IT - ADMIN - Security Architect - Consultant - Data Modeling Engineer

Scope of the Project:
This position will serve as a Security Engineer within the Division of Information Security and will assist full-time security architects and engineering staff with the implementation, integration, and operationalization of enterprise security technologies and programs.

• The contractor will provide hands-on technical support across multiple security disciplines, including but not limited to SIEM, XDR, vulnerability management, data loss prevention (DLP), security awareness, endpoint and Linux sensor deployment, and security automation initiatives.
• The role requires experience in information security architecture and solution design to support the strategic planning, design, implementation, and continuous improvement of secure systems and services.

Daily Duties / Responsibilities:

• Assist in the planning, design, deployment, and operational support of enterprise security platforms, including:
  • Security Information and Event Management (SIEM)
  • Extended Detection and Response (XDR)
  • Vulnerability management platforms and processes
  • Data Loss Prevention (DLP) solutions
  • Security awareness and training platforms
• Support the development and maturation of the enterprise vulnerability management program, including scanning, reporting, remediation tracking, and metrics.
• Build, deploy, configure, and maintain Linux-based security sensors and related endpoint monitoring tools.
• Assist in the integration and automation of disparate security and enterprise IT tools using scripting and orchestration technologies.
• Collaborate with security architects to design and implement enterprise security solutions that align with leadership's business goals, regulatory requirements, and organizational risk tolerance.
• Design, deploy, and manage countermeasures to address known security threats and contribute to mitigation strategies for emerging threats to enterprise data, systems, and services.
• Ensure consistent application of security controls across enterprise infrastructure and applications; validate control effectiveness and recommend improvements.
• Support incident detection and response activities through monitoring, log analysis, and reporting.
• Develop technical documentation, implementation guides, and standard operating procedures as needed.
• Perform other duties as assigned in support of the Department of Administration's Division of Information Security.

Additional Duties & Skills:

• Strong understanding of enterprise security architecture and engineering principles.
• Knowledge of cybersecurity best practices, threat detection, and defensive security strategies.
• Experience with Linux and Windows operating systems, including system hardening and security configuration.
• Understanding of networking concepts, security protocols, and secure system design.

• 5+ years of experience implementing and supporting enterprise security tools (SIEM, Cribl, XDR, vulnerability management, DLP, endpoint security)
• 5+ years of experience in supporting large IT environments and/or system deployments
• 5+ years of experience developing automation and integrations using scripting languages such as Python and Bash.

Preferred Skills (Rank in Order of Importance):

• Hands-on SIEM administration, analysis, and reporting experience.
• Experience building and deploying Linux-based security sensors.
• Familiarity with security frameworks and compliance standards such as NIST CSF, CJIS, IRS 1075, and CMS MARS-E.

Required Education/Certifications:

• Bachelor's degree in an information technology or information security-related field
• 8+ years of relevant work experience may be substituted in lieu of education

Preferred Education/Certifications:

• CISSP
• Security+