Job Title

Job Family

Job Code

Job Exempt

Information Systems Security Officer II

Non_Bargaining

CL-AIM41

Pay Grade

Pay Rate Type

Minimum

Midpoint

Maximum

NB112

Salary

$31.59

$40.29

$48.98

Job Description

Performs support functions to adhere to the fundamental principles of information security, confidentiality, and integrity. Performs security readiness reviews; conducts periodic security and system audits for internal audit and regulatory compliance; and performs a variety of technical tasks to support the protection of systems and digital assists involving the design, selection, implementation, tuning, and maintenance of security monitoring appliances. Periodically reviews solutions and hardware to ensure a secure configuration has been deployed. Primary duties include identifying possible vulnerabilities and work with functional areas to eliminate or mitigate risks. Is responsible for user provisioning where applicable. Interacts with Applications Development staff, providing consultation, problem resolution, and change management implementation. Collaborates with management and IT Department to improve security. Educates colleagues about security software and best practices for information security. Reports to the Information Security and Compliance Manager. Work is performed under general supervision and is reviewed upon completion through meetings, system performance, and assigned tasks.

Minimum Qualifications:

Bachelor's Degree with major coursework in Computer Science and at least three (3) years work experience related to IT security, multi-user computer system/network administration, management or support; or an equivalent combination of specifically related education, training, and experience. Must pass police background investigation.

Additional Qualifications for Promotion

Promotions are not to be considered an automatic function of longevity and are subject to the review and authorization of the Supervisor. The employee’s last performance review must have resulted in an overall rating of Meets standards or better with no factor rating of less than meets.

Responsibilities

EXAMPLES OF WORK PERFORMED:

Note: The listed duties are only illustrative and are not intended to describe every function that may be performed by this job class. The omission of specific statements does not preclude management from assigning specific duties not listed if such duties are a logical assignment to the position.

Acts as a consultant with regard to system software or technical questions from clients. Consults with service personnel regarding problems to ensure continuous operation of the system, remote communication lines, controllers (remote and local), terminals, and printers.

Keeps abreast of all the latest developments in the computer field including system software, control language, file generation, screen and report design, and text management.

Monitors and analyzes system logs, journals, and statistics to determine security violations; monitors and modifies the operating system values in the main computer systems.

Evaluates, tests, and installs vendor supplied system program fixes to the main computer systems operating system. Recognizes, interprets, and initiates resolution of any main computer system problems, halts, or shutdowns.

Monitors performance and operation of various software operating packages and adjusts as needed or requested.

Develops system proposals, documentation, and procedures; analyzes main computer systems hardware and software proposals; and assists management with regards to recommendations.

Manages Office 365 platform; creates and maintains email accounts, distribution groups, shared mailboxes, and email account licensing; and analyzes and takes action on phishing emails.

Manages SSH keys for secure connections to vendor sFTP servers, integrations, and file encryption keys.

Manages and supports cyber key management system; ensures system functionality; and oversees keys, users, and access permissions.

Provides management and support of video management system application including user account administration, IP camera configuration; and software operating system hardening.

Manages and supports security information and event management software and platform components; ensures system functionality, log source administration, and intelligence engine fine tuning and alarming; and handles related investigations.

Manages mobile device management platform to ensure system functionality and mobile device administration.

Manages and supports the physical access control system; ensures system functionality; and manages personnel physical access throughout the organization.

Manages and supports the vulnerability management system to review and take action based on vulnerability reports.

Manages and supports password management platform; ensures system functionality; and manages password assets per needs of the organization.

Manages Active Directory database for user accounts, computer accounts, service accounts, and access permissions.

Manages Workday user accounts and permissions, security roles, and integration configurations; manages asset transfers to/from cost center.

Manages other assigned platforms; conducts vulnerability investigations of these platforms; and administers related user accounts

Performs other duties as assigned.

KNOWLEDGE, SKILLS AND ABILITIES:

Knowledge of mini and mainframe computers and various computer programs, system analysis procedures and computer operations.

Knowledge of Windows, AS/400, Linux, and UNIX operating systems.

Knowledge of modern information systems and data processing concepts, techniques and operating principles.

Knowledge of the capabilities, limitations and uses of electronic computers and peripheral equipment and techniques of translating user requirements into structured applications and programs utilizing available resources.

Knowledge of security implementations and auditing in the mid-range computer environment.

Ability to operate personal computer for extended periods of time.

Ability to analyze and modify configuration of the main computer systems and modify system values to optimize machine utilization and performance.

Ability to troubleshoot and resolve system problems and malfunctions.

Ability to establish and maintain effective working relationships with employees, and vendors.

ADDITIONAL REQUIREMENTS FOR PROMOTION:
Last performance evaluation must have resulted in an overall meets standards rating or better with no goal rating of less than meets standards.

Promotions are not to be considered as an automatic function of longevity. Requests for promotion are to be initiated by the program manager, considered in view of employee performance evaluations, and are subject to the review and authorization of the Manager.