Senior IT Security Engineer - (VRS) Virginia Retirement System (Richmond/Hybrid)
Recruitment Type: General Public - G Posting # 5065341
Hiring Range: $121,581 - $155,000
Apply URL: https://www.jobs.virginia.gov/jobs/senior-it-security-engineer-hybrid-work-schedule-richmond-virginia-united-states
Job Duties
***Hybrid Work Schedule: this position will work onsite two days a week (Tuesday and Wednesday) and 3 days remotely (Monday, Thursday and Friday).***
VRS is seeking a highly skilled and experienced Senior IT Security Engineer to join thier dynamic team. This role is crucial in ensuring the confidentiality, integrity, and availability of our IT systems and data. The Senior IT Security Engineer will install, configure, and administer a broad range of security technologies to protect against unauthorized access and intrusion attempts. Additionally, this position will serve as a subject matter expert on various IT security matters, including risk management, threat and vulnerability management.
Key Responsibilities:
Identify, investigate and report security related incidents.
Ensure appropriate mitigations are applied for any Security Violations, Intrusions, or Security-related outages.
Perform intrusion detection activities and risk mitigation.
Validate identified vulnerabilities, work with system administrators to mitigate.
Install, Configure, and Administer security hardware and software solutions.
Work with IT team members to develop policies, enhance security standards, and harden IT systems.
Implement appropriate countermeasures required based on alerts and security scans.
Promote Agency security best practices to include defining, updating, and enforcing security policies to reduce risk exposure.
Perform security reviews and provide recommendations on proposed new software and hardware system design.
Provide security training and awareness to the department/agency as required
Participate in security testing.
Remain current on emerging security technologies and industry vulnerability bulletins
Document results and recommendations from security reviews.
Ensure the Confidentiality, Integrity and Availability of systems and services through proactive monitoring and response.
Participate in Disaster Recovery Planning and documentation development.
Provide mentorship and training to junior team members.
Evaluate effectiveness of services provided and recommend changes in procedures to meet security best practices.
Ensure security tools are fully configured and providing operational value as part of a continoues improvement process.
Collaborate with technology leadership to develop KPI's for security alerts and responses
Manage MSP relationships, configuration management and incident response
Participate in on-call rotation that provides technology support outside of normal business hours.
Completes other security related duties and projects as assigned to meet business objectives.
Minimum Qualifications
Bachelor's Degree.
Ten (10) years experience developing, documenting, and enforcing information security architectures and best practices including experience implementing complex security technologies as part of Zero Trust Network Access (ZTNA) or an equivalent combination of education and experience.
Additional experience includes:
Working knowledge of Splunk SIEM, Microsoft Sentinel, Palo Alto Next Gen/FW, IPS, Web Vulnerability Scanners, Penetration Testing Tools, Layer 2/3 Networking, NDR/EDR, Vulnerability Assessment Tools, Event Correlation, Network Scanning Tools and Log Management.
Additional Considerations
Preferred experience in the following areas:
Disaster Recovery, SOAR, Scripting, SASE, Cloud Security and MSP relationship management.
Preferred Certifications: Networking (CCIE, JCNIE, CCNA, Arista), Firewalls (Palo Alto PCNSE or PCNSA).
Agency: Virginia Retirement System
Location: Virginia Retirement System
Agency Website: www.varetire.org/careers
Apply directly at: https://www.jobs.virginia.gov/jobs/senior-it-security-engineer-hybrid-work-schedule-richmond-virginia-united-states
