Cybersecurity Advisor

Cybersecurity Advisor

This position is located within the Georgia Emergency Management and Homeland Security Agency (GEMA/HS).    GEMA/HS is the State’s risk advisor, working with partners to defend against today’s threats and collaborating with industry to build more secure and resilient infrastructure for the future. GEMA/HS works with partners across industry and government to understand and manage risk to our critical infrastructure from a constantly evolving range of cyber and physical threats.

Duties & Responsibilities: 

As part of the Office of the Governor, the Georgia Emergency Management Agency/Homeland Security (GEMA/HS) works with local, state and federal governments, in partnership with the private sector and faith-based community, to protect life and property against man-made and natural emergencies. In addition, GEMA/HS employees are on 24-hour call statewide to assist local authorities when disaster strikes.

Under limited supervision, the successful candidate will carry out various responsibilities related to the implementation of the State of Georgia comprehensive and coordinated cyber security program. Work products must meet stringent federal and state grant requirements.

Specific duties will include: 

Performs assessments of systems and networks, and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.

Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Provide cybersecurity guidance to leadership.

The position will provide technical assistance on information security to Critical Infrastructure owner/operators. The position will be required to augment cybersecurity and resiliency assessments.

Collaborate with GEMA/HS managers to support mission objectives; collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance; identify alternative information security strategies to address organizational security objective.

Participate in the establishment of community-based, regional, and/or statewide cyber security strategies, for state, local, and private partners and stakeholders. Review risk management programs by using evaluation results to create or enhance the effectiveness of the partner’s information sharing to support efforts for safeguarding security postures and presents findings to leadership. Advocate new and existing policies, programs, developments related to emerging technologies and cybersecurity technical issues.

Deliver key mitigation capabilities to owners and operators that are designed to reduce risks to the nation’s critical cyber infrastructure, in particular, elections infrastructure. Raise awareness and improve coordination with state and local governments as to cybersecurity evaluative methodology, gaps in cyber management practices, and recommended process improvements. Conduct cyber protective visits and strategic cyber risk assessments to prepare and protect critical cyber infrastructure assets.

Position Specific Minimum Qualifications: 

• Mastery and skill in applying one or more of the following knowledge areas:
• total infrastructure protection environments;
• systems security certification and accreditation requirements and processes;
• State/Local information systems security protocols. The aforementioned knowledges are used in order to integrate information systems security with other security disciplines; certify systems or network accreditation; and/or ensure coordination and or collaboration on security activities.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Ability to travel overnight, statewide and regionally, as dictated by the functions of the position and the business needs of the agency.
• Competency in applying technology to tasks
• Competency in reasoning, planning and evaluation
• Competency in oral, written, and interpersonal communication
• Commitment to providing excellent customer service to internal and external customers including the ability to analyze a customer’s request, evaluate issues, determine the correct course of action, and follow through to ensure customer satisfaction
• The ability to obtain and maintain a Secret Security Clearance.

Additional Information: 

The selected candidate will be required to pass a background investigation as a condition of employment. Items that may be examined in a background check include but are not limited to: credit records, criminal records, fingerprint records, education records, past employers, military records, state licensing/certification records, and driving records.

Please list the computer applications you use and your level of skill in each program in the comments section of the online application. You may also use the comments section to provide any other job related information you wish us to consider in evaluating your qualifications for this position.

Qualifications

Bachelor's degree in Computer Science, Cyber Security, or a related field from an accredited college or university OR completion of 90 quarter hours (60 semester hours) at an accredited college or university AND Two years of related experience.

Mastery of, and skill in cybersecurity infrastructure protection environment.  Note: An equivalent combination of education and job specific experience that provided the knowledge, experience and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis.

Preferred Qualifications

• Completion of a Master's Degree in Computer Science, Cyber Security or field.
• Experience in emergency management planning and operations
• Project management experience
• Intermediate level experience in the use of Microsoft Word, Excel, and Access computer application software
• Work experience in ESRI GIS platforms, preferably ArcGIS 9.x or higher software