This job was posted by https://idahoworks.gov : For more information,
please see: https://idahoworks.gov/jobs/2540705
## General Summary
- Do you meet our**[**minimum hiring
standards**](https://adacounty.id.gov/sheriff/careers/hiring-standards-disqualifiers/){tabindex="0"
target="_blank" rel="noopener noreferrer" uw-rm-brl="PR"
uw-original-href="https://adacounty.id.gov/sheriff/careers/hiring-standards-disqualifiers/"
uw-rm-ext-link="" uw-rm-empty-ctrl=""}**?\
Please check before applying.**
The IT Security Engineer will evaluate and oversee data security risks,
develop security measures to safeguard information and data, and provide
best practices and oversight for application security standards and best
practices. The IT Security Engineer analyzes software designs and
implementations from a security perspective, and identify and resolve
security issues. The incumbent will include the appropriate security
analysis, defenses and countermeasures at each phase of the software
development lifecycle, to result in robust and reliable software. The IT
Security Engineer acts as a project lead and as a subject matter expert
for IT Security tools and processes.
- DISTINGUISHING FEATURES OF THE CLASS:\
- The IT Security Engineer Iassignments are well defined and of limited
scope and technical complexity, using standard procedures and
techniques. Guidance is readily available from other team members or
management. Schedules, milestones, and priorities are usually provided
by management.\
\
The IT Security Engineer II assignments are well defined and of moderate
scope and technical complexity, where technical supervision provides an
outline of the tasks to be performed and suggestions as to methods of
approach and procedure to be followed. Guidance is readily available
from other team members or management. Consults with team leader and/or
management to develop schedules, milestones, and priorities.\
\
The IT Security Engineer III Assignments are of a complex nature and
require technical sophistication, including the generation and use of
new techniques. Guidance is given in the form of general instructions on
new assignments. Ensures that schedules, milestones, and priorities are
compatible with other department goals and projects. May act as a team
or project leader on smaller projects.
## Essential Functions
**IT Security Engineer I**
- Perform level 1 application security functions;
- Design, implement and manage security tools and systems (IDS, IPS,
VPN, WAF, DLP, Anti-Virus, Anti-Malware, honeypots, SEIM,
Vulnerability Scanners, Web Proxies, Forensic toolkits, MFA, key
management) in a heterogeneous computing environment that spans
multiple physical and virtual data centers;
- Install, configure and maintain security controls such as intrusion
detection systems, packet capture devices, data loss prevention
tools, and other commercial off the shelf and open source security
tools;
- Enhance the security posture of internal infrastructure and
client-facing systems;
- Perform risk assessments, vulnerability management, penetration
testing and patch management for Unix/Linux, Mac, Windows systems
and web applications;
- Understanding of attack vectors, exploits, and hacking tools;
- Detect, investigate and recover from security incidents as well as
assisting with incident response plans;
- Responsible for raising company-wide security awareness and
monitoring information security related web sites and newsletters to
stay up to date on current attacks and trends;
- Assist the Security Engineering Team with evaluation of new and
emerging security tools and technologies;
- Maintain technical documentation;
- Consult team members on secure coding practices;
- Administer network and computing devices/systems that enforc e
security policies and audit controls in Windows and Unix based
environment;
- Perform network traffic inspections, network traffic monitoring, and
log analysis;
- Recommend the application of fixes, patches, and recovery procedures
in the event of a security incident;
- Recommend software tools and/or other solutions for technical
challenges involving IT Security processes.
- IT Security Engineer II**\
In addition to the above;
Management of all technical security equipment, including IDS/IPS
devices, Data Loss Prevention equipment, web content filtering
equipment, SEIM;
Responding to alerts and investigating potential security incidents;
Ensure that daily compliance tasks are completed in a timely fashion and
tracked in the appropriate ticketing system;
Perform access certifications and other identity and access management
related tasks;
Work closely with developmental operations and software engineering to
proactively identify and fix security flaws and vulnerabilities;
Knowledge in compliance procedures and p
