Enterprise Cyber Security Technician

Other security duties including: cyber security risk management, assisting with computer security policy, cyber security incident response and cyber security auditing. Perform administration activities, including patching, monitoring and reporting, vulnerability management, physical/logical security system administration, and security project management. The position also assists with the annual security report and annual security budget. Functions as a subject matter expert for Cyber Security for Brown County.

Essential Duties: 50% Security and 50% System Maintenance and Updates
Ability to work independently with little or no direct supervision to perform day-to-day operations. Participate on teams and where necessary, lead teams.
Assist with cyber security training and assistance where required to BCTS staff, County Staff, municipalities and the community at large.
Participate in the Technology Services after hours call and as tier two for Cyber Security.
Participate as a project lead and/or project team member as required.

Comply with laws, regulations, policies, procedures and standards, and makes recommendations for improvement.

Technical Cyber Incident Management:
Log, analyze and report on security incidents.
Review logs from security tools, including IDS, firewalls, VPN, vulnerability assessment tools, anti-virus, etc.
Coordinate Cyber Incident response with TS Leadership, Risk Management, and Emergency Management.
Lead and/or assist with investigations as required during the course of security incidents including: forensics, diagnosis, repair and recovery.
Coordinate activity with cyber agencies and law enforcement as required.

Hardware and Software Security Management:
Research and test security tools.
Administer and manage cyber security.
Assist with device configuration as needed.
Review and respond to reporting including IDS, firewalls, anti-virus, and vulnerability management tools.
Ensure stability and service continuity of security tools by regularly patching and updating software products and underlying operating systems.
Assist with product and service procurement.
Follow procedures and security protocols in order to safeguard sensitive data.
Communicate and reinforce these protocols with system users who have access to confidential data.
Conduct and/or participate in information risk and vulnerability assessments. Implement approved risk analysis tools to address findings from risk assessments.
Coordinate with partner agencies such as MS-ISAC, FBI and WIS-DET.

Project Management:
Manage schedules and plans for security related projects.
Plan and manage cross-disciplinary projects to upgrade or implement new security related technologies.
Manage Information Security projects including: project plans, schedules, resource allocation, task assignments, budgets, etc.
Interface with other staff members, departments, outside contractors and vendors, as needed for various security projects.
Assist other project leads by acting as a cyber security subject matter expert.
Attend meetings as required.
Assist with development of, and maintains system technical and cyber security documentation for systems focusing on key/core minimum information necessary to support and secure each system, including presentations, system diagrams and reports. Document security procedures and standards as required to support security policies
Implement security policy management framework.
Work with Corporation Counsel, Sheriff, Risk Management, Emergency Management, Human Resources and other County leaders to maintain, improve and communicate enterprise information security policies
Assist and sometimes lead other Technology Services staff as directed to meet Brown County goals. May identify the need for new goals.
Educate coworkers and county staff regarding security risks and incident handling.
Work with teams to ensure all major architectural network, application and system changes adhere to security standards.
Prepare and submit incident reports as required.
Assist with the annual Brown County Technology Services security report including activity, improvements and a three year strategic plan
At least annually audit and report on the County’s security capabilities
Assist TS Management as directed in short and long term planning and the annual budget process to align investments with enterprise security goals
Communicate with customer(s) regarding activity, work order and/or project status, and ensure work is followed through to completion.
Serve as escalation point for security issues. Directly interact with cross functional teams, vendors and solution architects to identify, develop and document complete information for solution.
Research industry standards and/or local, state, and federal regulations regarding the protection of sensitive data and act as the County subject matter expert regarding compliance with these regulations.
Coordinate schedule/meetings with users of all levels and is punctual.

Vulnerabilities Management:
Remain knowledgeable of the use of threat scanning tools.
Identify and report on existing vulnerabilities using available tools as required.
Take action to remediate critical vulnerabilities. Assist with network, application, system, desktop and server remediation actions.
Ensure vulnerability awareness for affected staff.
Subscribe to information security alert sources and share those alerts as appropriate.
Complete TS Department operations and tasks as assigned.
Demonstrate continuous improvement and elimination of waste as conveyed by the LEAN philosophy.
Interact professionally and appropriately with others, without regard to individual characteristics. Demonstrate a personal commitment to create a hospitable and welcoming environment. Fosters respect for all individuals and points of view.
Lead or participate in the needs assessment, and selection process for small to medium applications and systems involving Cyber Security. This includes: investigating, evaluating, and completing assigned project-service requests; formulating work plans; developing user documentation; and training users. This may also include leading Systems Analyst I’s and partnering with Systems Analyst IIs or participating on a team led by a Systems Analyst III.

Performs related functions as assigned.

Minimum Qualifications Required:

Education and Experience:
Two year or four year college degree in Computer Science field and 5 years experience in Information Technology with progressive experience in systems security management, security administration, systems audit and security compliance.

Qualified applicants will be subject to a security investigation and must meet minimum qualifications for access to classified information. US Citizenship is required.

Knowledge of analyzing and understanding various types of log files; system logs, application logs, security logs.

Basic understanding of regulatory compliance, including designing, auditing, reporting and testing.

Working knowledge of incident response management.

Basic experience with creating presentations and documentation

Have a proven track record of researching and implementing enterprise solutions and projects.

Must pass an FBI background check.

Licenses and Certifications

Security Certification such as (following) preferred:
CCNA Security
Cisco Cybersecurity Specialist
CEH (Certified Ethical Hacker)
CompTIA Security+
CISSO (Certified Information Systems Security Officer) MERIT
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)
Current MCSE with security focus
GIAC Security Essentials
Valid Wisconsin Driver’s License

Knowledge, Skills & Abilities: Proficiency with

• Microsoft Word, Excel, Outlook
• Microsoft Windows 7
• Microsoft Server 2003 and current
• At least one cyber risk scanning tool

Familiar with tools such as:

• Intrusion detection & protection (IDS/IPS, SNORT)
• Internet threat protection (Cisco IronPort)
• Host based intrusion detection systems (OSSEC, Shodan)
• Penetration testing/network security assessments (Kali Linux, BeEF, Metasploit)
• Web application security (OWASP, SPScan, Nmap)
• Vulnerability scanners (Nessus, Nexpose or similar)
• Password protection (HASHCAT)
• Automated auditing of WiFi (WIFITE)
• Cyber-attack management (ARMITAGE)
• Network Packet analyzer (WireShark, EtherPeek)
• Cisco Firewalls
• Anti-virus, malware and advanced persistence threat (AVP) analysis, remediation and management

• Linux

Knowledge of Standards:

• ITIL control and ISO or CobiT frameworks
• HIPAA and PCI regulations/requirements
• FIPS 140-2
• FISMA LOW and MODERATE

Knowledge of IT Business and Security Standards :

• Project management
• Risk management
• Business strategies and planning
• Social engineering techniques
• Network security auditing
• Advanced data encryption techniques
• Video surveillance principles
• Physical security principles

Familiarity with IT Work Functions

• Patch management
• Incident response and disaster recovery techniques
• Evidence acquisition and chain-of-custody methodology
• Report and policy writing

Abilities

• Ability to analyze complex problems, procedures, and data and follow through to provide solutions
• Ability to coordinate and direct a number of concurrent projects
• Ability to prepare and maintain accurate and complete records and reports
• Ability to communicate effectively both orally and in writing.
• Ability to work independently as a member or team leader of a project team.
• Ability to establish and maintain effective working relationships with IS staff and other county department staff.
• Ability to work the required hours of the position.