OVERVIEW

Analyze, update, and support all activities related to the availability, integrity, and confidentiality of employee, arrestee, inmate, and business information in compliance with the Client's security policies and procedures, regulations, and law.

DUTIES & RESPONSIBILITIES

Note: Depending on assigned responsibilities, employees may perform some or all of the duties below.

• Assist in gap analysis between security policies/standards/regulations and practices, processes, and solutions; recommend actions to the agency.
• Assist in establishing, documenting, and managing processes and supporting tools used to accomplish information technology (IT) compliance with regulatory and best practice security and compliance frameworks (e.g., Criminal Justice Information Services (CJIS), US National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), and service organization controls (SOC) reporting.
• Analyze data from threat and vulnerability feeds for applicability to the organization.
• Assist agency functions in the event of incidents or breaches.
• Produce vulnerability, configuration, and coverage metrics and reports to demonstrate assessment coverage and remediation effectiveness.
• Interact with other IT staff/agency personnel in meetings to enhance the understanding security issues.
• Assist with IT asset security control coverage and metrics reporting regarding security and compliance data using existing tools as appropriate.
• Analyze threat and vulnerability reports producing relevant findings.
• Review and report on all system logs, alerts, and notifications from agency systems.
• Validate that all Sheriff's Office systems receive security patches and updates in a timely manner.
• Review periodic security assessments and tests for finding enumeration.
• Monitor and generate appropriate alerts to cybersecurity intelligence from a variety of sources.
• Prepare automated and ad hoc reports and/or interpret data from various security sources.
• Assist with application meta-data inventory, mapping, and the development of data flow process documentation.
• Assist in maintaining critical vendor information.
• Promote activities to foster information security awareness within the organization when appropriate.
• Perform other related duties as required.

KNOWLEDGE, SKILLS & ABILITIES

• Working knowledge of networking, database design, and data flow design.
• Working knowledge of products, platforms, systems, and/or processes supported and integration with other systems and processes.
• Working knowledge of standards and information security policies in individual and related areas.
• Working knowledge of industry specific, law enforcement regulations appropriate for the agency supported (e.g., CJIS, NIST).
• Working knowledge of cybersecurity information and terms.
• Strong presentation skills.
• Strong English written and verbal communications skills.
• Strong analytical and solution/problem solving skills.
• Strong task management skills.
• Proven project and team leadership skills.