Infrastructure Security Specialist

The Office of Information Technology Services (ITS) is a partner for IT solutions for North Carolina State Government. ITS is committed to working with our agency customers to develop an efficient, effective, customer-centric e-state. ITS can help business and government:

Promote the delivery of more effective and efficient services
Provide increased accountability to citizens
Offer easier access to useful information
Enable enhanced participation in the democratic process
Present new opportunities to encourage economic development
Improve society through telemedicine and distance learning


This position’s responsibilities include:
This position resides within the Security Office of the Office of Information Technology Services (ITS). The Infrastructure Security Group supports the ITS mission by providing security services in the area of Infrastructure Security, Security Event Management, Vulnerability Management, Identity Management, Security Education and Training and special security projects. This position will focus on vulnerability management and various forms of identity management. This position will identify and coordinate security standards and practices for the operational areas supported within ITS with special focus in Authentication and Authorization. This person will work to champion efforts to support the technical planning, testing, integration, acceptance, deployment, support, compliance and assessment processes for the secure operations of each of ITS networking/hosting environments. Primary purpose of this position includes: Vulnerability Management and Identity Management. Familiar with ISO standard 17799. .
REQUIREMENTS
Understanding of technical components of security architecture in a distributed computing environment. Knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, security attack pathologies & experience with multiple forms of Identity. Identity Management experience with Oblix software is preferred. Experience with security vulnerability scanning is required. Function as consultant to IT groups on security matters as a recognized expert. Strong analytical, problem-solving skills & experience responding to security incidents. Project management skills desired. Prepare, document, implement security plans & policies. Experience with: network and computer architecture, TCP/IP, Kerberos, firewalls, VPN, Intrusion Detection/Prevention systems, UNIX, Linux, LAN/WAN technologies, Windows 2000x & Microsoft Active Directory. Management Prefers: 3 years experience as security/vulnerability manager in an integrated distributed environment. Knowledge of vulnerability and identity management in Unix, Linux and Windows environments and system administrative with Unix, Windows, and Linux. Security certification a plus–CISSP, GSEC. Graduation from a four-year college or university with a major in electronics, telecommunications, engineering, or a closely related field and three years of experience in network design, analysis, or management. An additional year and a half of progressively related experience is required for each level above Contributing.

Employment at ITS is contingent upon a satisfactory background check. For complete information on this and other positions, including minimum training and experience, please see our Web site at http://www.its.state.nc.us/Career/Openings.asp.
A state application form (PD-107) is required for each position applied for and is available by link from our site or at local ESC offices and public libraries. Applications must be received at ITS Personnel Services, PO Box 17209, Raleigh, NC 27619-7209 by 5:00 PM on the day of closing.
Resumes are not accepted in lieu of the completed application form but candidates are encouraged to attach them to the application form.
ITS is an Equal Opportunity and Merit-Based Employer.

Job Closing Date - 09/25/05