City Of Ocala, FL Ocala , FL 34470
Posted 5 days ago
Description
The Cyber and Physical Security Officer will be responsible for maintaining and documenting the security profile of the City's information (IT) and operational technology (OT) networks and facilities. The security officer will work closely with both the infrastructure team as well as operations team to ensure tight collaboration and integration of security solutions. The officer must possess the ability to perform security requirements elicitation, analysis and specification with a working ability to identify architecturally significant requirements and their ramifications. Develop attack and defense methodologies for high-risk computer networks. This position is a supervisory position, responsible for highly technical and professional personnel within the security division.
Examples of Duties
Stay informed about the latest cybersecurity trends, threats, and technologies to continuously improve security measures.
Initiates and coordinates all network security and physical security related projects through all phases of the project
Evaluate the effectiveness of existing cyber and physical security measures, such as firewalls, password policies, intrusion-detection systems, camera monitoring and badge access and make recommendations for improvements and implementation.
Manages and maintains contracted security guard force to ensure all post orders and duties are fulfilled.
Oversee governance, risk, and compliance program to ensure adherence with standards, policies, procedures, and regulations.
Promote appropriate security best practices and fundamentals in architectural design, engineering, and implementation in both information technology (IT) and operational technology (OT) areas.
Perform security auditing, assessments, and evaluation vulnerability testing tools and procedures.
Develop policies that give managers and employees varying levels of access to corporate applications, systems and data.
Provides service consultation and support towards information security related projects and or solutions
Perform enterprise security architecture requirements analysis and design, support/lead engineering and deployment activities.
Provide ongoing engineering support for deployed security technologies, support security design reviews for all application and technology rollouts.
Review proposed changes in the technology environment for security implications.
Evaluate and implement new technology and security products for relevancy to the city's overall security strategy and in support of new business requirements/initiatives.
Conduct regular security assessments and audits to identify and address vulnerabilities.
Coordinate with various project teams to communicate the necessity of security requirements and design constraints as part of SDLC or vendor supplied applications.
Oversee the installation and maintenance of security systems, including access control, surveillance, and alarms.
Monitor and respond to security incidents, including conducting investigations and implementing corrective actions.
Participate in the engagement of outside agencies such as CISA, DHS, FBI, etc. to stay abreast of the changing cybersecurity landscape.
Responsible for ensuring all endpoints are protected with malware detection software and that updates are applied on a timely basis.
Responsible for providing security related expertise in the administration and support activities for the organization's email server and client systems, including configuration, data protection, and availability.
Leads or commissions suitable information security awareness, training and educational activities.
Perform any other related duties as assigned.
Minimum Qualifications
QUALIFICATIONS
To perform this job successfully, an individual must be able to perform each essential duty mentioned satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
EDUCATION AND EXPERIENCE
Graduation from an accredited 4-year college with major coursework in Computer Engineering or related field.
Minimum of 4 years of paid experience in administration or management of computer hardware, software, and networking.
Must possess Network+ and Security+ certifications.
An equivalent combination of training and professional experience may substitute for educational requirements
REQUIRED CERTIFICATES, LICENSES, REGISTRATIONS
Must possess a valid Florida Driver's License with an acceptable driving record.
CompTIA A+, CompTIA Network+, CompTIA Security+, or CompTIA CSIS
ISC2 CISSP within first year of employment
Supplemental Information
RESPONSIBILITY FOR FUNDS, PROPERTY and EQUIPMENT
Annual Budget: $
SUPERVISORY RESPONSIBILITIES
This position will directly supervise 4 employees.
This position may indirectly supervise 1 employees.
If applicable, supervisory responsibilities include interviewing, hiring and training employees; planning, assigning and directing work; appraising performance, rewarding and disciplining employees; addressing complaints and resolving problems.
ANALYTICAL ABILITY / PROBLEM SOLVING
MODERATELY DIRECTED. Activities covered by wide-ranging policies and courses of action, and generally directed as to execution and review.
PLANNING
With regard to general assignments in planning time, method, manner and/or sequence of performance of own work. CONSIDERABLE RESPONSIBILITY; in addition, the work operations of a group of employees, all performing Basically the same type of work.
DECISION MAKING
Performs work operations which permit opportunity for decision-making of minor importance. FREQUENTLY;
Performs work operations which permit opportunity for decision-making of major importance. FREQUENTLY;
COMMUNICATION SKILLS
Ability to read, analyze, and understand the most complex documents;
Ability to respond effectively to the most sensitive inquiries or complaints.
MATHEMATICAL SKILLS
Ability to comprehend and apply principles of advanced calculus, modern algebra, and advanced statistical theory.
CRITICAL THINKING SKILLS
Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
SUPERVISION RECEIVED
Under GENERAL SUPERVISON where standard practice enables the employee to PROCEED ALONE on routine work, referring all questionable cases to supervisor.
MENTAL DEMAND
INTENSE; Operation requiring sustained directed thinking to analyze, solve, or plan highly variable, administrative, professional, or technical tasks involving complex problems or mechanisms.
USE OF MACHINES, EQUIPMENT AND/OR COMPUTER
Highest level of network engineering, subject matter experts and telecom engineering and/or comprehensive information system management executive for Information Systems or Information Technology operations.
ACCURACY
Probably errors would normally not be detected in succeeding operations and would definitely have serious effects in relationships with patrons and/or with the operations of other segments of the organization.
PUBLIC CONTACT
Regular contacts with patrons, either within the office or in the field. May also involve occasional self-initiated contacts to patrons. Lack of tack and judgment may result in a limited type of problem for the organization.
EMPLOYEE CONTACT
Continuous contacts frequently involving difficult negotiations with require a well-developed sense of strategy and timing. Involves contacts with senior level internal officials.
PREFERRED CERTIFICATES, LICENSES, REGISTRATIONS
ISC2 CISSP
SOFTWARE SKILLS REQUIRED
10-Key Advanced
Accounting Basic
Alphanumeric Data Entry Mastery
Contact Management Basic
Database Intermediate
Enterprise Resource Planning Basic
Human Resources Systems Basic
Payroll Systems Basic
Presentation/PowerPoint Intermediate
Programming Languages Intermediate
Spreadsheet Intermediate
Word Processing/Typing Intermediate
ADDITIONAL SOFTWARE SKILLS
Good understanding of network protocols and network components.
Experience configuring Windows workstations, Windows Server, network switches, and firewalls. Familiar with relational database administration.
Experience with virtual server configuration and management.
Scripting experience in one or more modern languages including Python, BASH, or PowerShell. Ability to physically install desktop computers, printers, servers, and other computer equipment.
OTHER SKILLS
Is motivated, innovative, and results-oriented with a consistent desire to excel.
Ability to analyze and interpret data and solve problems.
Works under general supervision with a certain degree of creativity and latitude expected.
Recognize, adopt, use, and recommend best practices in security engineering.
Ability to communicate effectively, orally and in writing and convey ideas persuasively in a concise, organized, and professional manner.
Possesses good teamwork and project management skills.
Ability to establish and maintain effective working relationships with the general public, employees, and public officials.
PHYSICAL ACTIVITIES
While performing the functions of this job, the employee may be required to:
Stand Regulary
Walk Regularly
Sit Regularly
Use hands to handle or feel Regularly
Reach with hands and arms Regularly
Climb or balance Regularly
Stoop, kneel, crouch or crawl Regularly
Talk or hear Continuously
Taste or smell Continuously
WEIGHT LIFT REQUIREMENTS
The employee must occasionally lift and/or move:
Up to 50 pounds
VISION REQUIREMENT
Specific vision abilities required by this job may include:
Close vision (use of a computer, equipment, or any other work duties that require clear
vision within two (2) feet or less).
ENVIRONMENTAL CONDITIONS
The following work environment characteristics described here are representative of those
an employee encounters while performing essential functions of this job. Reasonable
accommodations may be made to enable individuals with disabilities to perform the
essential functions.
Work near moving mechanical parts (spinning shafts, engines, lifts, etc.)
Occasionally
Work in high, precarious places (tall structures, bucket lifts, extension ladders, etc.)
Occasionally
Fumes or airborne particles (painting, sanding, solvents, flying lint or dust particles, etc.)
Never
Toxic or caustic chemicals (including potential for chemical spills, etc.)
Never
Outdoor weather conditions (exposure to outdoor heat, cold or inclement weather)
Occasionally
Wet or humid conditions (not weather-related, such as greenhouse, carwash, etc.)
Never
Extreme cold (not weather-related, such as freezer, cold storage, etc.)
Never
Extreme heat not weather-related, such as furnace, kitchen, ovens, etc. where temp is
regularly above 100 degrees F) Never
Risk of electrical shock (live electrical wires, equipment that retains power after shutoff)
Occasionally
Work with explosives (TNT, dynamite, nitroglycerine or other related explosives)
Never
Risk of radiation (x-ray equipment, nuclear radiation, electromagnetic radiation, etc.)
Never
Vibration (jack hammer, soil compactor, equipment that creates high vibration, etc.)
Never
The noise level in the work environment is usually Moderate (business office with
computers/printers, light traffic, etc.)
ADDITIONAL INFORMATION
This is not necessarily an exhaustive list of all responsibilities, skills, duties, requirements,
efforts, or working conditions associated with the job. While this is intended to be an
accurate reflection of the current job, management reserves the right to revise the job or to
require that other or different tasks be performed when circumstances change (e.g.,
emergencies, changes in personnel, workload, rush jobs, or technological developments).
City Of Ocala, FL