Information Security Specialist

About Us

Technology Services is seeking an Information Security Specialist to join its team and to assist in customer-focused information security initiatives.
An image without description
The secret is out: Denver is the nation’s top place to live, work, and play. Being the best place to live isn’t easy; maintaining such a reputation means we need the best people working for the residents of Denver. People who want to make a difference; people who want to give back; people who want to be at the heart of this city and have a hand in creating our future. When you join us, you will employ your unique skills to do important and meaningful work critical to the success of both your organization and the city as a whole. Be a part of the city that you love. #WhereDenverWorks­­

The Technology Services division (TS) of the City and County of Denver is using state-of-the-art technologies and methodologies to deliver and improve the systems, applications and operations that we deliver to our Mile High City. TS supports the people, agencies and ideas that make the City and County of Denver a great place to live and work. The City offers a unique opportunity to work with a diverse business and technology environment on a large scale as we employ over 12,000 people, of which 9,000+ are daily technology consumers in support of a diverse population in excess of 500,000 citizens.
Please apply as soon as you are able as this position will close when we receive a sufficient number of qualified candidates.

About Our Job

As part of an Information Security Team, you will execute day-to-day activities including the review of monitoring alerts, tracking remediation, and suggesting security solutions, while maintaining excellent customer relationships. As the Information Security Specialist, you will also work on projects that include software development, purchased applications, hosted and cloud-based solutions, data network architectures, and mobile device management.

You will be expected to play a pivotal role in supporting the governance, risk, and compliance functions to help promote improvements in overall process maturity. You will also help execute risk assessments, information security metrics, and senior management reporting.

Additionally, as the Information Security Specialist, you will:

  • Enforce information assurance and security policies and procedures utilized throughout the City
  • Ensure compliance with any applicable federal, state, or local laws and regulations
  • Conduct or assist security audits and provide recommendations to mitigate risks
  • Assess potential risks and vulnerabilities to data infrastructure and systems
  • Develop project artifacts, inclusive of requirements definition, design, architecture (logical/physical), testing, and transition to sustain documentation
  • Participate in researching current and/or proposed federal, state and local laws and regulations, industry trends and best practices in the fields of information assurance and security to determine their applicability to the City’s information technology operations
  • Contribute to the identification and development of policies and procedures to maintain consistency citywide in any information assurance practices and to incorporate changes needed for compliance with federal, state or local regulations
  • Assist with analysis and evaluation of all aspects of enterprise information assurance (e.g. information security architecture, disaster plans, etc.) then provide technical knowledge and advice regarding the development and implementation of procedures for maintaining the City’s information systems network technology
  • Provide consultation and advice to information technology professional, technical and/or administrative staff throughout the City on security issues
  • Function as a key contributor to Security Incident Management and Investigation activities
  • Perform other related duties as assigned or requested.

About You

For this Information Security Specialist position, you should be knowledgeable in standards and frameworks, such as, Payment Card Industry, Criminal Justice Information Services, Health Insurance Portability and Accountability Act, Colorado State elections regulations, Federal Information Systems Computer Audit Manual, International Standards Organization, and National Institute of Standards and Technology.

Our Ideal Candidate has:

  • 4+ years of experience in performing security risk assessments and application, system and network security
  • Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security
  • An understanding of the following tools: SIEM, IDS / IPS, host based Anti-Virus, or similar products.
  • Experience in network monitoring tools to monitor attacks/threats and doing the initial triage of findings
  • Experience with computer security, incident response, or computer forensics
  • Experience with technologies, tools and process controls to minimize risk and data exposure
  • Scripting experience in Perl, python, bash, and/ PowerShell
  • Experience in large enterprise or carrier data centers and/or networks
  • Implement and maintain endpoint protection technologies (antivirus, host intrusion, prevention, host firewall)
  • Experience implementing and maintaining log management solution
  • Experience implementing and maintaining vulnerability and patch management solution
  • Experience implementing and maintaining multifactor authentication solution
  • Experience designing and maintaining incident response playbook items

We recognize your time is valuable, so please do not apply unless you meet the following required minimum qualifications:

  • Education Requirement: Bachelor’s degree in Computer Science, Information Systems, Business Administration, Mathematics or a related field.
  • Experience Requirement: Three years of administering information security systems to include any or all of the following: information security architecture, information security procedures and controls, physical security, attack & penetration testing, application testing, information assurance program gap analysis and incident response.
  • Education/Experience Equivalency: Additional appropriate education may be substituted for the minimum experience requirement. Additional appropriate experience may be substituted for the minimum education requirement.

About Everything Else

Classification Title: The official job classification title is Information Security Specialist [CI2756]
Assessments/Testing: This position does not require testing.
Hiring Range: $83,918 – $115,000

Pre-employment Screening: An offer of employment is contingent on the verification of credentials and other information required by law and City and County of Denver policies, including the successful completion of a background check. Candidates must pass a criminal background check and other verifications required for the position which may include, but are not limited to, employment and/or education verification, motor vehicle record check, drug test, and/or physical. The existence of a conviction does not automatically disqualify an individual from employment except where federal or state law or regulations prohibit employment of an individual with certain convictions. For more information about the selection and employment screening process, click here.

Probationary Period: This position may require the selected candidate to complete at least a six-month probationary period prior to attaining career status with the City & County of Denver. For more information about the probationary period, click here.

The City and County of Denver provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, national origin, disability, genetic information, age, or any other status protected under federal, state, and/or local law.