It Professional 3 - Information Security

This position is located within the Secretary of State's IT Division in Carson City or Las Vegas and serves as part of the Information Security team for the Nevada Secretary of State. The role is responsible for contributing to and overseeing an agency-wide cybersecurity program, as well as managing responses to security incidents in accordance with all responsibilities defined by State policy. Working under limited supervision, this position will coordinate with all Secretary of State divisions and may advise Nevada county partners regarding technical issues, cyber intelligence, and cyber incidents or attacks. The role will also provide technical explanations, interpretations, and recommendations to Executive Staff. This position reports to the agency Information Security Officer (ISO) and will serve as the backup for all ISO responsibilities. The ideal candidate will be familiar with industry-standard information security policies, standards, and frameworks, and will have experience with security technologies such as firewalls, EDR solutions, ransomware indicators, and next-gen vulnerability management. This is a full-time, on-site position with a Monday-Friday schedule from 8:00 a.m. to 5:00 p.m.

Bachelor's degree from an accredited college or university in computer science, management information systems, or closely related field and three years of professional IT experience relevant to the duties of the position which may include computer operations, systems administration, network administration, database administration, applications analysis and development, and/or information security, one year of which was at the journey level; OR one year of relevant experience as an IT Professional II in Nevada State service; OR an equivalent combination of education and experience as described above.Conduct detailed alternative analyses and determine end-user requirements through consultation with end-users, technicians, vendors, management, and others.

Maintain documentation related to the assigned IT specialization's architecture, operations, and other records of work activities as required.

Maintain current knowledge of technological trends and advancements in the IT field as well as security management practices, laws, policies, and ethics.

Participate in recommending and justifying resource allocations and expenditure decisions, tracking, and recording expenditures, preparing purchase requests, and writing technical requirements for grant proposals.

Perform related duties as assigned.

Under general direction, incumbents perform advanced journey level duties and may train, supervise, and evaluate the performance of subordinate staff and/or serve as a project leader as assigned. Incumbents may function as a unit leader to include directing the activities of a branch IT support unit, overseeing projects of limited scope, and coordinating activities with other work groups. This is a supervisory level for Computer Operations and the journey level for Information Security positions. This job specification lists the major knowledge, skills and abilities of the job and is not all inclusive. Incumbent(s) will be expected to have knowledge, skills and abilities from a previous level.

Computer Operations:

Detailed knowledge of: basic elements of programming in order to generate all required reports and special projects as required of the data processing section; computer operating system including all functions, schedules, workflows, and processes; data communication networks; principles of operation, capabilities and limitations of a computer system and related environmental equipment in order to efficiently and effectively produce the final work product; supervisory principles and techniques.

Working knowledge of: diagnostic procedures as needed in verifying systems; principles of operation, capabilities and limitations of a computer system and related equipment to produce the final work product efficiently and effectively; the principles of operation, capabilities and limitations of a multi-programming computer system and related equipment.

General knowledge of: computer programming documentation techniques as needed in setting up and verifying systems programs.

Ability to: analyze and develop current and proposed computer operation procedures for efficient and effective operations; anticipate changes and new directions within the data processing environment; plan, organize and direct a twenty-four hour, seven-day-a-week shift operation of a computer system; understand and apply technical manuals, environmental requirements and physical planning.

Systems Administration:

Detailed knowledge of: Some positions require knowledge of specific departmental information systems.

Working knowledge of: principles of designing test procedures; principles, practices, and procedures required to design, analyze, and maintain software; principles, tools, and techniques as applied to writing and modifying programs; systems programming languages and techniques.

General knowledge of: capacity planning techniques; performance monitoring principles and related software products; telecommunication technology and related systems software; various systems software products and their interrelationships; vendor procedures for applying maintenance and temporary fixes.

Ability to: communicate effectively orally and in writing; evaluate and tailor information system hardware and/or software to meet local requirements; implement auxiliary software and subsystems; maintain effective working relationships with others; provide mid-level technical consultation and training; recommend and implement system changes.

Skill in: implementing changes to a variety of networking systems; managing large volumes of data on various storage media.

Network Administration:

Detailed knowledge of: directory services; network operating systems; network problem troubleshooting; concepts, characteristics, and capabilities of network based applications; current and emerging trends in developing computer networking technology; principles and practices of data backup and recovery; the principles, practices, and techniques used to install, maintain, and support LANs and wide area networks (WANs); computer network communication protocols; the concepts, characteristics, and capabilities of computer operating systems.

Working knowledge of: the methodology for implementing distributed applications; network authentication; data storage networks; network security design and implementation; network communications hardware such as routers, switches, and firewalls; systems integration and optimization; virtual private networks and virtual LANs.

Ability to: recommend hardware to solve network issues; verify router configuration and optimize routes; perform cost/benefit analysis; present network design concepts to management and users; integrate servers into a geographically dispersed network; participate in vendor interaction and verify that requirements are met; verify efficient interconnectivity of distributed applications; verify network capacity and provide utilization statistics; configure and upgrade data storage networks; solve network problems; interpret technical manuals.

Database Administration:

Detailed knowledge of: physical and logical database structure and design; database backup and recovery scenarios and methodologies; database security management and data integrity.

Working knowledge of: computer and network operating systems, computer hardware, and communications systems; database and operating system performance tuning monitoring; business practices and procedures; customer service standards and procedures; business software, systems analysis, systems design, system development lifecycle, and information architecture to effectively design and create databases; structured query language.

Ability to: coordinate system design, applications and software programming, and computer operations activities relative to the database environment.

Applications Analysis and Development:

Detailed knowledge of: basic programming techniques such as table handling and on-line file updates; general purpose programming languages (in software-oriented positions); principles, tools and techniques as applied to writing, modifying, and documenting programs; techniques of diagramming program flow.

Working knowledge of: access methods and file structures; at least one formal systems design methodology; principles of designing test procedures; principles, practices and procedures required to develop, design, and implement information system-based solutions in a wide range of problem domains.

General knowledge of: project control techniques, including cost estimating and resource scheduling.

Ability to: utilize interactive programming techniques; logically analyze problems of considerable complexity; test and validate information systems.

Information Security:

Working knowledge of: three of the ten security domains; current principles, theories, practices, and procedures of information security management.

General knowledge of: general-purpose security controls; current information security trends and technologies.

Ability to: develop plans to safeguard against accidental or unauthorized modification, destruction or disclosure of data to meet security needs; assess costs and present alternatives for the assigned area of responsibility; participate in long-term projects and strategic planning; organize resources and materials in order to meet project timelines; assess the security and/or vulnerability of information assets to assist in developing a risk assessment; analyze data, solve problems and make appropriate decisions within three of the ten domains; provide effective and responsive customer service; establish and maintain positive working relationships with others; develop and implement information security training materials and workshops.

Skill in: technical writing, report preparation and oral communication.

Recruiter Contact Information: Susan Fowler - ...