Job Class Search
Job Details
INFORMATION SYSTEMS SECURITY SPECIALIST
The Information Systems Security Specialist is responsible for directing the internal audit, security, audit resolution, and grants monitoring functions for an assigned section/department. This position is governed by state and federal laws and agency/institution policy.
Class Code:
D017C
Job Grade:
IT07
Special Job Requirements:
None
Typical Functions:
Establishes goals and objectives and short and long-range plans, develops policies and procedures, reviews and evaluates program effectiveness and compliance, implements and monitors corrective action, and implements and interprets federal and state laws and regulations. Provides direction to staff by analyzing operations and activities and providing feedback regarding needs, improvements, and accomplishments. Advises on projects and problems, serves as a technical resource, conducts meetings, reviews and develops project plans and schedules, and determines priorities. Provides advice and assistance to the agency director and confers with division management and other state and federal personnel regarding internal financial and operating audits, risk analysis, security, and sub-grant monitoring functions, needs, problems, and progress. Responds to requests for information from independent and federal auditors by conducting and/or reviewing investigations, preparing audit findings and recommending solutions, implementing and monitoring corrective action, and providing court testimony and follow-up reports. Reviews logging information for assigned systems and devices for abnormal or irregular use characteristics of unauthorized access or denial service and provides material to senior security personnel for evaluation. May interview and select professional and administrative support staff, provides training opportunities, resolves problems, and evaluates the performance of incumbents. Performs other duties as assigned.
Knowledge, Abilities, and Skills:
Knowledge of communication protocols and standards related to security. Knowledge of information protection methodologies. Knowledge of server administration as applied to network and internet security. Knowledge of information protection standards, guidelines and applied procedures. Ability to identify potential security breaches and notify security personnel. Ability to analyze users’ needs, formulate/define system scope and objectives, and writes detailed program specifications. Ability to understand relevant detail from oral information and make formal presentations and explain technical terms and information. Ability to prepare and present written findings. Ability to develop and modify procedures to solve complex problems considering computer system capacity and limitations, operating time, and form of desired results.
Minimum Qualifications:
The formal education equivalent of a bachelor’s degree in information technology, computer science or related field; plus four years of experience in applications development involving the design and implementation of major applications projects having diverse sub-systems and interfaces with other systems. Additional requirements determined by the agency for recruiting purposes require review and approval by the Office of Personnel Management. OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE.
Required Certificates:
None
Exempt:
E
