Job Code Pay Scale Group Pay Scale Type Bargaining Unit Civil Service or Non-Civil Service Last Executive Board Change Executive Board Change History
01517 08 ST A4 C 739-03 07/03/2018

JOB TITLE: INFORMATION SECURITY SPECIALIST 1

JOB CODE: 01517

SERIES NATURE OF WORK: The Information Security Specialist job series describes information technology work in the protection of commonwealth systems and data.

DEFINITION: This is advanced technical work in the administration of information security programs, policies, and procedures within a centralized information security unit.

An employee in this job performs a broad range of security duties in support of information security. Work involves implementing, administering, and maintaining security standards, policies, procedures, and access to systems to ensure the confidentiality, integrity, and availability of systems, networks, servers, and data; planning, developing, and conducting security assessments and audits; testing and documenting security procedures; conducting security analysis; and testing software for security threats. Employees may interact with other IT staff, agency program staff, and contractors regarding system-wide security issues such as breaches, viruses, worms, and hacking. Work is performed under the supervision of a higher level information security specialist or other administrative or technical supervisor and is reviewed for achievement of objectives.

   DISTINGUISHING CHARACTERISTICS:

     • Work at this level is distinguished from lower level information technology (IT) jobs performing information security duties by the independent performance of security duties in a centralized information security unit and the broad range and scope of security duties performed.

     • Work may include lead work over lower level IT staff performing technical information technology work.

EXAMPLES OF WORK: (NOTE: The examples of work are representative of the work, but every position classified to this job may not perform all examples of work listed. Conversely, this is not an all-inclusive list of work examples.):

• Assists in the development and maintenance of information security program documentation and in the identification and documentation of exceptions to security policies and procedures to ensure proper escalation and follow-up.

• Conducts compliance reviews by applying legislative and regulatory requirements and technical standards to detect areas of non-compliance and vulnerabilities.

• Recommends enhancements to the information security program based on results from compliance assessments.

• Utilizes risk assessment methods and tools to assist in the identification of adverse consequences of security breaches, the likelihood of the breach and associated consequences occurring, and the development of risk mitigation recommendations and/or identification if further mitigation steps are required.

• Executes recommended remediation strategies and tactics to mitigate and minimize technical and procedural vulnerabilities.

• Performs incident triage to determine scope, urgency, and potential impact of a breach and reports incidents based on set escalation procedures to relevant parties to ensure immediate actions will be taken.

• Reviews security system logs and reports on any irregularities or issues and analyzes log files and other information to determine best methods for identifying the cause of an information security breach.

• Acquires forensic evidence in a manner that preserves the data and maintains chain of custody and coordinates with internal stakeholders, such as IT, Security Operations Center, business units, and management, to identify and validate forensic evidence.

• Identifies and documents different classes of information security and privacy threats, such as cyber, environmental, human, structural, or natural.

• Assists in monitoring compliance with the organization’s privacy program, enforcing privacy requirements, and informing applicable parties of how to best comply.

• Performs backup and recovery of data to ensure confidentiality, integrity, and availability of data aligned with established data governance framework.

• Conducts functional and security testing of security systems.

• Determines nature of data requiring protection by considering its location to support implementation of the appropriate encryption technologies and ensuring compliance with data privacy regulations.

• Contributes technical information related to information security and privacy in the preparation of request for proposals or competitive bids and contractual agreements with third parties.

• Assists in the review of physical controls to ensure sufficient protection of organization facilities and assets.

• Participates in regular tests and surveys of the organization site to ensure facilities are appropriately sited to minimize environmental risks, and where appropriate, protection is installed.

• Participates in the identification and documentation of operational and financial impacts after a business interruption and assesses the impact of an event on normal business operations.

• Participates in crisis simulation exercises to prepare the organization to respond to a real-life situation should crisis strike.

• Performs analysis of network security requirements to identify gaps in network architecture as defined by security architects and to ensure continued and proper operations of security components.

• Utilizes monitoring tools to identify irregularities in network traffic and analyzes network traffic associated with malicious activity.

• Participates and provides assistance in the coordination of external audits including the remediation of audit findings.

• Performs system administration on security systems.

• Performs access reviews to maintain the correct level of user privileges.

• Interfaces with other IT staff and other stakeholders to support the maintenance of identity management systems, products, applications, and platforms.

• Identifies performance and skills gaps and learning opportunities and develops IT security training and awareness and educational activities for users.

• Functions as a lead worker for technical work by assigning and reviewing work, training employees, and performing quality control functions for the work.

• Performs related work as required.

ENTRY LEVEL KNOWLEDGES, SKILLS, AND ABILITIES:

• Knowledge of server and workstation platforms.

• Knowledge of industry standards and best practices of information security.

• Knowledge of the functions and capabilities of standard security application systems.

• Knowledge of the functions and capabilities of security testing tools.

• Knowledge of best practices of firewall configurations.

• Knowledge of best practices of network administration.

• Knowledge of best practices of web content filtering and monitoring.

• Knowledge of business process analysis methods.

• Ability to read and interpret security logs, system design specifications, and technical manuals to identify potential problems.

• Ability to communicate effectively orally.

• Ability to communicate effectively in writing.

• Ability to establish and maintain effective working relationships.

MINIMUM EXPERIENCE AND TRAINING: (NOTE: Based on the Entry Level Knowledges, Skills, and Abilities):

• One year as a Network Specialist 1;

or

• Two years of experience performing technical work in information technology security, network support, or network administration, and an associate’s degree in any information technology field;

or

• A bachelor’s degree in any information technology field.