<p>Under direction, this professional-level position is responsible for supporting the City of Thornton's cybersecurity program and daily security operations by implementing, maintaining, and continuously improving cybersecurity controls, monitoring, vulnerability management, and incident response activities aligned with recognized cybersecurity frameworks. </p> <p>Please note: This position is not eligible for H-1B visa sponsorship. Applicants must be authorized to work in the U.S. without the need for current or future visa sponsorship.</p> <p>(Essential functions, as defined under the Americans with Disabilities Act, may include the following tasks, knowledge, skills and other characteristics. The list of tasks is ILLUSTRATIVE ONLY and is not a comprehensive listing of all functions and tasks performed by positions in this class.)</p> <p> </p> <p>Supports and continuously improves the city's cybersecurity program by implementing cybersecurity standards, procedures, and controls; assisting with risk assessments; supporting vulnerability scanning, penetration testing coordination, and internal control reviews; and helping maintain security operations documentation aligned with NIST CSF or CIS Critical Security Controls. </p> <p>Performs threat monitoring and detection activities by utilizing SIEM, EDR/XDR, and related platforms; reviewing security logs and alerts; identifying suspicious activity and Indicators of Compromise (IOCs); tuning detections as appropriate; and escalating findings as per defined security procedures. </p> <p>Supports cybersecurity compliance activities by assisting with required security audits and compliance initiatives (e.g., CJIS, HIPAA, PCI DSS); collecting evidence; validating secure configurations, patching status, and access controls; and documenting compliance-related procedures and requirements. </p> <p>Participates in incident response and recovery activities, including triage, containment support, eradication support, restoration assistance, and documentation; assists with evidence preservation and basic forensic data collection; and supports post-incident lessons learned activities to improve security controls and processes. </p> <p>Coordinates vulnerability management activities by performing or coordinating vulnerability scanning; tracking remediation efforts with IT teams; validating corrective actions; and maintaining risk-based prioritization and reporting. </p> <p>Supports IT infrastructure and systems security by collaborating with IT Network and IT Systems teams to implement security-by-design practices across servers, networks, endpoints, and specialized environments (e.g., public safety and ICS SCADA networks); helping to ensure that secure configuration baselines, encryption standards, and endpoint protections are implemented and maintained. </p> <p>Supports cybersecurity coordination across departments by partnering with city departments regarding department-specific information security, data security, and data integrity needs; providing guidance and technical assistance related to the secure use of systems and the protection of data assets. </p> <p>Researches and evaluates cybersecurity technologies and tools to improve defensive cyber capabilities, operational efficiency, and overall cybersecurity maturity. </p> <p>Available to work nights, holidays, and weekends when necessary.</p> <p>Performs other duties as assigned.</p> <p>Education/Experience:</p> <p>Bachelor's degree in Computer Security, Computer Science, Computer Information Systems, Management Information Systems, or related field from an accredited college or university.</p> <p>Three years' of progressively responsible experience supporting cybersecurity operations and cybersecurity program functions, including security monitoring, vulnerability management, policy/procedure support, audit support, and incident response activities in environments supporting applications, servers, voice and data networks, and Internet policies.</p> <p>Equivalent combinations of education and experience may be considered.</p> <p>Licensing/Certification Requirements:</p> <p>ISC² Certified in Cybersecurity (CC) certification is required within the first year of employment. ISC² CISSP certification, and the Security+, CySA+, and CASP+ certifications from CompTIA are preferred.</p> <p>May need the ability to travel to various locations in a timely manner as the job requires.</p> <p>Knowledge, Skills and Abilities:</p> <p>Knowledge of the policies, procedures and goals of the city of Thornton and the department.</p> <p>Knowledge of hardware products used in municipal government applications.</p> <p>Knowledge of the general operations of various city departments.</p> <p>Knowledge of computer records storage, data manipulation, and database management techniques and practices.</p> <p>Knowledge of the theory, principles, practices, and methods of management and administration of information systems, including systems analysis, design, construction, monitoring, maintenance, testing, documentation, training, and production support.</p> <p>Knowledge of the Thornton Municipal Code associated with user departments and special projects.</p> <p>Knowledge of server and network infrastructure enterprise design models, practices and technologies.</p> <p>Knowledge of network protocols, architecture and system design.</p> <p>Knowledge of security monitoring and logging systems (SIEM, EDR/XDR, IDS/IPS) and alert triage concepts.</p> <p>Knowledge of vulnerability management methodologies, patching cycles, and risk prioritization concepts (e.g., CVSS, CWSS).</p> <p>Knowledge of cyber incident response practices, including evidence preservation, triage, containment support, and documentation.</p> <p>Knowledge of identity and access management fundamentals, including least privilege, RBAC, SoD, and MFA concepts.</p> <p>Knowledge of common security frameworks and control baselines (e.g., NIST CSF, CIS Critical Security Controls).</p> <p>Knowledge of regulatory/security requirements affecting municipal environments (e.g., CJIS, HIPAA, PCI DSS).</p> <p>Knowledge of enterprise server, network, endpoint, and specialized network security principles (including public safety and ICS SCADA environments).</p> <p>Skill in conducting basic log analysis, alert correlation, and pattern identification to support cyber investigations.</p> <p>Skill in supporting vulnerability scanning, coordinating remediation, and performing remediation validation.</p> <p>Skill in assisting in developing and maintaining security documentation (policies, standards, procedures, and runbooks).</p> <p>Skill in researching, testing, and evaluating cybersecurity tools and technology solutions.</p> <p>Skill in planning, scheduling, and implementing system upgrades and conversions to new technologies in coordination with IT teams.</p> <p>Skill in planning, managing and implementing technology projects.</p> <p>Skill in assessing user needs, analyzing and evaluating existing hardware systems for effectiveness and efficiency.</p> <p>Skill in MS Office and SharePoint.</p> <p>Ability to assess security alerts and events, recognize suspicious activity, and follow escalation procedures, and quickly resolve security incidents.</p> <p>Ability to communicate effectively orally and in writing with technical and non-technical audiences.</p> <p>Ability to provide step-by-step technical assistance, both written and verbal.</p> <p>Ability to work collaboratively with IT teams to implement security requirements and remediate issues.</p> <p>Ability to interpret and comply with regulations, policies, standards, and procedures.</p> <p>Ability to use standard office equipment, computer equipment and software including word processing, database management, spreadsheet applications and electronic mail.</p> <p>Ability to manage multiple competing priorities while achieving targeted completion results.</p> <p>Ability to maintain technical proficiency via self-training or formal training and stay current on the evolving threat landscape.</p> <p>Ability to work well under pressure, adapt in a fast-paced environment, and maintain a positive attitude while resolving difficult issues and fostering teamwork.</p> <p>Physical and Mental Requirements:</p> <p>While performing the essential duties of this job, the employee is required to talk, hear, and make repetitive motions. This position is mostly sedentary work; exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift, push, pull or otherwise move objects. The employee is required to have close visual acuity.</p> <p>Examinations may include but are not limited to application screening beyond minimum qualifications; written, oral, practical exercise or any combination thereof or other job related assessment deemed appropriate by Human Resources.</p> <p>Your application will be used as a screening tool. Completeness and accuracy are important! Any false or untrue statements or material omissions in the application and related paperwork or during the selection process could disqualify you from consideration.</p> <p>As a condition of employment, the city of Thornton conducts background investigations for all positions which may also include a review of credit report and/or driving record. A drug screen, physical, and/or psychological examination administered by a city-designated provider will be required for pre-determined positions.</p>