IT Information Security Engineer III
Print (http://agency.governmentjobs.com/idaho/job_bulletin.cfm?jobID=3902492&sharedWindow=0)
Apply
IT Information Security Engineer III
Salary
$68,390.40 – $81,224.00 Annually
Location
Boise, ID
Job Type
Full Time
Department
Idaho Transportation Department
Job Number
18105 (1266 – HQ)
Closing
3/1/2023 11:59 PM Mountain
Description
Benefits
Questions
Description
Do you want to make a difference and be part of an award-winning agency, dedicated to enhancing the quality of life in Idaho through transportation?
At the Idaho Transportation Department, every employee is critical to the mission and we strive to foster an innovative, collaborative workplace where employees can grow and do their best work.
Idaho Transportation Department has an exciting and challenging opportunity for an IT Information Security Engineer III located at our headquarters office in Boise. This role performs investigations related to information security events and incidents, electronic discovery and digital forensics for litigation and human resource purposes as well as provide technical leadership to information security response teams.
Please note: Background check (including fingerprinting) is required for this position.
Example of Duties
Perform Confidential Services. Confidential Services include working with Legal and Human Resources on active investigations by providing electronic discovery and digital forensics expertise. Provide subject matter expertise to HR and Legal upon request, potentially during employment adjudication and in court.
Perform Cyber Security Incident Response. Monitor the agencies information security systems to identify potential Cyber Security Incidents based upon a good working knowledge of cyber security best practices and a familiarity of current and potential threats. Determine which Cyber Security Events escalate to Cyber Security Incidents with the potential to impact the agencies employees, information, resources and reputation.
Create Information Security Policy. Draft ITD policies to address cyber security needs. Align ITD’s cyber security policies with Federal, State and other local partners. Ensure that ITD’s cyber security polices meet the needs of ITD’s lines of business and customer needs.
Design, implement and potentially operate information security systems.
Research and propose technology solutions to address information security needs at the agency.
Provide initial budgeting and planning information for information security systems for the agency.
Provide subject matter expertise in the implementation projects to implement information security solutions.
Create the processes needed to successful deploy information technology projects.
Audit performance of existing information technology systems and their operations to ensure they meet current needs.
Create information security plans to meet the agencies information security needs based upon
the agency’s identified risk management framework and the needs of the lines of business.
DECISION-MAKING AUTHORITY:
PROBLEM SOLVING:
Finding indicators of compromise for security events. Examples include looking through logs, correlating events from separate data sources and from users.
Troubleshooting security related technical issues. Examples include solving encryption and certificate errors and determining if web traffic is being blocked for security reasons such as improper data exfiltration.
Determining timelines during investigations of users to see if they violated Federal, State or agency laws, policies or guidelines. Examples include investigations requested by Legal or Human Resources.
Minimum Qualifications
Considerable knowledge of computer networking concepts and protocols, and network security methodologies; internal tactics to anticipate and mitigate cyber security threat capabilities and actions; risk management processes (e.g., methods for assessing, documenting, and mitigating risk).
Good knowledge of cyber intelligence/information collection capabilities and conducting cyber incident investigations; assessing cyber security regulatory compliance and policy & procedure writing; supervisory practices.
DESIRED QUALIFICATIONS:
Good knowledge of electronic discovery and digital forensics gathering processes.
Digital forensics certifications to testify as an expert witness in court. Currently the team uses GIAC certifications.
Supplemental Information
To learn more about the department, please visit the ITD website (https://itd.idaho.gov/) . Make a difference in your community and in the lives of the citizens of Idaho!
Benefits:
Flexible work schedule available to some positions for increased work-life balance
Public Service Loan Forgiveness – eligibility requirements may apply
Accrue paid vacation every pay period and increasing with state longevity
Paid Parental Leave
Paid sick leave separate from vacation leave
11 paid holidays
Competitive Medical, Dental, Vision, Life and Disability insurance benefits, Flexible Spending Account https://ogi.idaho.gov/premium-rates/
Relocation Assistance available to some positions
Defined benefits retirement plan (pension) through the Public Employee Retirement System of Idaho (PERSI) https://persi.idaho.gov/members/base_plan.cfm
Optional 401K and Deferred Compensation plans with traditional and Roth options
Eligible for Employee Assistance Program – Confidential support, information and resources for all of life’s challenges
The Idaho Department of Transportation may conduct verification of the information provided in your application, including validation of driver’s license status, education, employment, and criminal history. Omission and/or falsification of information provided in your application will result in your removal from consideration for employment, appointment, or promotion.
The State of Idaho is committed to providing equal employment opportunities and prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, political affiliation or belief, sex, national origin, genetics, or any other status protected under applicable federal, state, or local laws.
The State of Idaho is committed to access and reasonable accommodations for individuals with disabilities, auxiliary aids and services are available upon request. If you require an accommodation at any step in our recruitment process, you are encouraged to contact (208) 334-2263 (TTY/TTD: 711), or email [email protected].
Preference may be given to veterans who qualify under state and federal laws and regulations.
Your Safety. Your Mobility. Your Economic Opportunity.
If you have questions, please contact us at:
Email:
Trouble Applying Call: Applicant Support Toll-free number: 1-855-524-5627
Monday through Friday 6:00 a.m. – 5:00 p.m. Pacific Time
https://dhr.idaho.gov/StateEmployees/Benefits.html
*Benefits may not be applicable for temporary or seasonal positions.
01
01735 – MQ 1 of 6 Please select the option that best describes how you have obtained considerable knowledge of computer networking concepts and protocols, and network security methodologies. Help: Typically gained by at least four years of professional work experience (within the last five years) performing network security OR two years of professional work experience (within the last five years) and successful completion of college/vocational courses covering network security practices. *Your resume/application must support your answer.
I do not have this experience.
I have at least four years of professional work experience (within the last five years) performing network security OR two years of professional work experience (within the last five years) and successful completion of college/vocational courses covering network security practices.
I have at least four years of professional work experience (within the last five years) performing network security OR three years of professional work experience (within the last five years) and successful completion of college/vocational courses covering network security practices.
I have at least four years of professional work experience (within the last five years) performing network security OR three years of professional work experience (within the last five years) and successful completion of college/vocational courses covering network security practices with at least two of the four years of professional work experience directly supervising network security staff.
02
01735 – MQ 2 of 6 Please select the option that best describes how you have obtained good knowledge of cyber intelligence/information collection capabilities and conducting cyber incident investigations. Help: Typically gained by at least three years of work experience as an advanced IT professional. Experience should include practical experience conducting cyber incident investigations. Include the names of tools you have experience using to conduct cyber incident investigations. *Your resume/application must support your answer.
I do not have this knowledge.
I have at least three years of professional work experience conducting cyber security administrative investigations including incidents involving mishandling of sensitive information, computer misuse, and account compromise investigations.
I have at least four years of professional work experience conducting cyber security administrative investigations including mishandling of sensitive information, computer misuse, and experience conducting forensic imaging and examinations of digital and electronic media.
At least four years of professional work experience conducting cyber security administrative investigations including mishandling of sensitive information, computer misuse, and experience conducting forensic imaging and examinations of digital and electronic media with at least two of the four years of professional work experience directly supervising network security staff tasked with conducting cyber intelligence and cyber incident investigations.
03
01735 – MQ 3 of 6 Please select the option that best describes how you have obtained good knowledge of assessing cyber security regulatory compliance and policy and procedure writing. Help: Typically gained by at least one year of professional work experience developing training materials, reports, policy and/or procedure manuals, written interpretations of law, rules, or policies, or any related background which would be considered similar OR successful completion of two college/vocational courses in technical writing or communication. *Your resume/application must support your answer.
I do not have this knowledge and/or experience.
I have at least one year of professional work experience developing reports, policy and/or procedure manuals, written interpretations of law, rules, or policies, or any related background which would be considered similar OR successful completion of two college/vocational courses in technical writing or communication.
I have at least two years of professional work experience developing reports, policy and/or procedure manuals, written interpretations of law, rules, or policies, or any related background which would be considered similar.
I have at least one year of professional work experience developing reports, policy and/or procedure manuals, written interpretations of law, rules, or policies, or any related background which would be considered similar OR successful completion of two college/vocational courses in technical writing or communication. I have also participated in a committee or workgroup charged with rewriting rules or reference guides, developing training materials, or developing and rewriting specific notices, forms, or procedures that have far reaching impact on program policy and will probably be used on a statewide basis OR I have been in a supervisory, managerial, or project review type position performing this level of work.
04
01735 – MQ 4 of 6 Please select the option that best describes how you have obtained considerable knowledge of internal tactics to anticipate and mitigate cyber security threat capabilities and actions. Help: Typically gained by at least three years of professional work experience researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation OR successful completion of college courses in cyber security threat identification and mitigation and one year of practical work experience. *Your resume/application must support your answer.
I do not have this knowledge and/or experience.
I have at least three years of professional work experience researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation OR successful completion of college courses in cyber security threat identification and mitigation and one year of practical work experience.
I have at least four years of professional work experience researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation OR successful completion of college courses in cyber security threat identification and mitigation and two years practical work experience.
I have at least four years of professional work experience researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation OR successful completion of college courses in cyber security threat identification and mitigation and two years practical work experience with at least two of the four years of professional work experience directly supervising network security staff tasked with researching potential cyber security threats and reviewing, interpreting, and prioritizing information systems remediation.
05
01735 – MQ 5 of 6 Please choose the answer that best describes your experience supervising staff. Duties MUST include hiring, performance evaluations, discipline, terminations, and other personnel management activities. Typically this is gained by at least one (1) year of work experience with specific responsibility for hiring, performance evaluations, work assignment, discipline, termination, and other personnel management activities OR successful completion of at least 8 hours of courses or seminars specifically covering supervisory practices PLUS at least 6 months experience performing as a full supervisor OR successful completion of 6 college credit hours of courses or seminars covering the essential elements of management *Your resume/application must support your answer.
I do not have this knowledge and/or experience.
I have at least one year of experience supervising that includes; hiring, performance evaluations, discipline, terminations, and other personnel management activities of staff OR I have completed upper-division college-level management coursework along with experience in a significant leadership role OR successful completion of at least 8 hours of courses or seminars specifically covering supervisory practices PLUS at least 6 months experience performing as a full supervisor OR successful completion of 6 college credit hours of courses or seminars covering the essential elements of management
I have at least 3 years of experience supervising that includes; hiring, performance evaluations, discipline, terminations, and other personnel management activities of staff.
I have five or more years of full supervisory experience of four or more employees to include professional level employees.
06
01735 – MQ 6 of 6 Please select the option that best describes how you have obtained considerable knowledge of risk management processes (e.g., methods for assessing, documenting, and mitigating risk). Help: Typically gained by at least three years of IT experience examining, auditing, managing, implementing IT risk assessments, IT audit programs, and IT security programs. *Your resume/application must support your answer.
I do not have this knowledge or experience.
I have at least three years of IT experience examining, auditing, managing, implementing IT risk assessments, IT audit programs, and IT security programs.
I have at least four years of IT experience examining, auditing, managing, implementing IT risk assessments, IT audit programs, and IT security programs.
I have five or more years of full supervisory experience of four or more employees to include professional level employees.
07
Extra Credit: Please describe how you have gained a good working knowledge of electronic discovery and digital forensics gathering processes. Typically gained by two years of active job duties involving cyber investigations including e-discovery and digital forensics with in the last 5 years or active and current industry certifications in e-disco and d-forensics.
08
Extra Credit: What Digital forensics certifications do you currently have, if any?
Required Question
Agency
State of Idaho
Address
304 North 8th Street Boise, Idaho, 83720
Website
https://www.governmentjobs.com/careers/idaho
Apply
Please verify your email address Verify Email
Wok the Line is currently seeking a Front of House employee. Part time or Full time available. Mornings or night...
Apply For This JobAs supervised and delegated by a physician, provides direct patient care in accordance with applicable scope and standards of practice....
Apply For This JobAccess Point has an exciting opportunity for multiple Call Center Schedulers to join our team. The Call Center Scheduler position...
Apply For This JobOverview: Starting hiring pay range (based on location, experience, qualifications, etc.): $12 / hour Restaurant Crewmembers at Raising Cane’s will...
Apply For This JobSummary: The primary purpose of this position is to create the tools needed for internal and external customers to easily...
Apply For This JobAbout Ogilvy Ogilvy was founded in 1948 by David Ogilvy. David created a culture that deeply respects and cares about...
Apply For This Job