SYSTEMS PROGRAMMER III - 60000519

Requisition No: 828972 

Agency: Children and Families

Working Title: SYSTEMS PROGRAMMER III - 60000519

 Pay Plan: Career Service

Position Number: 60000519 

Salary:  63,413.92 - 78,750.00 

Posting Closing Date: 05/22/2024 

Total Compensation Estimator Tool

Systems Programmer III

This is an Open Competitive Opportunity

This position is in Tallahassee, FL in the Office of Information Technology Services

The Office of Information Technology Services is looking for a detail-oriented Security Operations Analyst to join our Information security management team. The essential function of this position within the Department is to manage and support various enterprise security tools and processes. In addition to the core requirements outlined in the job description, the ideal candidate will possess extensive experience in various security tools and frameworks. This includes expertise in device encryption solutions like BitLocker and FileVault, data loss prevention (DLP) for identifying sensitive data, and SIEM systems like Azure Sentinel for log management and security investigations. They should have a deep understanding of the NIST Cybersecurity Framework and be familiar with additional frameworks, including IRS Pub 1075, NIST 800-53, and ISO 27001. Furthermore, the candidate should have participated in real-world security incidents and possess expertise in all phases of incident response, from detection to recovery. They should also demonstrate strong experience managing Windows Server environments, including Active Directory and Entra ID (formerly Azure Active Directory), and be proficient in providing technical support and documentation for security tools and processes. By showcasing experience in these broader areas, the candidate will solidify their position as an asset to the security operations team. This position is located at the DCF Headquarters in Tallahassee in the Office of Information Technology Services.

EXAMPLES OF WORK:

1. Comprehensive Technical Support:

• Microsoft Enterprise Security tools: Provide in-depth support for tools like Microsoft Defender Antivirus, Endpoint Detection and Response (EDR), Azure Security Center, and Microsoft Defender for Cloud Apps. Troubleshoot issues, configure policies, and analyze security alerts.
• Device Encryption: Assist users with enrolling devices in encryption solutions, manage encryption keys, and troubleshoot encryption-related issues.
• Data Loss Prevention (DLP): Configure and maintain DLP policies to prevent sensitive data exfiltration, investigate DLP alerts, and collaborate with relevant teams to address potential data breaches.
• Incident Response: Actively participate in the security incident response process, assisting with containment, eradication, and recovery activities. Analyze incident data, identify root causes, and document lessons learned.

2. Tanium Asset Management Expertise:

• Provide advanced technical support for Tanium, including troubleshooting deployment issues, configuring asset discovery and management features, and creating custom reports for asset inventory and vulnerability management.
• Collaborate with IT teams to leverage Tanium data for endpoint security investigations and incident response.

3. Microsoft Defender:

• Leverage expertise in Microsoft Defender for Endpoint to configure advanced hunting queries, analyze endpoint telemetry data, and detect potential threats and vulnerabilities.
• Assist with investigations and incident response activities related to Microsoft Defender alerts and detections.

4. Security Policy and Procedures Champion:

• Collaborate with security stakeholders to develop and implement operational security policies that address endpoint security, device encryption, data loss prevention, and incident response.
• Create detailed procedures for deploying security software updates, managing device encryption, and handling security incidents.

5. Vulnerability Management Proactive Approach:

• Utilize vulnerability scanning tools to identify vulnerabilities on endpoints and network devices.
• Prioritize vulnerabilities based on risk and implement remediation strategies, including patching, configuration changes, or isolation.
• Continuously monitor vulnerability management processes and report on the organization's security posture.

6. Knowledge Documentation and Sharing:

• Create comprehensive and user-friendly documentation for technical staff regarding the agency's security tools, encryption solutions, DLP, and third-party tools.
• Actively share knowledge and expertise through internal training sessions or knowledge base articles to improve team understanding and capabilities.

7. Collaborative Security Improvement:

• Proactively research and evaluate emerging security technologies and best practices.
• Participate in discussions and reviews with the security team to identify potential improvements to enterprise security systems and policies.
• Collaborate with colleagues to implement new security solutions and enhance the organization's overall cybersecurity posture.

KNOWLEDGE, SKILLS, AND ABILITIES, including utilization of equipment, required for the position:

Operating Systems:

• Windows and Linux: Thorough understanding of both Windows and Linux operating systems, including their functionalities, administration tasks, and security considerations.
• Windows Server Administration: Expertise in managing Windows Server environments, encompassing Active Directory configuration, user and group management, security policy implementation, and troubleshooting.
• Linux Administration: Familiarity with common Linux distributions like Ubuntu, Red Hat, and CentOS, including package management, user management, and basic server administration tasks.

Security Tools and Technologies:

• Windows Defender Protection Suite: In-depth knowledge of Microsoft Defender Antivirus, Endpoint Detection and Response (EDR), Azure Security Center, and Microsoft Defender for Cloud Apps.
• Tanium Asset Management Solution: Expertise in deploying, troubleshooting, and maintaining Tanium, including utilizing its features for asset discovery, management, vulnerability scanning, and reporting.
• SIEM/EDR/IDS: Understanding of Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and Intrusion Detection Systems (IDS). Ability to review and analyze logs from these systems to identify potential security incidents.
• Data Loss Prevention (DLP): Knowledge of DLP solutions and their functionalities, including policy creation, configuration, and alert investigation.
• Vulnerability Management Systems: Familiarity with vulnerability scanning tools and processes for identifying, prioritizing, and remediating vulnerabilities on endpoints and network devices.
• LDAP and Identity Management: Understanding of Lightweight Directory Access Protocol (LDAP) and its role in user authentication and authorization. Knowledge of identity management systems for user provisioning and access control.
• Database Servers: Basic understanding of database server concepts, including SQL and database administration principles.
• Application Servers: Familiarity with common application servers like Apache Tomcat and their security considerations.

Technical Skills:

• Software Installation and Configuration: Ability to install and configure software packages on Windows and Linux systems, including configuring related hardware components.
• System Administration: Proficient in system administration tasks like user and group management, file system management, and basic troubleshooting.
• Log Analysis: Skilled in reviewing and analyzing logs from various sources, including SIEM, EDR, IDS, email, DLP, and host logs, to identify and investigate potential security incidents.
• Network Security: Understanding of network security concepts, principles, and best practices, including firewalls, intrusion detection/prevention systems, and network segmentation.
• TCP/IP: Knowledge of TCP/IP (Transmission Control Protocol/Internet Protocol) concepts and configuration.

Additional Skills:

• Microsoft Office: Proficiency in using Microsoft Office suite, including Microsoft Visio for creating diagrams and visualizations.
• Technical Communication: Ability to clearly communicate technical information to both technical and non-technical audiences.
• Problem-solving: Strong analytical and problem-solving skills to diagnose and resolve security issues effectively.
• Customer Service: Excellent customer service skills for interacting with internal and external stakeholders regarding security incidents and support requests.
• Positive Attitude: Positive and professional attitude with a commitment to continuous learning and improvement in the cybersecurity field.

REQUIREMENTS:

Responses to qualifying questions concerning education, experience, knowledge, skills and/or abilities for this position must be verified by documentation provided (candidate profile AND resume (if one is attached) through the electronic application process. Putting “see resume” does not substitute for completing all sections of the Candidate Profile. Candidates with incomplete candidate profiles may not receive employment consideration.

On call/overtime as needed.

Minimum Qualifications:

• A bachelor’s degree in information technology, computer security, or closely related focus and 1 year IT networking, cyber security, or similar hands-on technical experience encompassing a combination of customer support, incident response, and security or
• An associate degree in information technology, computer security, or closely related focus and 2 years IT networking, cyber security, or similar hands-on technical experience encompassing a combination of customer support, incident response, and security or
• Four (4) years of job experience handling IT networking, cyber security, or similar hands-on technical experience encompassing a combination of customer support, incident response, and security.
• Documented job experience demonstrates an understanding and application of Endpoint Detection and Response tools, and Incident Response.

PREFERENCES:

• Documented job experience working with Enterprise Security tools, Device Encryption, Data Loss Prevention, and Incident Response.
• Documented job experience participating in organizational security incident response activities.
• At least one industry recognized security certification equivalent to the responsibilities of this position. For example: CSX, Security+, Microsoft MTA Security, SSCP, etc.
• Documented job experience with at least two of the following technologies: SEIM solutions, Enterprise Security tools and Response Solutions, Desktop Administration, Device Encryption, Data Loss Prevention, Microsoft Server Administration, Active Directory Administration, Linux Administration.
• Documented experience providing customer service support and documentation to both technical and non-technical staff.
• Knowledge of IT security best practices and frameworks such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), Center for Internet Security Critical Security Controls (CIS), or similar.

SPECIAL NOTES

Previous applicants need not re-apply.

Only US citizens and lawfully authorized alien workers will be hired.

Typically we do not hire at upper end of salary range unless industry experience and evaluation review warrant.

Selective Service: All selected male candidates born on or after October 1, 1962, will not be eligible for hire or promotion into an authorized position unless they are registered with the Selective Service System (SSS). Verification of Selective Service registration will be conducted prior to hire. For more information, please visit the SSS website: http://www.sss.gov.

Florida Retirement System (FRS): If you are a retiree of the Florida Retirement System (FRS), please check with the FRS on how your current benefits will be affected if you are re-employed with the State of Florida. Your current retirement benefits may be suspended or voided, and you may be required to repay all benefits received depending upon the date of your retirement.

Veteran’s Preference: Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veterans’ Preference will receive preference in employment for Career Service vacancies and are encouraged to apply. Candidates claiming Veterans’ Preference must attach supporting documentation with each submission that includes character of service (for example, DD Form 214 Member Copy #4) along with any other documentation as required by Rule 55A-7, Florida Administrative Code. Veterans’ Preference documentation requirements are available by clicking here. All documentation is due by the close of the vacancy announcement.

BACKGROUND SCREENING REQUIREMENT: It is the policy of the Florida Department of Children and Families that any applicant being considered for employment must successfully complete a State and National criminal history check as a condition of employment before beginning employment, and be screened in accordance with the requirements of Chapter 435, F.S., and, if applicable, Chapter 408, F.S.  No applicant may begin employment until the background investigation results are received, reviewed for any disqualifying offenses, and approved by the Agency.  Background investigations shall include, but not be limited to, fingerprinting for State and Federal criminal records checks through the Florida Department of Law Enforcement (FDLE) and Federal Bureau of Investigation (FBI) and may include local criminal history checks through local law enforcement agencies.  Employees also are subject to background re-screening at least every five (5) years. No applicant may begin employment until the background screening results are received, reviewed for any disqualifying offenses, and approved by the Agency. 

The State of Florida is an Equal Opportunity Employer/Affirmative Action Employer, and does not tolerate discrimination or violence in the workplace.

Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify the agency hiring authority and/or People First Service Center (1-866-663-4735). Notification to the hiring authority must be made in advance to allow sufficient time to provide the accommodation.

The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act.

VETERANS’ PREFERENCE.  Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veterans’ Preference will receive preference in employment for Career Service vacancies and are encouraged to apply.  Certain service members may be eligible to receive waivers for postsecondary educational requirements.  Candidates claiming Veterans’ Preference must attach supporting documentation with each submission that includes character of service (for example, DD Form 214 Member Copy #4) along with any other documentation as required by Rule 55A-7, Florida Administrative Code.  Veterans’ Preference documentation requirements are available by clicking here.  All documentation is due by the close of the vacancy announcement.