Information Security Engineer, Senior

Job Summary:

This position is an integral part of the Information Security Team which aids in reducing overall organization risk by way of deployment, management, monitoring, and tuning of technical security controls. Additionally, this position reviews security policies and creates associated security standards and procedures in coordination with the CISO and appropriate teams. Specifically, the position of senior security engineer partners with members of the architect team and InfoSec team to recommend security solutions and technology in design to ensure smooth implementations and upgrades to technology. Additionally, this position serves as a solutions research member of InfoSec for supporting technology and maintaining security posture during planning and operations. This position works closely with security analysts to gain insight into threat, vulnerability, and incident information, and with the Architect to incorporate any control decisions into the enterprise security design.

This position does not have direct reports.

Check out the attached job description for more details

Education & Experience
-Any combination that meets the knowledge, skills and abilities (KSA); typical ways KSAs are obtained may include but are not limited to: a relevant degree from an accredited college or university such as Bachelor's Degree (e.g., B.S.), training, coursework, and work experience relevant to the assignment
-Minimum of 8 years of extensive experience in information security systems engineering or related

Licenses & Certifications
-Current certification in one of the following:
-ISSP-ISSAP: Information Systems Security Architecture Professional
-CISM: Certified Information Security Manager
-CEH: Certified Ethical Hacker
-CSSA: Certified SCADA Security Architect
-GSEC / GCIH / GCIA: GIAC Security Certifications
-CompTIA Sec+

Knowledge/Understanding
-Strong working knowledge of information security technologies and best practices in the areas of risk assessment, compliance and vulnerability management and secure system design
-Working knowledge of perimeter security technologies including firewalls, IDS/IPS, network access control and network segmentation
-Working knowledge of the security concepts related to DNS, routing, authentication, VPN, proxy services and - DDOS mitigation technologies
-Knowledge of third party auditing and cloud risk
-Understanding of network security architecture development and definition
-Familiarity with the concepts of ISO 27000, NIST 800 and other security standards in the organization
-Familiarity with Data-at-rest encryption, certificate validation, IDS/IPS, Firewalls, SIEMs and -Log Management, log analysis, HTTP and TCP/IP analysis
-Familiarity with vulnerability identification and assessment including the OWASP Top 10 and SANS Top 25
-Familiarity with products from the following vendors: Trellix, Palo Alto, Tenable, SolarWinds, Tenable, and Crowdstrike
-Familiarity with risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
-Familiarity with router, switch and VLAN security; wireless security
-Familiarity with the practices and methods of IT strategy, enterprise architecture and security architecture.

Skills
-Excellent verbal, written, and listening communication skills with the ability to effectively communicate with various stakeholder groups
-Strong technical writing skill
-Effective organization and time management skills with the ability to manage multiple projects simultaneously and work in high-pressure situations
-Effective interpersonal skills and demeanor
-Proficient in the use of a PC in a Windows environment; in the use of the Internet; in the use of MS Office Applications such as Outlook, Word and Excel, PowerPoint; and in the use of Google Suite applications such as Gmail, Sheets, Docs, and Driv.
-Strong proficiency working with Windows, UNIX and Linux operating systems

Abilities
-Ability to clear a comprehensive background and clearance process that includes an Arizona tax compliance verification, and a criminal background check through the FBI via level one fingerprint clearance through the Arizona Department of Public Safety
-Ability to work both independently and collaboratively as part of a team
-Ability to work in a confidential manner, ensuring information is shared with internal and external individuals in an appropriate manner
-Ability to build strong relationships inside and outside the organization
-Ability to synthesize feedback and adjust plans accordingly
-Ability to evaluate and test emerging technologies, and to apply creative solutions to business problems to ensure business needs are most effectively met
-Ability to design, develop, and implement computing environment system(s), system components, or system architectures in accordance with policy, procedures, and structures
-Ability to design, develop, and implement secure network and enclave environments in accordance with IA policy, procedures, and workforce structure
-Ability to understand and solve problems by applying advanced analytical skills to include collecting, integrating and analyzing all relevant data and information and reduced that information down to manageable components and/or charts, diagrams or graphs; identifying a number of solutions to complex problems integrating findings from several different disciplines, identifying and evaluating the various options developed and selects the most effective solution; drawing logical and objective conclusions from the data and validates them as the prime cause and contributing causes; identifying a number of solutions to the problem by identifying and evaluating the various options developed and selects the most effective solution.
-Ability to learn and apply LEAN concepts, principles and tools used to create and deliver perspectives with the fewest resources with continuous problem solving
-Willingness and ability to embody ADOR’s core values of Do the Right Thing, Commit to Excellence, and Care About One Another

Additional Job Demands
-In the course of performing the essential duties one must be able to exert up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects.
-No substantial exposure to adverse environmental conditions (such as in typical office or administrative work.)

-Certified Information Security Systems Professional
-Experience with Continuous Improvement or LEAN

The final candidate will be required to abide by the the following pre-employment checks:
-Employment and Education Verification and Reference Checks
-State and Federal Criminal Background Check, including fingerprinting
-Arizona Tax Filing Records Check
-If applicable, ASEDRA Authorized Driver Identification Check

If this position requires driving or the use of a vehicle as an essential function of the job to conduct State business, then the following requirements apply: 

All newly hired State employees are subject to and must successfully complete the Electronic Employment Eligibility Verification Program (E-Verify).

The State of Arizona provides a world class comprehensive benefits package including:
-Paid time off for holidays, sick days, annual leave, military leave, bereavement leave, and civic duty leave
-Paid Parental Leave-Up to 12 weeks per year paid leave for newborn or newly-placed foster/adopted child (pilot program).
-A robust and affordable insurance plan that includes medical, dental, vision, life insurance, short-term, and long-term disability options.
-Higher education discounts for State employees and tuition reimbursement up to $5,250 per fiscal year, available to seek further career advancement or certification in Continuing Professional Education.
-Work-life balance and additional options for life betterment such as the Infant at Work Program, State Wellness Program, Public Transit Discounts, Alternate Work Schedules, and Telework opportunities.

Learn more about the Paid Parental Leave pilot program . For a complete list of benefits provided by The State of Arizona, please visit our

Top ranked Arizona State Retirement System (ASRS) provides 100% employer matched contributions (enrollment eligibility will be effective after 27 weeks of State employment). ASRS provides a lifelong benefit based on years of service earned, or worked, and your ending salary. Learn more about ASRS at: