$75,000 – $85,000 a year
Under the direction of the CISO of Information Security, the Cybersecurity Engineer is responsible for the research, implementation and management of security measures for the protection of all Oklahoma State Regents for Higher Education (OSRHE) computer systems, network, and information against any cyber security threats, to include the Oklahoma College Assistance Program (OCAP) and OneNet. The Cybersecurity Engineer will participate in security compliance efforts, provide security expert guidance, and identify and define security requirements to remediate security vulnerabilities or gaps discovered in the OSRHE/OCAP/OneNet network environment. Engineer will work in conjunction with the information security (IS) and information technology (IT) teams to design security architecture and develop detailed cyber security designs; furthermore, provide escalated support to resolve security matters affecting business operations. The position is expected to be a security subject matter expert and looked to for expert guidance. Engineer will assist in conducting security risk assessments and maintaining an effective security framework.
Responsibilities and Duties
- Serve as subject matter expert over firewall and other network security services; diagnose advanced problems and solve issues in a timely fashion
- Design, installation, maintenance, and operational support of security appliances, hardware, and software according to industry best practices
- Implement performance tuning when necessary
- Configure and troubleshoot security infrastructure devices
- Maintenance of OneNet customer facing managed firewall services
- Participate in the development of policies, procedures, guidelines, and compliance.
- Engineer, implement, document, and monitor security measures for the protection of the network.
- Lead information security projects in planning, implementation, review, and modifications.
- Conduct security risk assessments on network systems to determine if they have been designed to comply with established security standards. Develop new standards as necessary.
- Promote awareness of applicable regulatory standards, upstream risks and industry best practices across OSRHE/OCAP/OneNet.
- Assist in the enforcement and monitoring of network security policies.
- Maintain a working knowledge with information security policies and regulations in regards to due diligence, contingency planning, and Information Security.
- Keep CISO informed on the cyber security posture of the network.
- Research, evaluate, design, recommend, and implement new security controls.
- Act as liaison with external entities to include the United States Department of Education (ED), State of Oklahoma, vendors, contractors and consultants to maintain and enhance information and data security.
- Complete security assessments as required by entities such as Department of Education, State of Oklahoma, commercial banks, etc.
- Manage and lead security incident response efforts.
- Investigate and remediate all network security anomalies detected or discovered
- Develop and implement security strategies to proactively detect and prevent cyber-attacks
- Maintain awareness of current and future cyber threats that could impact the State Regents.
- Ability to digest threat intelligence into actionable responses.
- Understanding of the OSI model and how to interpret packet captures of network traffic.
- Participate in configuration reviews.
- Develop and implement innovative strategies and techniques for mitigating security vulnerabilities discovered
- Provide quality support and maintain a professional relationship with peers, management, other staff, and members through cooperation, mutual trust and respect.
- Work assigned information security tickets as assigned.
- Be available for monitoring and response after hours as needed.
- Other similar duties as assigned.
Bachelor’s degree in computer science, management information systems or related field required and four (4) years of experience in information security/network security engineering. An equivalent combination of post-secondary education and work-related experience may be considered. Candidates should have or would be expected to obtain moderate level skills related to the following certification domains: PCNSE, JNCIS-SEC, CCNP Security.
Strong analysis and troubleshooting skills are essential. Applicant must be able to work successfully in a team environment. Must be a self-starter and able to work independently when required. Clear focus and commitment to a high level of customer service is required. Strong verbal and written communication skills for both technical and non-technical are essential. Must provide a cellular telephone and service for work-related activities. Must be available after hours as needed.
Accreditation/certification in cyber security and/or network systems.
The employee performs work under the primary supervision of the Chief Information and Security Officer (CISO).
Work Hours Agency offices are open to the public from 8 A.M. to 5 P.M. Monday through Friday. These are the normal office hours for Agency employees. Physical DemandsAbility to sit and stand for extended periods of time. Exhibit manual dexterity and hand-eye coordination to operate a computer, keyboard, photocopier, telephone, calculator and other office equipment. Ability to see and read a computer screen and printed material with or without vision aids. Ability to hear and understand speech at normal levels, with or without aids. Ability to communicate clearly. Physical ability to lift up to 25 pounds, to bend, stoop, climb stairs, walk and reach. Must use the proper manual handling equipment including but not limited to dollies, carts and lift team members. Duties are normally performed in an office environment with a moderate noise level.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.