General Statement
Under direction, participates in the administration and support of the District-wide Information Technology security plan.
Essential Job Functions
Essential job functions are fundamental, core functions common to positions in a classification. They are not intended to be an exhaustive list of all job duties for any one position in the class. Since class specifications are designed to be descriptive and not restrictive, incumbents may complete one or all of the job duties listed or tasks of similar kind not specifically listed here.
- Participates in the planning and design of enterprise security architecture, under the direction of the IT Manager, where appropriate.
- Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Manager, where appropriate.
- Participates in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the IT Manager, where appropriate.
- Monitors and manages servers and coordinates antivirus incident response; updates systems with the latest antivirus software, definitions and patches.
- Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Performs the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.
- Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
- Maintains operational configurations of all in-place security solutions per the established baselines.
- Monitors all in-place security solutions for efficient and appropriate operations.
- Reviews logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.); interprets the implications of that activity and devises plans for appropriate resolution.
- Participates in investigations into problematic activity.
- Participates in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provides on-call support for end-users for all in-place security solutions.
- Participates in security investigations and compliance reviews, as requested by internal or external auditors.
- Monitors daily or weekly reports and security logs for unusual events.
- Works within the information security governance process to define control recommendations that are both efficient and effective.
- Supports e-discovery processes to include identification, collection, preservation and processing of relevant data.
Other Job Functions
- Performs other duties as assigned.
Environmental Conditions
Work is performed in a typical office environment and requires the use of standard office equipment including computers.
Desirable Knowledge, Skills and Abilities
- Knowledge of access control security measures in a Microsoft Windows environment.
- Knowledge of software and hardware support practices and procedures in a TCP/IP network environment.
- Customer service skills.
- Ability to identify and resolve user configuration and profile issues.
- Ability to communicate effectively, orally and in writing.
Minimum Qualification Requirements
Graduation from a four-year accredited college or university majoring in information technology, computer science or a closely related field.
Substitution
Full-time paid experience in developing, implementing and/or administering system security standards and procedures may be substituted for the required education on a year-for-year basis.
Promotional Requirement
- Possession of a bachelor’s degree in information technology, computer science or a closely related field.
- One year of service with the District as an IT Support Analyst II, IT Support Analyst I, System Support Specialist II, Administrative Assistant, Administrative Specialist, Human Resources Assistant, Secretary or Senior Administrative Specialist.
- Civil service status in one of the foregoing classifications.
CLASS: 20004310;
EST: 1/1/2016;
REV: 1/1/2019;