Job Description :
Location: Phoenix AZ
Duration: CTH
Roll: Phoenix, AZ - IT - AZDOA - ASET - Information Security Engineer Sr.
56473.
GC and citizen.
NO H1B candidats
JOB DESCRIPTION:
The Division of Arizona Strategic Enterprise & Technology (ASET) is looking for a highly-motivated individual to join our team as a Senior Information Security Engineer to play an essential role in protecting the confidentiality, integrity and availability of State of Arizona information and systems. The Senior Information Security Engineer ensures that the appropriate security controls, standards and procedures are in place and are properly configured to protect confidential information and systems used by the State from known and unknown internal or external threats. These threats include, but not limited to identity theft, data loss, data damage, unauthorized access and cyber-attacks. This position defends the State against attacks which disrupt, destroy, or threaten the delivery of essential services for the State.
ESSENTIAL TASKS:
Major duties and responsibilities include but are not limited to:
Day-to-day operational support of the hardware, software and managed solutions that protect State of Arizona systems and networks from cyber attacks
Ensuring compliance with Statewide Information Security policies, NIST, FIPS, ISO, PCI, HIPAA and other organizational standard requirements to prevent data loss and/or data ex-filtration
Participating and assisting with information security monitoring alerts and incident responses. Performing and leading in-depth information security forensics and assist with State agencies with formal information security investigations
Responding promptly to any state agency's requests for assistance, maintaining adherence to organization's SLA goals of service excellence and exceeding customer expectations
Participating in enterprise information security projects by evaluating infrastructure and applications as they relate to information security architecture, directives and policies
Training technical personnel, responding to service tickets and handling ticket escalations
Applying creative solutions to business problems to ensure business needs are effectively met. Identifying opportunities and assisting with implementing solutions to improve efficiency and reduce waste; and other duties as assigned
KNOWLEDGE, SKILLS, & ABILITIES:
Considerable working knowledge of information security technologies; industry trends and best practices in the areas of information security protections, incident response, risk assessment, compliance and vulnerability management
Considerable working knowledge of information security applied within large enterprise environments
Considerable working knowledge of NIST, FIPS, ISO, PCI and HIPAA
Working knowledge of information security controls and best practices applied to cloud solutions and large data center solutions
Excellent customer services, interpersonal, written and oral communication skills
Excellent technical troubleshooting and problem solving skills
Demonstrated ability to balance, prioritize and organize multiple tasks
Demonstrated ability to develop and write technical documentation
Demonstrated ability to work collaboratively in teams and across organizations
Special consideration will be given to candidates with previous experience in:
Working knowledge of PKI solutions, Microsoft Certificate Services, Hardware Security Modules and cryptographic based protocols like PGP Universal, X.509, Kerberos, PGP, SSL/TLS and IPsec
Consulting with business, project and technical leads on requirements for employing cryptographic capabilities and leveraging encryption services.
DAILY TASK EXAMPLES:
Security Operations Center (SOC):
Perform threat analysis, evaluate findings, report and recommend mitigation / remediation on state networks
Review firewall and system logs
Review SIEM (Splunk, Secureworks)
Governance/Risk Management/Compliance:
Perform Cloud Vendor Security Assessments (AZRAMP)
Review of BAAs, contract security wording, and task order security sections