|Date Posted||April 28, 2021|
Harris County was founded in 1836 and is located in the Gulf Coast region of Texas approximately 50 miles from the Gulf of Mexico. Harris County covers over 1700 square miles with over 4 million residents, making it the most populous county in Texas and third most populous in the United States.
The Harris County Central Technology Services (CTS) exists to support the mission of Harris County by developing, implementing and supporting high quality, innovative and cost effective information technology solutions.
Under minimal direction, the Senior Enterprise Information Security Professional reviews, designs, documents, implements and maintains cybersecurity operational solutions to support the overall direction and vision of Harris County Universal Services and critical assets.
- Responsible for design input, implementation, and maintenance of multiple enterprise-wide security solutions to address Cybersecurity needs as they are identified and prioritized. Current projects may include Identity and Access Management (IAM), Multi-Factor Authentication (MFA), Microsoft Cloud Security, Azure ATP/AIP, Privileged Access Management (PAM), Data Loss Prevention (DLP) and Data Encryption/Protection for cloud storage and collaboration platforms.
- Works on projects or issues of high complexity as a subject matter expert that require in-depth knowledge across multiple technical areas and business segments.
- Independently review the threat landscape of Microsoft cloud applications and identify, assess and recommend and sometimes implements best practice security strategies to mitigate threats.
- Works with threat management to review and communicate project security vulnerabilities and risks to stakeholders and consults on remediation efforts.
- Leads in the implementation of an enterprise Multi-factor authentication (MFA) solution.
- Drives the daily administration and support of IAM, PAM, Microsoft Cloud Security and MFA technologies and services.
- Research, designs and implements solutions to address user access control needs, risk levels and vulnerabilities.
- Conducts independent research, analysis, and stakeholder interviews to gather and document each project's scope, requirements, and dependencies.
- Documents as necessary to support the overall delivery of Cybersecurity operations objectives. This includes but is not limited to customer communication, job aids, training materials, architecture diagrams, technical reference guides.
- Demonstrates in-depth knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies, and an ability to relate them to the county and its objectives.
- Must be able to weigh business needs against security concerns and articulate issues to management and stakeholders.
- May serve as a general security subject matter expert and project consultant to IT staff and other departments/agencies as necessary to support the demand for cybersecurity expertise.
- Coaches and mentors more junior level managerial and technical staff.
- May be required to work more than forty hours during the workweek and/or weekends or on-call 24 hours a day to meet special projects or deadlines.
- Participates on Cybersecurity Incident Response Team (CIRT) investigation and response activities as required.
High school diploma or GED equivalency from an accredited Institution. A minimum of 5 years of progressive work experience in Information Security is required, including direct experience designing, implementing, and operating enterprise security solutions, tools and technologies.
- Experience implementing and executing security solutions, tools, and technologies across complex, large-scale environments, all the way from project initiation to the desired end state of operationally healthy and sustainable services
- Strong leadership, verbal / written communication, research, analysis, and analytical/problem solving skills.
- Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership.
- Ability to confront challenges in a constructive fashion and influence others through consensus building techniques
- Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel.
- A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment.
- Bachelor's degree in Computer Science, Information Systems or similar area of study from an accredited college or university or equivalant experience is preferred.
- Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) or CompTIA Security+ Certification is preferred.
- Experience with Microsoft cloud security solutions, specifically the Enterprise Mobility + Security (EMS) suite.
- Experience with Microsoft Active Directory services and the related best practie security mitigation strategies related.
- Experience in design, implementation and operational support of security solutions, tools, technologies and processes.
- A broad understanding of cybersecurity concepts across all domains, applicable security models (e.g. ISO 2700X, NIST and CIS Critical Security Controls) and regulations (e.g. SOX, PCI, HIPAA and CJIS)
- Preferred experience with Quest One Identity or the following IAM leaders: Oracle OIG, IdentityIQ, IBM IGI, Saviynt or similar Identity and Access Management software.
- Preferred experience with Microsoft MFA or the following leaders in MFA/2-factor authentication: OingID, Okta, OneLogin, IBM, Oracle, CyberArk
- Exposure to Microsoft Advanced Threat Analytics (ATA) and the ability to understand and repond to related alerts
- 2+ years, experience with at least one of the following languages: Powershell, SQL, VB.NET
May be required to work more than forty hours during the workweek and/or weekends or on-call 24 hours a day to meet special projects or deadlines.
Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to CJI (Criminal Justice Information) systems or access to an area where CJI is received, maintained or stored either manually or electronically (i.e. custodian, maintenance).
- Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor.
- Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years.
- Open arrest for any criminal offense (Felony or Misdemeanor).
- Family Violence conviction.
- provided by Dice