State of Florida

Security Operations Engineer

State of Florida

full-time

Posted on:

Location Type: Office

Location: Tallahassee • Florida • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $72,000 - $78,000 per year

Job Level

Mid-LevelSenior

Tech Stack

CloudCyber SecurityFirewallsSQLTCP/IP

About the role

  • Assess and implement secure configuration for the department’s physical and logical information technologies
  • Manage the department’s firewalls to control network traffic, prevent unauthorized access of department assets, and mitigate cyber threats
  • Participate in the design and execution of vulnerability assessments, penetration tests and security audits
  • Participate in Security Architecture reviews for new projects to ensure proposed solutions align with risk requirements
  • Perform routine assessments on physical, logical, and virtual platform configurations to ensure security and compliance
  • Research and analyze security trends and recommend hardening configurations
  • Implement industry best practices and statutory obligations for security policies on the Departments Information technology platforms
  • Perform data sanitation in accordance with policy and Florida Statues
  • Assist with periodic reviews of computer System Security Plans and user training
  • Identify and oversee the management of credentials for authorized devices and users, manage remote access, and access permissions
  • Ensure systems are properly maintained, secured, and controlled, including the review of upgrades, service packs, patches, firmware, and backup configurations
  • Assure that data at rest and in transit is properly secured and protections against malicious exfiltration are implemented; confirm backups of information are successful and tested periodically
  • Develop vulnerability mitigation recommendations, standards, and security configurations for Departmental infrastructure and services
  • Implement Vulnerability patching and/or assist other Departmental processes with vulnerability mitigation and patch efforts
  • Perform systems management for technical systems that promote enhanced security (EDR, XDR, SIEM, ZTNA, CDN, asset management, compliance, identity and access management, incident and event monitoring)
  • Monitor and configure email security tools, anti-spam and anti-phishing tools
  • Provide after business hours support in response to critical security events and investigations
  • Serve as backup and Tiger Team member for the Department and Enterprise agencies as needed
  • Perform other duties as required

Requirements

  • Minimum 4 years of experience in a cybersecurity role or position
  • Minimum 1 year experience with firewall management
  • Knowledge of intrusion defense methodologies and techniques for detecting host and networkbased intrusions
  • Experience with Operating System and Security tool configuration
  • Experience performing incident response and security monitoring tasks
  • Experience with operational impacts of cybersecurity configuration lapses
  • Knowledge of computer networking concepts, protocols and network security
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
  • Knowledge of cybersecurity and privacy principles
  • Knowledge of firewall technologies and configurations
  • Knowledge of cyber threats and vulnerabilities
  • Knowledge of data backup and recovery
  • Knowledge of business continuity and disaster recovery continuity of operations plans
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists)
  • Knowledge of network services and protocols interactions that provide network communications
  • Knowledge of network traffic analysis methods
  • Knowledge of packet-level analysis
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
  • Knowledge of cyber defense and information security policies, procedures, and regulations
  • Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored)
  • Knowledge of common attack vectors (e.g., phishing, malware, MITM, DDoS)
  • Knowledge of system administration, network, and operating system hardening techniques
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Knowledge of OSI model and underlying network protocols (e.g., TCP/IP)
  • Knowledge of cloud service models and how those models can limit incident response
  • Knowledge of malware analysis concepts and methodologies
  • Skill of identifying, capturing, containing, and reporting malware
  • Skill in preserving evidence integrity according to standard operating procedures or national standards
  • Skill in securing network communications
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks
  • Skill in protecting a network against malware (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters)
  • Skill in performing damage assessments
  • Skill in using security event correlation tools
  • Skill to design incident response for cloud service models
Benefits
  • Continued education, training, and career pathing
  • VETERANS’ PREFERENCE. Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veterans’ Preference will receive preference in employment for Career Service vacancies and are encouraged to apply
  • Reasonable accommodation for applicants with disabilities (Americans with Disabilities Act guidance provided; contact DMS Human Resources)
  • On-Call Assignment approved (may require work before, during and/or beyond normal work hours, including extended hours, weekends, or holidays)
  • Drug-Free workplace (employees subject to reasonable suspicion drug testing)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
firewall managementvulnerability assessmentspenetration testingsecurity auditsincident responsenetwork securitydata backup and recoverymalware analysissystem hardeningrisk management
Soft skills
analytical skillsproblem-solvingcommunicationteam collaborationattention to detailorganizational skillsadaptabilitycritical thinkingtime managementleadership