Information Security Administrator- Information Technology (0425)

Coconino County promotes a transformational leadership philosophy that elicits employee growth, cultivates inspiration, and creates future leaders by empowering employees to solve internal and external customer needs and exceed customer service expectations.  As an award-winning organization with high regard for cultural diversity and the positive contributions of the many thriving cultures within our county, our nation, and our society, Coconino County leads a variety of initiatives that celebrate diversity; from our Annual Diversity Day, and monthly Heritage Lunch & Learns, to book clubs, and professional development academies which target diverse workforce segments. Coconino County's respect for diversity is shared throughout the organization. Be part of this optimistic, innovative team where outstanding customer service creates dynamic solutions and engages leadership at every level.  
 
Under general direction performs work of considerable difficulty in planning, organizing, implementing and maintaining the County’s Information Security Office that includes Data compliance, Security Awareness, Risk Assessment, Business Impact Analysis, Change Management, Vulnerability Scanning, and  Disaster Recovery, and performs related work as assigned. 
 

Please note: Presently, this position is up to 75% remote work and 25% minimum in office time. When working remotely, 1 hour response time is required for urgent IT matters and is subject to change at any time.   
 
The full range for this position is $76,684 to $111,785. Starting salary will depend on qualifications. 
 
This position will require the successful completion of a Criminal Justice Information Services fingerprint and background clearance within 90 days of employment, this must be maintained throughout employment.  

(Illustrative only)

• Responds to phishing email employee notifications, anti-virus alerts, malware alerts, intrusion alerts, policy and network anomalies 
• Assists in daily continuous diagnostic mitigation scanning of all County nodes 
• Conducts security risk assessments and business impact analysis of all County departments to ensure a comprehensive County-wide Disaster Recovery Plan has been developed and tested 
• Provides solutions to mitigate vulnerabilities identified on the County Infrastructure 
• Implements procedures for detecting, reporting and investigating breaches in security; institute routine audits; assist in the investigation of suspected breaches in security  
• Develops internal documentation for the Information Security Office to ensure knowledge transfer and long-term operational success. 
• Acts as a consultant regarding departmental security policies, computer operations, logical access controls, system development, and data communications security  
• Participates in the recommendation of security-related guidelines and modifications in areas of personnel screening and practices, physical security, data access and hardware and software selection and operation, to ensure confidentiality and recoverability of data  
• Assists as the central point of contact for the Information Security Office within the Information Technology Department responding to incidents or violations and assists Information Technology staff and others 
• Investigates security violations, maintains records and writes reports 
• Develops, promotes and presents security awareness education to County departments 
• Acts as lead when assigned to key projects, with the ability to plan, prioritize, delegate, and review the work of assigned staff
• Coordinates staff training and development efforts   
• Reviews existing and proposed state and federal legislation and regulatory laws regarding information systems, security and privacy 
• May assist with vendor activities, write and evaluate proposals and negotiate contracts for security-related equipment and services

Essential functions of this position include but are not limited to: walking; working with and around other staff and County employees; dealing with interruptions; repetitive motion (hand-wrist) for keyboarding; vision-acuity (near) for monitoring PC screen data; Color vision necessary for working with color coded cables; hearing and speech (ordinary conversation) for communicating with staff and customers; touch (finger dexterity) for keyboarding; Environmental hazards include electrical hazards associated with working with computers, servers and circuits, and potential for falls from ladders.

Bachelor’s Degree in communications, computer science, information processing or a related field and four years of information technology experience including two years managing large-scale, complex information technology security requirements including writing, implementing and maintaining security policies and development managing disaster preparedness/recovery plans; OR

Associate Degree in communications, computer science, information processing or a related field and five years of information technology experience including two years managing large-scale, complex information technology security requirements including writing, implementing and maintaining security policies and development managing disaster preparedness/recovery plans; OR

Six years of information technology experience including two years managing large-scale, complex information technology security requirements including writing, implementing and maintaining security policies and development managing disaster preparedness/recovery plans; OR

Any equivalent combination of education, training and experience which demonstrates the ability to perform the duties of the position.

Additional Requirement:

Must obtain an Arizona driver's license by date of hire and maintain it throughout employment. Final job offer will be contingent upon a satisfactory 5-year Arizona Motor Vehicle Report.  

The ideal candidate is an energetic, multi-tasking, enthusiastic self-starter with an emphasis on the customer experience. 

This position is safety sensitive - driving.  

This position is non-exempt from overtime.

Considerable knowledge of: 

• Principles and methods used in the analysis and development of information security systems and procedures  
• Experience with network security management tools; vulnerability scanning and remediation; security information event management (SIEM); and tools to defend against and/or respond to attacks when they occur. Threat Hunting for malicious files or actors 
• Operating systems, OSI-Layers, Networks 
• Security Operations/Network Monitoring 
• Network Mapping, Enumeration, Web-Application Scanners, Firewalls, Routers, IDS/IPS, AI 
• Public Key Infrastructure and other encryption techniques 
• Penetration/System Testing 
• NIST security standards, guidelines and theories

Skill in: 

• Preparing and presenting effective, clear and concise reports and correspondence 
• Incident Response 
• Log Correlation 
• Analyzing and assessing policies and operational needs and making appropriate recommendations 

 Ability to: 

• Effectively evaluate the progress of vulnerability mitigation 
• Analyze and interpret complex data 
• Analyze problems and identify alternative solutions 
• Work safely and support the culture of workplace safety 
• Establish and maintain effective working relationships with employees, other agencies, service providers, and the public 
• Follow written and verbal instructions 
• Communicate effectively verbally and in writing 

Coconino County is an Equal Opportunity Employer.
 AmeriCorps, Peace Corps and other national service alumni are encouraged to apply.

Salary : $76,684 - $111,785