
Abstract and logical reasoning.
Decision making ability.
Ability to adapt to a changing environment.
Ability to make and receive phone calls.
Ability to lift approx. 50 lbs. and transport 25 feet.
Hand and eye coordination adequate for data entry.
Ability to operate a city vehicle.
SUPERVISORY RESPONSIBILITY (Direct & Indirect):
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.