INFORMATION TECHNOLOGY SECURITY ADMINISTRATOR Print (https://www.governmentjobs.com/careers/clarkcounty/jobs/newprint/4717276) Apply  INFORMATION TECHNOLOGY SECURITY ADMINISTRATOR Salary $35.38 - $54.88 Hourly Location Clark County - Las Vegas, NV Job Type PERMANENT Job Number 27245 Department Information Technology Division Admin Opening Date 11/05/2024 Closing Date 11/19/2024 5:01 PM Pacific + Description + Benefits + Questions ABOUT THE POSITION The Clark County Information Technology department is seeking qualified candidates to apply for the Information Technology Security Administrator position. This position p rovides information technology security administration for the enterprise. Maintains Clark County's business recovery plan and conducts disaster recovery testing at enterprise and department levels. This is a technical, experienced cybersecurity position performing professional level work related to the planning, implementation, monitoring, evaluating and coordination of cybersecurity: controls, governance, and compliance across the County enterprise. This examination will establish an Open Competitive Eligibility list to fill current and/or future vacancies that may occur within the next six (6) months or may be extended as needed by Human Resources. Human Resources reserves the right to call only the most qualified applicants to the selection process. Some positions may be confidential positions and are excluded from membership in the union. Some positions may be non-union positions and are excluded from membership in the union. NOTE: A resume is required in addition to the completed employment application. Applications submitted without a copy of the candidate’s resume are incomplete and will not be considered. MINIMUM REQUIREMENTS Education and Experience: Bachelor's Degree in Computer Science or Management Information Systems, or related field AND three (3) years full-time professional level experience in computer security administration, including contingency planning, preferably in a large mainframe multiprocessing environment. Possession at time of application and maintenance of a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred and may be substituted for education or experience up to five (5) years. Possession at time of application and maintenance of a CompTIA Security+ certification may be substituted for education or experience up to two (2) years. Additionally, professional level experience and/or education that has provided the skills and knowledge necessary to perform all job functions at this level may be substituted on a year-for-year basis up to two (2) years. All qualifying education and each experience must be clearly documented in the “Education” and “Work Experience” sections of the application. Do not substitute a resume for your application or write "see attached resume" on your application. All details must be written in your own words and cannot be copied from job descriptions or other external sources. Licensing/Certification: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+ or similar are preferred. Working Conditions: Work extended shifts or be called back in emergency situations. Background Investigation: Employment is contingent upon successful completion of a background investigation. Periodically after employment background investigations may be conducted. Citizenship: Candidates must be legally authorized to work in the United States. Please note, Clark County does not provide H1B visa sponsorships or transfers for any employment positions. Pre-Employment Drug Testing: Employment is contingent upon the results of a pre-employment drug examination. EXAMPLES OF DUTIES + Establishes and maintains security and business recovery policies and procedures. + Provides security and control measures across multiple computer platforms (e.g. enterprise server, client server, network, Internet/Intranet, and desktop). + Monitors access and use of County information. Implements logging/tracking mechanisms for intrusion detection. + Maintains Clark County's Business Recovery Plan. + Provides on-going testing of the Business Recovery Plan at the enterprise level (infrastructure organization and teams, hot-site recovery operations) and department level (checklist tests, simulations/structured walk-throughs). + Monitors backup and recovery procedures (enterprise server, mid-range computers, PCs, and networks). + Conducts periodic security assessments and disaster recovery preparedness reviews to evaluate effectiveness and compliance with security and business recovery measures. Incorporates security requirements from governmental and external agencies. + Maintains security and business recovery related files, reports, policy manuals, and documentation. + Provides liaison with Internal Audit, Office of Emergency Management and Risk Management on security/ business recovery issues and breaches of security. + Monitors security and disaster recovery developments in the industry. + Provides lead direction and coordination to other information technology staff throughout the County. + Provides management with a clear view of security threats/solutions. + Promotes the concept of information as an asset or resource. + Provides awareness of County's exposure should there be an extended disruption of the County's business functions or information technology capabilities. + Assists in planning goals, objectives, procedures and work standards for the unit; provides input into the unit's budget. + Contributes to the overall quality of the section's service provision by developing and coordinating work teams and by reviewing, recommending and implementing improved policies and procedures. + May drive a County or personal motor vehicle in order to visit various work sites and attend meetings. Department of Aviation Duties: + Serves as an expert advisor to senior management in the development, implementation and maintenance of an information security infrastructure ensuring best practice control objectives for system integrity, availability, confidentiality, accountability and assurance within the context of the airports risk tolerance. + Identifies and proposes key information security program priorities, initiatives, plans, practices and tools. Oversees execution of approved information security project plans and provides regular status reporting on progress of such projects. + Implement and manage cybersecurity tools such as firewalls, endpoint detection and response, email security, configuration management, continuous monitoring, cloud security, application security, and related items. + Provides guidance (e.g., information security risk severity assessments / relative cost benefit analysis etc.) and provides recommendations regarding prioritization of system security infrastructure investments that mitigate risks, strengthen defenses and reduce vulnerabilities. + Drafts and proposes organizational information security strategy and action plans based on relevant risk assessment and gap analysis. + Develops, publishes, and maintains comprehensive information security standards, policies, procedures and guidelines. + Acts as the primary control point during follow-up on significant information security incidents, oversees development of response plans and provides timely update reporting. + Advises the management team on risk issues that are related to information security and recommends actions in support of the wider risk management programs. PHYSICAL DEMANDS Mobility to work in a typical office setting, use standard office equipment, and to drive a motor vehicle; vision to read printed materials and a computer screen; and hearing and speech to communicate in person or over the telephone. Must be capable of traveling to and from various County locations to visit work sites and attend meetings. Accommodation may be made for some of these physical demands for otherwise qualified individuals who require and request such accommodation. Come Make a Difference and Join the Clark County Family where we offer a comprehensive benefits package that includes: + Flexible Schedules including 4/10 options + More Money in Your Pocket + 100% Employer Paid Defined Benefit Retirement + No Social Security Deduction + No State Income Taxes + Two Employer Sponsored Health Plans Offered - Choice of PPO or EPO (hybrid of HMO) + Medical (https://www.clarkcountynv.gov/government/departments/risk\_management/employee\_and\_retiree\_health\_benefits.php#outer-2778) - Employer pays 90% of premium + Pharmacy Benefits (30, 90-day retail or mail order fills) + 24/7 Telephone Advice Nurse - no employee cost + Teledoc, Doctoroo, and Dispatch Health + Retiree insurance – eligible after 5 years of service + Dental + Vision + Life Insurance – Employer Paid + AD&D – Employer Paid + Long Term Disability – Employer Paid + Generous Leave Accruals that include: + 13 Paid Holidays including a Floating Birthday Holiday + Paid Vacation Leave + Paid Sick Leave + Holiday Leave + Other leave options + Catastrophic Leave + Parental Leave – Up to 90 days + Wide Variety of Voluntary Benefits that include + Guardian – Accident, Cancer, Critical Illness, Hospital Indemnity, and Short-Term Disability Insurance. + Trustmark – Permanent Life Insurance benefits and long-term care. + Sunlife Financial – Basic and Voluntary Life Insurance, AD&D, and long-term disability insurance + TASC – Flexible Spending Account – FSA & Dependent Day Care Debit Card Available + Morgan Stanley – Deferred Compensation Plan + Employee Assistance Program + Onsite Fitness Center – $12/month *Benefits vary and are subject to change depending on assignment, hiring organization and bargaining unit. 01 In order to be considered for this position, you must include a resume in addition to the application. Applications submitted without a resume will be considered incomplete. Resumes may be attached to the online application or emailed to Patrick.Canos@ClarkCountyNV.gov. All application materials must be received by the closing date/time on the posting announcement. + I understand I must include a resume in addition to the completed application in order to be considered for this position. I further understand these must be submitted by the closing date listed on the posting announcement. 02 The following questions 2-6 will be used to assist in determining if candidates meet the minimum qualifications. Which best describes your level of education? + Some High School + High School Diploma or GED + Trade School or Technical Degree + Some College (1-29 semester credits) + Some College (30-59 semester credits) + Some College (60-89 semester credits) + Some College (90-120+ semester credits) + Associate's Degree + Bachelor's Degree + Master's Degree or higher + None of the above 03 List all degrees received that are directly related to the position (see template below). College/University: Did you graduate: College Major/Minor: Semester Credits Completed: Degree Received: 04 Indicate your full-time professional experience in computer security administration, including contingency planning, preferably in a large mainframe multiprocessing environment. + No Experience + Less than 1 year + 1 to 2 years + 2 to 3 years + 3 to 4 years + 4 to 5 years + 5 to 6 years + More than 6 years 05 Please list all employer(s) and each job title on your application where your experience was obtained in question 4. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 06 Which of the following certifications do you currently have? (Check all that apply) + Certified Information Security Manager (CISM) + Certified Information Systems Security Professional (CISSP) + CompTIA Security+ + Other 07 The following skills assessment is a self-assessment used to evaluate an applicant's training and experience. I understand that: A) Part-time experience must be prorated and credited as half of full-time experience (i.e., if you performed the task for two years in a part-time position, 20 hours per week, you can only credit yourself with one year of experience in that area) B) The education, knowledge, and experience levels indicated by my skills assessment responses must be supported and clearly documented in the "Education" and "Work Experience" sections of my application; C) Any falsification or misrepresentation of the information listed on the employment application or skills assessment may result in removal from the eligibility list or rescinding a job offer; D) Responses to assessment questions that are not supported and clearly documented in the "Education" and "Work Experience" sections on the application may result in question scores being adjusted to receive zero points; E) Assessment scores may be used to consider applicants for the selection process; F) I further understand that since exam scores will be automatically generated based on the applicant's response to each item in the assessment, score appeals will not be allowed for this recruitment. + I have read and understand the above information regarding the completion of the following skills assessment questions. I further understand that this recruitment includes a skills assessment and that the answers I provide must be consistent with the "Education" and "Work Experience" sections detailed on my application and that scoring appeals will not be allowed for this recruitment. 08 Indicate your full-time professional experience designing, implementing, monitoring and auditing cyber-security technical controls. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 09 Please list all employer(s) and each job title on your application where your experience was obtained in question 8. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 10 Indicate your full-time professional experience establishing and maintaining cyber-security policies, guidelines, and procedures. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 11 Please list all employer(s) and each job title on your application where your experience was obtained in question 10. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 12 Indicate your full-time professional experience performing endpoint detection and response. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 13 Please list all employer(s) and each job title on your application where your experience was obtained in question 12. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 14 Indicate your full-time professional experience performing cyber-security vulnerability detection and designing and implementing remediation. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 15 Please list all employer(s) and each job title on your application where your experience was obtained in question 14. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 16 Indicate your full-time professional experience managing and using Security Event and Information Management (SEIM) systems, monitoring for cyber-security anomalies, and creating correlations and alerts. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 17 Please list all employer(s) and each job title on your application where your experience was obtained in question 16. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 18 Indicate your full-time professional experience performing network security functions: firewall management, internet filtering, and intrusion detection/prevention. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 19 Please list all employer(s) and each job title on your application where your experience was obtained in question 18. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 20 Indicate your full-time professional experience creating, evaluating, and implementing cyber-security incident response, business continuity, and disaster recovery plans. + No Experience + Less than 2 years + 2 to 4 years + 4 to 6 years + More than 6 years 21 Please list all employer(s) and each job title on your application where your experience was obtained in question 20. The template provided below must be completed in its entirety or the application will be considered incomplete and not eligible to move forward in the process. Type N/A if you have no related experience (see template below). Do not list "see attached resume" Employer Name: Job Title: Hours Worked Per Week: Dates of Employment: 22 Do you currently hold a valid driver's license? + Yes, I currently hold a valid Nevada driver's license. + Yes, I currently hold a valid driver's license from another state. + No, I do not currently hold a valid driver's license. Required Question Agency Clark County Address 500 S. Grand Central Pkwy, 3rd Floor PO Box 551791 Las Vegas, Nevada, 89155-1791 Phone (702)455-4565 Website http://www.clarkcountynv.gov Apply Please verify your email address Verify Email