Job Description :
Title: IT Security Specialist

Duration: 06 Months

Location: Raleigh, NC

Job Description:

The City of Raleigh is seeking an individual with good security acumen, an understanding of current technology/processes, and a positive mindset for our Enterprise Information Technology (IT) Security Specialist position.

The Role

This position provides centralized coordination, administration and support for the many elements of a distributed security infrastructure operated by City IT. This position will use and apply the knowledge of various technologies to help the City meet its business requirements in a secure manner while managing risk. This position is responsible for assessing information risk and facilitating remediation of identified vulnerabilities & risk across the organization. Acts as a technical resource to associates, department managers, and others within the organization who are seeking more information about information security. The position reports to the Enterprise IT Security Manager and works closely with teams within the Information Technology department as well as other departments throughout the city. This includes business capability owners, application development, technology support and operations to provide guidance on the compliance and protection of the City of Raleigh information assets. Participate in the planning, design, installation, and maintenance of security systems in support of security policies. Work with Information Technology staff and business units to assess risk and address security issues.



Essential Duties and Responsibilities (Not intended to be all inclusive)

Work within our existing security technology portfolio to report violations, implement security improvements, evaluate trends and anticipate requirements.

Engage in day-to-day support of the customers, partners, and systems involved in various organizational processes.

Responsible to monitor and detect risks to the organization, identify sources and methods of attack, locate and preserve electronic evidence as needed.

Will analyze, recommend, develop, implement and maintain systems and processes that protect business and client information.

Ensures that the Antivirus platform is properly maintained and that all enterprise computers and devices have proper protection, signatures, and revisions. This includes evaluation of current policy sets and modification where needed to improve security posture or system performance.

Configure and maintain email security settings. This includes the profiles that dictate permitted flows, including blocked domains, blocked file types, and banner / appended messages.

Work within Cisco Umbrella to manage policies and evaluate effectiveness related to client and server DNS protection.

Develop, implement, and operate access management technology and processes as part of an enterprise cyber security program.

Develop and maintain access management reports and processes to identify access events, exceptions, or trends which require investigation, remediation, or mitigation.



Experience

Enterprise domain experience is a must.

Knowledge of Active Directory, DNS, DHCP, GPO, PKI.

Understanding of networking concepts and configurations.

Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.

Demonstrated knowledge in SIEM solution(s) (LogRhythm, Splunk, ArcSight, etc.

Demonstrated knowledge with Endpoint protection solutions.

Expert understanding of varying security applications (WireShark, MetaSploit, etc.

Understanding of common security frameworks (ISO, NIST, HiTrust

Understanding of varying industry data standards (PCI, HIPAA, etc.

Strong understanding of parsing, analyzing and identifying events through security logs.



Education

Bachelor’s degree in information technology or directly related field and two years of professional experience related to assignment.

OR

An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.



Certifications, Licenses, Registrations

Proven history of being involved in ongoing learning and certifications tracks is beneficial. Security based certifications (CISSP, Security+, Cisco CCNA Security, etc are recommended but work experience and knowledge can substituted if adequate.




Skill


Required / Desired


Amount


of Experience

Knowledge of Active Directory, DNS, DHCP, GPO, PKI.


Desired


5


Years





Understanding of varying networking protocols (TCP, UDP, SSH, SSL, etc.


Required


5


Years

Demonstrated knowledge in SIEM solution(s) (LogRhythm, Splunk, ArcSight, etc.


Desired


3


Years

Expert understanding of varying security applications (WireShark, MetaSploit, etc.


Required


5


Years

Understanding of common security frameworks (ISO, NIST, HiTrust


Required


5


Years

Understanding of varying industry data standards (PCI, HIPAA, etc.


Required


5


Years

Understanding of networking concepts and configurations.


Required


5


Years

Demonstrated knowledge with Endpoint protection solutions.


Required


5


Years



if interest Please provide me below information:

· Full Name:

· Email ID:

· Contact:

· Address:

· Availability:

· Passport No :

· Last 4 digit SSNO:

· Availability for Interview:

· Visa Status:

· Visa Expiry date (MM/DD/YYYY):

· Relocation:

· Rate:

· LinkedIn ID :

Professional Reference :1

· Full Name :

· Company Name :

· Title :

· Telephone :

· Email id :

Professional Reference :2

· Full Name :

· Company Name :

· Title :

· Telephone :

· Email id :