Cyber Security Engineer - Fort Worth, United States - Fort Worth Independent School District

Description

Position Type:
Leading District Professional/Technology

Date Posted:
4/25/2024

Location:
INFORMATION SECURITY

Closing Date:
05/09/2024 Cyber Security Engineer

Reports to: Senior Officer - IT Security

PC#: 2138-3
Pay Grade: 506
Duty Days: 239
Salary Range: $86,673 - $104,426
FLSA Status: Exempt

Position Purpose
Ensures that Fort Worth ISD is prepared to deal with a variety of emergency situations that could arise. Promotes and publicizes the overall and targeted safety, security and risk management programs offered.
Designs, implements, and maintains robust security measures to safeguard the district's digital assets. Ensures the integrity of its information systems, while preventing unauthorized access. Fosters a secure environment that empowers the delivery of quality education while prioritizing the confidentiality and integrity of digital resources.

Defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of Fort Worth ISD. Identifies adversarial activities and anticipates a wide variety of threats to strengthen the defenses and overall protection of the District's Intellectual Property (IP).

Collaborates with the broader security team to mature our program, assess security risks, and communicate/facilitate remediation of those risks. Collaborates for remediation and additional validation and contributes to other collaborative approaches driven by the security team strategy. Helps with critical initiatives for short- and long-term plans to identify and reduce the attack surface across the infrastructure landscape. Uses automated tools to identify, assess, and report is critical, with emphasis placed on effective communication to constituents relying on applications and systems that support their business.

ESSENTIAL JOB FUNCTIONS

• Conducts community relations/awareness security programs to a diverse population, develops and prepares materials for distribution.
• Analyzes IT control weaknesses, identify root causes, and develop remediation plans.
• Implements cybersecurity solutions to protect sensitive information. Integrates security best practices such as identify and Access Management, encryption, and security analytics.
• Monitors threat intelligence sources proactively to guide detection.
• Builds detection logic for attacker tactics, techniques, and procedures.
• Builds triage and response plans for containment, mitigation, and recovery.
• Leverages processes and technologies to detect and respond to attacker activity.
• Develops and improves processes and technologies to help containment, mitigation, and recovery.
• Stays abreast of advanced and emerging areas of cybersecurity, such as container security, to support dynamic and immutable infrastructure.
• Tests, identifies, and evaluates potential security risks and vulnerabilities to develop strategies for prevention and mitigation.
• Scans systems for vulnerabilities, applies patches, and implements measures to address potential security gaps.
• Designs, implements, and monitors network security protocols to safeguard sensitive information and prevent unauthorized access.
• Develops and executes response plans in case of cybersecurity incident or breach, ensuring a swift and effective resolution.
• Creates and enforces security policies and procedures to guide staff and students in maintaining a secure computing environment.
• Educates end-users on cybersecurity best practices and promotes a culture of security within the district.
• Manages user access and authentication systems to prevent unauthorized access and protect user identities.
• Maintains thorough documentation of security measures, incidents, and response procedures for future reference and improvement.
• Contributes to the protection of sensitive data, mitigates cyber threats, and fortifies the overall resilience of the educational technology infrastructure.
• Plans, implements, manages, monitors, and upgrades cybersecurity tools and technologies for the protection of District data, systems, and networks.
• Conducts audits to ensure compliance with industry standards, regulations, and best practices.
• Ensures that data and infrastructure are protected by enabling the appropriate security controls.
• Reports and communicates security issues with the relevant departments in the organization.
• Works with Legal Services and law enforcement to conduct forensics.
• Assesses environment against attacker tactics, techniques, and procedures.

Safety

• Performs preventive maintenance on tools and equipment and ensures equipment is in safe operating condition.
• Follows established safety procedures and techniques to perform job duties including lifting and climbing; operates tools and equipment according to established safety procedures.
• Corrects unsafe conditions in work area and promptly reports any conditions that are not immediately correctable to supervisor.

Supervisory Responsibilities

• None.

Personal Work Relationships

• All Fort Worth ISD employees must maintain a commitment to the District's mission, vision, and strategic goals.
• Exhibits high professionalism, standards of conduct, and work ethic.
• Demonstrates high quality customer service; builds rapport/relationship with the consumer.
• Demonstrates cultural competence in interactions with others; is respectful of co-workers; communicates and performs as a team player; promotes teamwork; responds and acts appropriately in confrontational situations.

Other Duties as Assigned

• Performs all job-related duties as assigned and in accordance with Board rules, policies, and regulations. All employees are expected to comply with lawful directives in rare situations driven by need where a team effort is required.

Knowledge, Skills & Abilities

• Knowledge of information security and enterprise risk management methodologies.
• Knowledge of data-centric security philosophies including data classification and rights management.
• Knowledge of operating systems, programming, networking, malware defenses, perimeter controls, security assessment, web applications, intrusion analysis, malware analysis and incident response.
• Knowledge of Incident Response and Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs)
• Knowledge of security technologies such as Intrusion Detection & Prevention (IDP), Security Information & Event Management (SIEM), Endpoint Detection & Response (EDR), Network Analysis tools, and Vulnerability Scanning Tools.
• Ability to coordinate and respond to security incidents.
• Ability to develop and execute a quality security review based on policies, best practices and/or regulatory standards; ability to conduct and write vulnerability assessments.
• Knowledge of business continuity and disaster recovery management.
• Knowledge of District policies, procedures, and regulations.
• Knowledge and understanding of relevant local, state, and federal legal and regulatory requirements.
• Skill in using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems.
• Skill in written and oral communication skills including ability to interact with and influence all levels of district service center and campus staff.
• Ability to develop information security policies and procedures and execute programs that meet the objectives of excellence in a dynamic environment.
• Ability to articulate technical, security, and risk-related issues in a concise manner.
• Ability to design, organize, and track work plans, create appropriate working and decision-making processes, ensure stakeholders are engaged, and support the work itself.
• Ability to analyze, synthesize, and interpret data, to summarize for technical and non-technical employees and senior management.
• Ability to exercise sound judgment in making critical decisions.
• Ability to establish program goals and objectives that support the strategic plan.
• Ability to work in a team environment, to capitalize on team members' strengths, and to guide them toward achieving a common goal.
• Ability to use application software to access databases, email, create spreadsheets, and process professional documents.
• Ability to organize and coordinate work under pressure, meet tight deadlines, and proactively resolve issues.
• Ability to handle difficult and stressful situations with professional composure.
• Ability to exercise discretion regarding matters of a sensitive or confidential nature.
• Ability to prepare oral or written communications, such as presentations, reports, memoranda, letters, grant proposals, and other documents.
• Ability to engage in self-evaluation with regard to performance and professional growth.
• Ability to establish and maintain cooperative working relationships with others contacted in the course of work.

Travel Requirements

• Travels to school district buildings and professional meetings as required.

Physical & Mental Demands, Work Hazards

• Tools/Equipment Used: Standard office equipment, including computer and peripherals.
• Posture: Prolonged sitting and standing; occasional stooping, squatting, kneeling, bending, pushing/pulling, and twisting.
• Motion: Frequent repetitive hand motions, including keyboarding and use of mouse; occasional reaching.
• Lifting: Occasional light lifting and carrying (less than 15 pounds).
• Environment: Works in an office setting; occasionally requires irregular and/or prolonged hours.
• Attendance: Regular and punctual attendance at the worksite is required for this position.
• Mental Demands: Maintains emotional control under stress; works with frequent interruptions.

Minimum Required Qualifications

• Education: (See approved combinations of Education & Experience below)
  • Accredited High School diploma, GED, or Texas Certificate of High School Equivalency required;
  • Bachelor's degree from accredited college or university in a related field preferred.
• Certification/License:
  • CompTIA Security+ preferred;
  • Cisco Certified Network Associate (CCNA) Security preferred;
  • CISSP certification preferred;
  • CISA certifications preferred;
  • CISM certifications preferred;
  • Other accredited Cybersecurity certifications preferred.
• Experience: 4-8 years' experience in incident detection, incident response, and forensics.
  Approved combinations:
  Education Experience

HS/GED/TxCHSE 8 years
Associate's degree 6 years
Bachelor's degree 4 years

This document is intended to describe the general nature and level of work being performed by people assigned to this job and is not an exhaustive list of all responsibilities and duties that may be assigned or skills that may be required.