Internet Storm Center

Job Description

PROBATIONARY EMPLOYEES ARE NOT ELIGIBLE TO APPLY FOR VACANCIES OR PROMOTIONS DURING THEIR PROBATIONARY PERIOD

All education provided on your application must be supported by attaching a scanned copy of your high school diploma, transcription or college/university transcript.

Work Year Calendar and Hours

12-month position (260 days / year), 8 hours per day
Daily work hours: TBD

For more information about employee benefits please go to: www.fcps.org/benefits

Salary

Technology Salary Grade T25: $48.79 per hour; starting

Under the Fair Labor and Standards Act this position is non-exempt from overtime. Actual salary placement will be in accordance with the salary procedures of the Frederick County Public School System.

Role

Reporting directly to the Supervisor of Data Systems, Network Architecture & Security, the Cyber Security Administrator provides support, technical direction and expertise of all cyber security aspects including documentation, policy, planning, coordination, administration, and implementation.

Essential Functions

Ensures system security needs are established and maintained for operations, development, security requirements, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, security controls, incident response, and provides analytical support for security policy development and analysis
Research, develop and recommend security policies, procedures, standards and processes
Implements and maintains Information Systems (IS) security and documentation as mandated by federal, state, county and internal requirements. Performs routine system audits and verifies IS security compliance
Maintains network security audit documentations and gathers required corresponding reporting information
Prepares security remediation documentation and generates security reports. Report common and repeat problems (trends) to management and suggest process or technical improvements as needed
Proactively researches, analyzes, identifies security vulnerabilities and implements appropriate security counter measures. Configure systems to monitor for indicators of cyber-security events/compromise
Proactively monitor and provide information regarding intrusion events, security incidents, and other threat indications. Implement and oversee application security, access control, and corporate data safeguards
Integrates new architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integrations and testing issues
Update secure configurations by routinely reviewing vendor sites, bulletins, and notifications for security information
Implement, configure and oversee enterprise antimalware and operating systems/application update patch solutions; Ensures all systems are protected and updated (patched)
Coordinates and reviews Vulnerability Assessments and Penetration Testing
Works with Engineers to design, implement, document and test disaster recovery, business continuity and highly available infrastructure
Continuously identifies opportunities for process and security improvement and implements applicable technologies and/or process changes
Implement and configure security information and event management systems and proactive monitoring tools.
Regular and predictable attendance.


Required Qualifications

Education/Training/Experience

Bachelor’s Degree in Technology. Five (5) year of experience in the Information Technology cyber security field may be in lieu of degree.
Experience auditing large-scale network infrastructure including experience managing, hardening, and securing Windows Servers and Clients.
Experience and broad knowledge of databases and data extraction, TCP/IP, Ethernet, ACLs, VLANs, encryption, Windows object permissions/privileges and other network and security protocols/configurations.
Experience administering, securing and working within a large Microsoft Windows environment.

Certification/License

None.

Knowledge/Skills/Abilities

Knowledge and use of culturally responsive practices.
Understanding with Cyber Security Operations (monitoring, detection, incident response, forensics) required.
Demonstrated experience with security event management collection systems and integration (SIEM/LEM)
Familiar with FERPA, CIPA, COPPA, HIPAA compliance
Security+, CySA+, and/or another general security knowledge or security auditing focused certification
Familiarity with cryptography, cryptographic algorithms, cipher suites, confidentiality, integrity, authentication, and non-repudiation standards and implementation
Ability to work off-hours as needed/required
Demonstrated ability to work with minimal supervision
Demonstrated ability to independently and effectively complete work assignments and projects in a timely fashion. Demonstrated ability to meet deadlines
Capable of performing the essential functions of the position with or without reasonable accommodations.
Ideal candidate will have an intimate understanding of vast array of technologies and be motivated to constantly learn new technologies
Coordinates training material for end users as it relates to information security
Performs multi-tiered incident, change management, problem resolution and end-user support
Interfaces with internal and external customers and vendors to determine network security infrastructure needs
Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining certifications, etc.
Remain technically current and competent by learning new technologies and obtaining certifications as requested by management
Performs other duties as required.

Physical Requirements

Ability to speak in an understandable voice with sufficient volume to be heard in normal conversation and on the telephone and in addressing groups.
Ability to travel to school and other local locations, sometimes with little notice.
Ability to maintain emotional control under stress.
Ability to spend long hours sitting.
Ability to reach with hands and arms.
Sufficient manual dexterity to grasp, handle, manipulate, and/or feel objects and use office technology.
Sufficient mobility to move about the work area.
Sufficient vision to read and comprehend printed materials, see distant objects with clarity, and identify and distinguish objects.
Sufficient hearing to hear and comprehend conversations in person and on the telephone, as well as distinguish sounds up to twenty (20) feet.
Occasionally climb or balance.
Occasionally stoop, kneel, crouch, or crawl.
Occasionally lift twenty-five (25) pounds.

Work Environment

Moderate noise (examples: office environment with computers, printers, and telephones; regular conversations within offices, cubicles, hallways, and conference rooms; meetings one-on-one, in small groups, and large settings, etc.).

Preferred Qualifications

Education/Training/Experience

Post-secondary degree in a technical/STEM or Accounting discipline
Experience with Google Apps for Education (GAFE)/Google Workspace for Education
Experience with Chromebooks.
Experience with Elastic Security / ELK.
Experience with JAMF.
Experience with Microsoft Azure/Azure AD.
Experience with Linux operating systems.
Experience with MFA and PIV cards.
Demonstrated experience performing and analyzing network packet captures using packet analyzers such as Wireshark.
Experience writing, maintaining and/or reading scripts preferably PowerShell.
Experience with virtualization.
Experience with desktop management preferably Microsoft Endpoint Configuration Manager (MECM)/System Center Configuration Manager (SCCM).
Experience implementing high availability network systems.

Certification/License

ISACA CISA, GIAC GSNA, ISC2 CISSP, and/or CompTIA CASP.

Knowledge/Skills/Abilities

Work experience in education setting especially K-12.
Knowledge of NIST SP 800-53, FISMA, PCI DSS.
Knowledge of web application vulnerabilities such as SQLi, XSS, XSRF, SSRF, IDOR, LFI/RFI, OWASP Top 10, etc.
Understanding of web servers and secure web server configurations.


FREDERICK COUNTY PUBLIC SCHOOLS IS AN EQUAL OPPORTUNITY EMPLOYER

THIS JOB DESCRIPTION HAS BEEN WRITTEN TO INDICATE THE GENERAL NATURE AND LEVEL OF WORK PERFORMED BY AN EMPLOYEE HOLDING THIS POSITION. IT IS NOT WRITTEN TO INCLUDE OR BE INTERPRETED TO INCLUDE A COMPREHENSIVE INVENTORY OF ALL DUTIES, RESPONSIBILITIES, AND QUALIFICATIONS REQUIRED OF THE EMPLOYEE. NOTHING IN THIS DESCRIPTION RESTRICTS MANAGEMENT’S RIGHT TO ASSIGN OR REASSIGN DUTIES AND RESPONSIBILITIES OR ADD REQUIRED QUALIFICATIONS AT ANY TIME.