IT Security Engineer

The IT Cyber Security Engineer is a is a key role at Cowlitz County, primarily responsible for the protection of Cowlitz County’s information technology infrastructure, applications, and data against the ever-evolving cyber threats. This role is considered a “hybrid” security role consisting of both technical “hands-on” elements as well as administrative tasks (e.g., process, and procedure development).

As a cyber security expert, the security engineer has in-depth knowledge of Security, Virtualization, Networking, and Cloud. They anticipate potential impacts, address security threats, develop effective sustainable strategies, troubleshoot complex issues, and review advanced technical configurations.

This role involves looking beyond current practices, standards, and procedures to reduce business risks by enhancing the organization’s cyber security and compliance posture. They use their experience and advanced knowledge to drive innovation and maturity.

The Security Engineer role focuses on delivering customer-oriented, business-appropriate solutions within a collaborative team setting. It ensures the cybersecurity program effectively addresses Cowlitz County's needs by understanding business requirements, engaging with end users, continually improving skills, and actively participating in industry technical groups statewide.

They serve as a technical subject matter expert for applications and infrastructure cyber security solutions including web and cloud-based systems; operate products in-place; pro-actively monitor for security threats; investigate and resolve security breaches; conduct vulnerability audits and assessments; establish and maintain policies and procedures related to cyber security. Their secondary purpose is supporting the county's IT systems and infrastructure engineering.

The 2024 salary for the IT Security Engineer is currently on a seven (7) step progression schedule. The starting salary ($7,620.00/mo.) may be negotiable with documented experience and/or certifications

Cowlitz County offers a generous benefits package which includes:

• Medical/Dental/Vision (includes dependent coverage)
• VEBA/Health Retirement Account for those who qualify
• Retirement through Washington State Public Employees Retirement System
• Life Insurance 
• Deferred Compensation plans available (457b)
• Vacation, Bonus and Leave Days Paid
• 11 Paid Holidays
• Reasonable work hours

The County:

1. Enhance Security Posture: Continuously improve Cowlitz County’s information security by staying updated on the latest threats, trends, and technology. Define and drive the security roadmap.
2. Identify and Mitigate Vulnerabilities: Monitor vulnerability notifications and perform penetration testing to identify and address security vulnerabilities. Coordinate with teams to ensure timely patching and remediation.
3. Recommend Remediation: Recommend and coordinate actions to mitigate risks and implement solutions and tools to address security vulnerabilities.
4. Implement Security Measures: Engineer, implement, and monitor security measures to protect computer systems, networks, and information.
5. Collaborate on IT Projects: Work closely with IT leadership to support global IT projects, conduct security assessments, and remediate non-compliant systems and processes.
6. Ensure Compliance: Support Public Record Coordinators to comply with Washington state data retention and disposal laws.
7. Develop Security Policies: Create and enforce Information Security Plans and enterprise cybersecurity policies.
8. Set Best Practices: Assess security requirements and establish appropriate best practices and standards.
9. Research Solutions: Research and develop cybersecurity technology solutions and work with vendors when appropriate.
10. Stay Informed: Maintain a strong knowledge of current security threats and use this information to identify and address new threats in a rapidly changing environment.
11. Mitigate Vulnerabilities: Implement and maintain security solutions, configure and troubleshoot security infrastructure, and design countermeasures to protect against breaches.
12. Monitor and Investigate: Monitor for security breaches, investigate incidents, and ensure management is informed quickly. Advise internal stakeholders on breaches, including root cause analysis and remediation.
13. Analyze Network Traffic: Analyze network traffic and packet captures to identify and address abnormal activity, making configuration changes to prevent future issues.
14. Lead IT Staff: Oversee and direct the work of subordinate IT staff and/or peers on assigned projects, ensuring effective teamwork and project completion.
15. Prepare Reports and Documentation: Prepare reports for Executive staff and internal department such as HR and Legal, draft correspondence, and participate in committees, task forces, meetings, and training sessions.
16. Conduct Compliance Audits: Support and conduct audits to ensure adherence to security standards, such as CJIS and PCI, and collaborate with auditors, the risk management office, or others to address any issues.
17. Coordinate with Agencies: Work with local, state, and federal organizations on cybersecurity matters.
18. Provide Engineering Analysis: Offer cybersecurity engineering analysis and systems integration across various areas, including firewalls, networks, remote access devices, IDS/IPS, servers, and endpoint security solutions.
19. Manage MFA Platform: Oversee the multi-factor authentication platform, including its implementation, administration, and user support to enhance security.
20. Manage the Extended Detection Response and Data Security Posture Platforms: Oversee the security platforms, including monitoring, threat detection, and incident response to protect sensitive information.
21. Manage PAM and Password Management: Oversee Privileged Access Management (PAM) and password management software, including user management and access controls.
22. Oversee SIEM System: Manage the Security Information and Event Management (SIEM) system and log management, including monitoring and analyzing logs to respond to security incidents.
23. Manage Security Education: Manage the security education and awareness program using tools like KnowBe4 to conduct simulated phishing attacks and deliver training.
24. Support Disaster Recovery: Participate in developing and implementing disaster recovery strategies, including planning, testing, and updating procedures
25. Vendor and Asset Management: Assist with product procurement, inventory management, and accurate asset accounting.
26. Problem-Solving: Perform problem-solving and analysis, including incident and problem management and root cause analysis. 
27. Manage Projects and Priorities: Utilize project management and change management practices to manage work and priorities.
28. Planning and Reporting: Participate in work planning activities and provide status reports
29. Continue Learning: Stay current with technology, industry standards, and best practices for Cyber Security engineering by proactively attending training, classes, events, webinars, and reading industry publications to maintain or develop skills.
30. On-Call Duties: Be available for regular, periodic on-call duties and work beyond standard hours, including evenings, weekends, and holidays, to address critical issues and system upgrades.
31. Additional Duties: Complete other tasks and projects as assigned by IT Department leadership.

1. Education, Experience and Training:  5 (Five) years' experience supporting information technology systems as a subject matter expert across two or more technology layers (application, server, networks, etc.) with three years specifically in cyber security, required. A Bachelor's degree in Information Systems, Computer Science or related field is desired, Industry standard license and certification such as CEH, or OSCP, CISSP, CISM is desired – OR – Any equivalent combination of education, experience and/or training sufficient to demonstrate the required knowledge, skills and abilities is acceptable.
2. General knowledge of Information Technology industry and best practices and expertise in cyber security.

• Certifications such as: CEH, CISSP, CISM, GIAC, ITIL, Security
• Working knowledge of:
  1. Vulnerability management
  2. Compliance frameworks and auditing
  3. Anti-Virus or EDR / XDR tool management
  4. SIEM platform and log management
  5. Multi-factor authentication platform management
  6. Firewalls
  7. IDS/IPS
  8. Proxies
  9. Virtualization
  10. Networking
  11. Scripting
  12. BCDR methods and products

• Communication: Clearly convey information and ideas at various levels, both orally and in writing. Prepare clear, concise reports, support documentation, presentations, and user training materials.
• Innovation and Motivation: Exhibit a self-starting attitude and innovative mindset.
• Alignment: Ensure tasks and responsibilities align with departmental operations and strategic goals.
• Ownership and Follow-Through: Take responsibility for assignments, seek guidance as needed, and ensure tasks are completed.
• Time Management: Perform well under tight deadlines and manage time effectively.
• Interpersonal and Customer Service Skills: Build and maintain effective relationships with county employees and other contacts.
• Teamwork and Independence: Collaborate effectively with IT staff, system users, management, and vendors, while excelling in both team and independent settings.
• Stress Management: Handle job-related stress effectively and interact positively with others in the workplace.
• Knowledge Sharing: Share expertise and information with the IT team and clients willingly.
• Analytical Skills: Independently assess and identify problems, develop corrective actions, and implement effective solutions.
• Technical Aptitude: Learn and manage the administrative and functional components of enterprise cyber security, Infrastructure, software applications, and providing comprehensive support and maintenance.
• Continuous Improvement: Continuously upgrade skills through training and other resources.

Salary : $94,656 - $111,348