IA & SS Journeyman

Duties: As part of the OCFO technology team, the Security Specialist (Infrastructure Group) will be maintaining and monitoring day to day operation of the OCFO IT infrastructure Security. The IT Consultant will help and performs, monitoring, maintenance, and security IT infrastructure (physical, virtual and cloud). IT consultant will perform OS, security and application upgrades of servers and network to keep them up to date. IT consultant will develop, implements, maintains and enforces documented standards and procedures for the design, development, installation, modification, and documentation of assigned systems. IT consultant will plan, coordinates, and monitors project activities for OCFO Infrastructure group and duties as assigned. Log analysis of Firewall, AD, Switches and other deployed security products Knowledge of vulnerability assessment tools to identify and mitigate issues. Research, analyze, and patch required systems to comply with OCFO compliance mandates. Respond to escalation calls from the Help desk, Desktop support, and other teams to debug and resolve security and perform maintenance. Understands security troubleshooting processes and cooperates with another team. Assists Service Desk technicians as needed with Tier I and Tier II troubleshooting and patching of desktop systems, software (MS Office, Java, Adobe), printer issues, and server related issues as needed. Provides trouble-shooting assistance on production and non-production supported systems. May recommend methods and techniques for obtaining solutions. l. Initiates preventive maintenance for the technical system. Responsibilities: Determines enterprise information assurance and security standards. Develops and implements information assurance/security standards and procedures. Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers' requirements. Identifies, reports, and resolves security violations. Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports customers at the highest levels in the development and implementation of doctrine and policies. Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Performs analysis, design, and development of security features for system architectures. Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers. Designs, develops, engineers, and implements solutions that meet security requirements. Provides integration and implementation of the computer system security solution. Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems. Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Ensures that all information systems are functional and secure Required Skillsets Experience developing, maintaining, and recommending enhancements to IS policies/requirements -  6 years Experience performing vulnerability/risk analyses of computer systems/apps – 6 Years Experience identifying, reporting, and resolving security violations – 6 Years Experience patching Server 2008 / 2012 /2016 Experience patching Desktop Windows 10 / 7 Experience with firewall management CISCO NGFW Experience with vulnerability assessment tools such as Nessus and Tripwire Experience with VMWare 5.5 / 6.0 Required NIST 800-53 experience Desired Splunk experience Desired Cloud experience (MS Azure) Desired Bachelor's Degree in IT or related field - Required CompTIA Security+ or CISSP or other security certifications - Desired