IS Systems Specialist III (Open & Promotional) - County of San Mateo
San Mateo, CA
About the Job
The County of San Mateo's Information Services Department seeks an IS Systems Specialist III to serve in the Security Division. Under general supervision, the individual in this position performs the most complex and varied technical tasks related to the configuration, troubleshooting, maintenance, and monitoring of the County's security infrastructure. This position serves as a technical leader and technical subject matter expert in specific security area(s) and is called upon to analyze existing and future computing environments and ensure that all solutions comply with County policy, frameworks and industry accepted best practices.
As an integral part of the Security team, the IS System Specialist III will be responsible for system administration across a variety of platforms and services such as: Firewalls (Palo Alto); Intrusion Detection and Prevention (Palo Alto Threat Prevention and Wildfire); Endpoint Protection Suite/XDR; Security Orchestration Platform (XSOAR); Cloud Security services; XDR SIEM monitoring and management; Vulnerability identification and mitigation/remediation. The position also requires support in ancillary systems that support IAM/ARM platforms such as SolarWinds, Active Directory, OKTA. Additionally, this position will perform intrusion event investigative and reporting activities as required. Similarly, incumbents in this class must regularly analyze requests for new system implementations and ensure that strategies are applied that support best practice security design and integration with existing security infrastructure. Furthermore, this position will be tasked with performing analysis and data production and reporting in support of any identified indicators of compromise, audit and policy compliance across the enterprise.
CLASS CHARACTERISTICS
This is the advanced journey class in the IS Systems Specialist series. Incumbents serve as subject matter experts in specific area(s), perform complex and varied technical support, provide analytical support for County-wide infrastructure, and frequently solve problems requiring analysis of unique issues or problems without precedent and/or structure. Incumbents serve as technical lead for assigned projects. Employees at this level are required to be fully trained in all procedures related to assigned area(s) of responsibility, working with a high degree of independent judgment, tact, and initiative. This classification is distinguished from the IS Systems Specialist II by the complexity and size of the applications supported and the amount of discretion exercised when solving problems and developing resolutions. This classification is further distinguished from the IS Senior Systems Specialist in that the latter is responsible for the daily technical and functional direction of assigned staff, work is performed within a broad framework of general policy requiring creativity and resourcefulness to accomplish goals and objectives, applies concepts, plans, and strategies which may deviate from established methods and practices, and regularly leads projects of critical importance and substantial consequence of success or failure to the County.
The ideal candidate for these positions will have:
Additional Desired Skills:
As an integral part of the Security team, the IS System Specialist III will be responsible for system administration across a variety of platforms and services such as: Firewalls (Palo Alto); Intrusion Detection and Prevention (Palo Alto Threat Prevention and Wildfire); Endpoint Protection Suite/XDR; Security Orchestration Platform (XSOAR); Cloud Security services; XDR SIEM monitoring and management; Vulnerability identification and mitigation/remediation. The position also requires support in ancillary systems that support IAM/ARM platforms such as SolarWinds, Active Directory, OKTA. Additionally, this position will perform intrusion event investigative and reporting activities as required. Similarly, incumbents in this class must regularly analyze requests for new system implementations and ensure that strategies are applied that support best practice security design and integration with existing security infrastructure. Furthermore, this position will be tasked with performing analysis and data production and reporting in support of any identified indicators of compromise, audit and policy compliance across the enterprise.
CLASS CHARACTERISTICS
This is the advanced journey class in the IS Systems Specialist series. Incumbents serve as subject matter experts in specific area(s), perform complex and varied technical support, provide analytical support for County-wide infrastructure, and frequently solve problems requiring analysis of unique issues or problems without precedent and/or structure. Incumbents serve as technical lead for assigned projects. Employees at this level are required to be fully trained in all procedures related to assigned area(s) of responsibility, working with a high degree of independent judgment, tact, and initiative. This classification is distinguished from the IS Systems Specialist II by the complexity and size of the applications supported and the amount of discretion exercised when solving problems and developing resolutions. This classification is further distinguished from the IS Senior Systems Specialist in that the latter is responsible for the daily technical and functional direction of assigned staff, work is performed within a broad framework of general policy requiring creativity and resourcefulness to accomplish goals and objectives, applies concepts, plans, and strategies which may deviate from established methods and practices, and regularly leads projects of critical importance and substantial consequence of success or failure to the County.
The ideal candidate for these positions will have:
- Extensive experience supporting Palo Alto Firewalls or substantially similar platforms, including design, ongoing operations, maintenance, and security risk analysis.
- In-depth understanding of network protocols, and IP subnet assignments and schema management.
- Demonstratable knowledge and experience in Security Orchestration platforms such as Cortex SOAR.
- Knowledge and ability in identity and rights management concepts and supporting systems such as Okta, Active Directory and SolarWinds.
- Knowledge in SIEM platforms and the ability to customize such systems when required to strengthen integrated reporting.
- Proven skills in network security concepts such as macro/micro segmentation and network access control concepts.
- Knowledge of email protection platforms, such as Mimecast, sufficient to understand attack delivery and proliferation tactics as well as knowledge to initiate account or email store cleansing tasks when required.
- Thorough understanding of attack chain (MITRE) frameworks, structures and tactics and the ability to apply sound response strategies sufficiently to ensure event or incident chain is disrupted and mitigated.
- Significant understanding of a variety of remediation processes sufficient to ensure that any security event or incident is fully understood and that protective systems are tuned to prevent such occurrences in the future.
- Sound understanding of system continuity and resiliency approaches to ensure that restoration of systems and services is available at all times without exception.
- Conversant in regulatory requirements, such as CJIS, HIPAA, and an understanding of how these, and other, regulatory requirements can be satisfied through the application of network and security processes and systems.
- Comprehensive knowledge of security frameworks (CIS/NIST) and the ability to design compliant solutions as well as demonstrate skill in implementing processes to validate framework compliance.
- Significant experience and understanding of Cloud security platforms and services such as those provided through AWS or Azure.
- Comprehensive understanding of cloud-based security platforms and services and how those systems provide essential services to the enterprise computing ecosystem.
- Knowledge and skills in the area of Zero Trust concepts and design for a distributed enterprise environment.
- Extensive understanding of best practice security concepts and design strategies with the ability to communicate those concepts to the user population in a way that supports an understanding of these concepts and why they are necessary.
- Strong analytical skills - ability to interpret complex information from various sources to reach accurate conclusions.
- Strong communication skills - ability to explain complex issues in a way that both the average user and technologists will understand.
- An excellent sense of creativity – ability to find innovative solutions to business problems while still incorporating sound security strategies.
- The ability to identify what needs to get done and doing it; extremely self-motivated.
- The ability to work with cross-functional technical teams to gather information and influence decisions.
Additional Desired Skills:
- DNS, DHCP administration, securing and architectural design.
- Knowledge of multiple forests and Trusts.
- Setting up and supporting encrypted internet tunneling.
- Data Loss Prevention platforms and concepts.
- HTTPS inspection services and concepts.
- Cloud firewall and CASB environments such as Zscaler and Prisma.
- Sound system, device and user authentication methodologies such as MFA.
- Experience with Active Directory structures, optimization and integration with Azure AD or similar cloud directories.
Source : County of San Mateo
