IT Security Engineer
IT Security Engineer
PeopleSoft ID: 4421
Formal review of applications begins: May 5, 2021
Department: Information Systems - AIS
Key Position Information:
Focus is on quality control within the IT infrastructure. This includes designing, building and defending scalable, secure, and robust systems; working on operational data center systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect those networks. Those strategies generally include monitoring and protecting sensitive data and systems from intrusions.
Typical Essential Duties
- Monitor IT infrastructure security and performance trends and apply best security practices as governed by IT Security policies and procedures;
- Conduct IT infrastructure vulnerability assessments and compliance auditing;
- Manage the configuration of the security information and event management configuration and Intrusion Detection/Prevention systems;
- Implement information technology standard operating procedures and facilitate necessary updates as technology changes;
- Participate in design review, generate technical diagrams, create test plans, procedures and technical documentation as necessary for IT systems;
- Monitor networks and systems for security incidents, through the use of software that detects intrusions and anomalous system behavior;
- Assist Information Security Officer (ISO), to investigate IT security incidents, including steps to minimize the impact and then conducting a technical and forensic investigation into how the incident happened and the extent of the damage;
- Provide tactical analysis and develop specialized response actions to respond to and recover from IT security incidents;
- Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats;
- Awareness training of staff, faculty and students on information security standards, policies and best practices;
- Configuration and use of firewalls, data encryption and other security products and procedures;
- Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses.
This is the fourth of six levels in the Information Technology series. Incumbents coordinate and implement the maintenance, use and enhancement of software or hardware systems critical to the operation of the College. Responsibilities may include analyzing system capabilities and implementing process and procedure changes to better utilize software or hardware; coordinating with software vendors regarding software support and system enhancements; coordinating projects involving the implementation of new software or hardware, or system changes; and training end users.
Bachelor’s degree in a related field to assigned area.
Completion of information technology certifications and specialized industry training (ISC2, SANS, Microsoft, Cisco, etc.) is preferred.
Five (5) years of information technology experience in at least one of the eight ISC2 CBK domains. Solid and current understanding of network security vulnerabilities and counter measures.
* An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job may be acceptable in lieu of those requirements listed above.
- Endpoint security solutions, file integrity monitoring and data loss prevention
- Cloud platform as a service (IaaS, PaaS, SaaS) security
- Automating security testing tools
- MS Visio (technical diagrams);
- Systems analysis and design principles;
- Project management principles;
- Applicable programming languages;
- NIST IT Security standards & principles;
- Web site development methods, principles, and practices;
- Operating systems;
- Customer service principles;
- Training principles;
- Computers and related software applications.
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering;
- Utilization of risk assessment tools, technologies and methods;
- Ability to design secure networks, systems and application architectures;
- Disaster recovery, computer forensic tools, technologies and methods;
- System administration, supporting multiple platforms and applications;
- Expertise with mobile code, malicious code, and anti-virus software;
- Data mining, interpreting server and other infrastructure logs;
- Ability to communicate network security issues to peers and management;
- Ability to multi-task;
- Detail oriented;
- Strong organizational skills;
- Ability to thrive in fast-paced, high-stress situations.
- Positions in this class typically require: reaching, standing, walking, grasping, feeling, talking, hearing, seeing and repetitive motions.
- Sedentary Work: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met.
These duties are a representative sample; position assignments may vary.
Monitor IT infrastructure security and performance trends, implement best security practices;
Daily - 20%
Conduct IT infrastructure vulnerability assessments and compliance auditing; Manage the configuration of the security information and event management system and IPS/IDS/SIEM;
Daily - 30%
Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats;
Daily - 20%
Develop and update information technology procedures and network documentation; Participate in design review, generate technical diagrams, create test plans and procedures;
Daily - 10%
Investigate security breaches and develop strategies to respond to and recover from a security breach.
Daily - 20%
Performs other duties of a similar nature or level.
To apply, visit https://web.spcollege.edu/hrapp/job/4421
The Board of Trustees of St. Petersburg College affirms its equal opportunity policy in accordance with the provisions of the Florida Educational Equity Act and all other relevant state and federal laws, rules and regulations. The college will not discriminate on the basis of race, color, ethnicity, religion, sex, age, national origin, marital status, pregnancy, sexual orientation, gender identity, genetic information, or against any qualified individual with disabilities in its employment practices or in the admission and treatment of students. Recognizing that sexual harassment constitutes discrimination on the basis of sex and violates this Rule, the college will not tolerate such conduct. Should you experience such behavior, please contact Pamela Smith, the director of EA/EO/Title IX Coordinator at 727-341-3261; by mail at P.O. Box 13489, St. Petersburg, FL 33733-3489; or by email at firstname.lastname@example.org.