<p>POSITION SUMMARY:</p> <p>The IT Security and Compliance Administrator performs two core functions for the City of Toledo.  The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security and Compliance Administrator is expected to be fully aware of the City of Toledo's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.</p> <p>ESSENTIAL JOB FUNCTIONS: </p> <p>Strategy & Planning</p> <ul> <li>Participate in the planning and design of city's security architecture, under the direction of the IT Infrastructure Manager, where appropriate.  </li><li>Participate in the development of city-wide security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Infrastructure Manager, or Director where appropriate.  </li><li>Participate in the planning and design of the city's business continuity plan, incident response plan and technology recovery plan, under the direction of the IT Infrastructure Manager or Director where appropriate.  </li></ul> <p>Acquisition & Deployment</p> <ul> <li>Maintain up to date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. </li><li>Recommend additional security solutions or enhancements to existing security solutions to improve overall security. </li><li>Perform the deployment, integration, and initial configuration of all new security solutions of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the city's security documents specifically.  </li></ul> <p>Operational Activity</p> <ul> <li>Maintain up to date dateline baselines for the secure configuration and operations of all in place devices, whether they be under direct control (i.e., security tool) or not (e.g., workstations, servers, network devices) </li><li>Maintain operational configurations of all in pace security solutions as per the established baselines.  </li><li>Monitor all in place security solutions for efficient and appropriate operations </li><li>Review logs and reports of all in place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution. </li><li>Participate in investigations into problematic activity. </li><li>Serve as the primary resource for compliance tracking and audits. </li><li>Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.  </li><li>Provide on call support for end users for all in place security solutions. </li><li>Serve as the Infrastructure team lead as requested by the Infrastructure Manager or Director as requested. </li></ul> <p>REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:</p> <p>Knowledge of:</p> <ul> <li>Technical infrastructure, networks, databases and systems in relation to IT Security and IT risks. </li><li>IT compliance assessments. </li><li>IT security controls. </li><li>Security systems including anti-virus applications, content filtering, firewalls, identity management and intrusion detection. </li><li>Protocols like TCP/IP, DNS, HTTP/S, etc., and tools like Wireshark to analyze traffic. </li><li>Navigating and using both Windows and Linux (command line especially for Linux). </li><li>Antivirus, EDR (Endpoint Detection and Response), and how to check alerts/logs from them. </li></ul> <p>Skill in:</p> <ul> <li>Tools like Splunk, QRadar, LogRhythm, or Microsoft Sentinel to review logs and alerts. </li><li>Workflow/ticketing tools like ServiceNow or JIRA to track incidents and issues. </li></ul> <p>Ability to:</p> <ul> <li>Read and understand logs from firewalls, servers, and endpoints to spot anomalies. </li><li>Work with individuals of diverse backgrounds. </li><li>Establish and maintain effective working relationships with subordinates, peers, superiors, vendor representatives and clients. </li><li>Multi-task in a fast-paced environment. </li></ul> <p>REQUIRED EDUCATION, EXPERIENCE, AND CERTIFICATIONS:</p> <ul> <li>Bachelor's degree in Information Systems, Computer Science, Information Security, or a related field. </li><li>Four (4) years of IT security or network support with security component with a proven ability to engage with IT Management and regulators AND one (1) year of experience managing or collaborating with external service providers.  </li><li>Must obtain any of the following certifications within one year of appointment: </li><li>CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and Certified Information Security Manager (CISM).  </li></ul> <p>PREFERRED EDUCATION, EXPERIENCE AND CERTIFICATIONS:</p> <ul> <li>None </li></ul> <p>PHYSICAL DEMANDS:</p> <p>The physical demands described within this job description must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.</p> <p>In this position, the employee will continuously stand, walk, and sit. The position will occasionally require the employee to drive a personal and company owned vehicle. The employee will frequently lift and carry up to 25 pounds. Frequent stooping, kneeling, twisting, and crouching may occur with this position. Speaking and listening are constant essential functions of this position.</p> <p>WORK ENVIRONMENT:</p> <p>The work environment described within this job description will be encountered while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.</p> <p>The employee is continuously indoors. Occasionally this employee will work outdoors and will travel to multiple worksites. At times, this position will require extended work hours. The noise level in the work environment is usually low; however, occasional moderate background noise can occur.</p> <p>Class Code: Administrator-Administrative Services 2 (7321)</p>