Cyber Security Engineer - City of Greensboro
Greensboro, NC
About the Job
*** Extended Recruitment ****
If you have submitted an application previously for this recruitment, you need "NOT" apply again. All applications are still under consideration.
The City of Greensboro exists to partner with the community to build the desired quality of life for Greensboro. All of our actions are guided by our commitment to and measured by our success in building public trust and the future we and the community desires.
Critical to our success is maintaining a work environment which fosters employee commitment to public service and making a difference in the lives of our residents.
If this sounds like a purpose that you would like to share in, please consider the opportunity below.
Compensation and Benefits:
The Full Salary Range for this position is $76,436.00 - $136,781.00 AnnualAnnually. The Hiring Range is $76,436 - $100,574 Annually depending on qualifications, with an excellent benefits package. You can learn more about the benefits that the City of Greensboro offers by visiting https://www.greensboro-nc.gov/departments/people-culture/benefits
Work Schedule:
Wednesday - Tuesday Schedule; 8:00 am - 5:00 pm
Primary Duties/Brief Description of Work:
As a cyber security engineer at the City of Greensboro, you will be a key member of the cyber security team responsible for protecting the City against intrusions and cyber-attacks that aim at gaining unauthorized access to systems and applications and compromising confidential information.
Key Responsibilities
- Conduct risk assessments and help formulate plans to reduce identified risks to an acceptable level.
- Perform monitoring and analysis of security activities to identify and block potential intrusions and cyber-attacks. Investigate security incidents using forensic analysis tools and techniques.
- Install, configure and manage intrusion prevention and endpoint Malware protection solutions to detect and stop advanced threats and cyber-attacks.
- Launch user awareness and training campaigns to increase employees’ awareness about threats and cyber-attacks.
- Conduct phishing tests on regular basis to identify and provide additional security training to employees vulnerable to phishing attacks.
- Implement the required security controls to ensure compliance to laws, regulations and standards including HIPPA, PCI and ISO27001:2022.
- Conduct external and internal vulnerability scans to identify and mitigate vulnerabilities and configuration weaknesses.
- Perform monitoring of the external environment including the darkweb to identify data that could be used to gain unauthorized access to City systems and applications.
- Assist in conducting incident drills simulating Phishing, SQL Injection, Ransomware, data theft and DDoS attacks.
- Perform web application security testing including code analysis to identify application level vulnerabilities. Work closely with applications owners to address identified issues.
- Perform research of industry threats and hacker groups to identify patterns and techniques used in attack campaigns against organizations.