SECURITY OPERATIONS ENGINEER - 72004186

Requisition No: 862060 

Agency: Management Services

Working Title: SECURITY OPERATIONS ENGINEER - 72004186

 Pay Plan: Career Service

Position Number: 72004186 

Salary:  $72,000 - $82,000 

Posting Closing Date: 10/06/2025 

Total Compensation Estimator Tool

Information Security Analyst III
Division of Office of Information Technology
State of Florida Department of Management Services
This position is located in Tallahassee, FL

Position Overview and Responsibilities:

Security Operations and Secure Configurations:
• Assess and implement secure configuration for the department’s physical and logical information 
technologies
• Manage the department’s firewalls to control network traffic, prevent unauthorized access of 
department assets, and mitigate cyber threats.
• Participate in the design and execution of vulnerability assessments, penetration tests and security 
audits
• Participate in Security Architecture reviews for new projects to ensure proposed solutions align with 
risk requirements
• Perform routine assessments on physical, logical, and virtual platform configurations to ensure 
security and compliance
• Research and analyze security trends and recommend hardening configurations
• Implement industry best practices and statutory obligations for security policies on the Departments 
Information technology platforms
• Perform data sanitation in accordance with policy and Florida Statues
• Assist with periodic reviews of computer System Security Plans and user training.

Vulnerability (OS, Application, Web apps, etc.): 
• Identify and oversee the management of credentials for authorized devices and users, manage 
remote access, and access permissions; ensure systems are properly maintained, secured, and 
controlled, including the review of upgrades, service packs, patches, firmware, and backup 
configurations
• Assure that data at rest and in transit is properly secured and protections against malicious exfiltration 
are implemented; confirm backups of information are successful and tested periodically
• Assess and recommend security enhancements for platform solutions and technologies
• Perform routine assessments on physical, logical, and virtual platform configurations to ensure 
security and compliance
• Develop vulnerability mitigation recommendations, standards, and security configurations for 
Departmental infrastructure and services
• Implement Vulnerability patching and/or assist other Departmental processes with vulnerability 
mitigation and patch efforts

 
Endpoint security:
• Perform systems management for technical systems that promote enhanced security. Solutions that 
support key areas may include: Endpoint Detection and Response, Extended Detection and 
Response, SIEM, ZTNA, CDN, asset management, compliance, identity, and access management 
systems, incident and event monitoring, threat and vulnerability identification, configuration 
benchmarking, firewall management.
• Monitor and configure email security tools, anti-spam and anti-phishing tools
• Works with DMS staff to develop, implement and maintain department level security controls

Other Duties:
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new and 
revised security solutions, improved security processes, and the development of new attacks and 
threat vectors
• Provide after business hours support in response to critical security events and investigations
• Serve as backup and Tiger Team member for the Department and Enterprise agencies as needed
• Continued education, training, and career pathing

Perform other duties as required

Knowledge, Skills, and Abilities:
• Knowledge of computer networking concepts, protocols and network security
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of firewall technologies and configurations. 
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of data backup and recovery.
• Knowledge of business continuity and disaster recovery continuity of operations plans.
• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• Knowledge of network services and protocols interactions that provide network communications.
• Knowledge of network traffic analysis methods.
• Knowledge of packet-level analysis.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile 
code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, 
race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and 
vulnerabilities.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation 
sponsored).
• Knowledge of common attack vectors (e.g., phishing, malware, MITM, DDoS)
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and 
principles (e.g., application of defense-in-depth).
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• Knowledge of cloud service models and how those models can limit incident response.
• Knowledge of malware analysis concepts and methodologies.
• Knowledge of an organization's information classification program and procedures for information 
compromise.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System 
(DNS), and directory services.
• Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, 
DNS), and how they interact to provide network communications.
• Skill of identifying, capturing, containing, and reporting malware.
• Skill in preserving evidence integrity according to standard operating procedures or national standards.
• Skill in securing network communications.
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external 
devices, spam filters).
• Skill in performing damage assessments.
• Skill in using security event correlation tools.
• Skill to design incident response for cloud service models.
• Accountability, Communication, Empowerment, Flexibility, Integrity, Respect, Teamwork.

Minimum Qualifications:
• Minimum 4 years of experience in a cybersecurity role or position. 
• Minimum 1 year experience with firewall management.

Minimum Qualifications:
o Knowledge of intrusion defense methodologies and techniques for detecting host and networkbased intrusions.
o Experience with Operating System and Security tool configuration
o Experience performing incident response and security monitoring tasks.
o Experience with operational impacts of cybersecurity configuration lapses
• On-Call Assignment – This position has been approved in accordance with Section 110.209, Florida 
Statutes, Chapter 60L-32, Florida Administrative Code, and Collective Bargaining Agreements with the 
Florida Nurses Association (FNA) and the American Federation of State, County, and Municipal 
Employees (AFSCME), Florida Council 79. The approved On-Call form has been forwarded to the 
servicing human resource office.
• Incumbent may be required to work before, during and/or beyond normal work hours or days in the 
event of an emergency. Emergency duties may include hours in excess of an employee’s routine work 
schedule (working extended hours, weekends, or holidays).
HR-102-F2 Job Advertisement Request Form
November 2024
• Sedentary work with repetitive motion

Our Organization and Mission:
Under the direction of Governor Ron DeSantis, Secretary Pedro Allende and DMS’ Executive 
Leadership Team, the Florida Department of Management Services (DMS) is a customer-oriented 
agency with a broad portfolio that includes the efficient use and management of real estate, 
procurement, human resources, group insurance, retirement, telecommunications, fleet, and federal 
property assistance programs used throughout Florida’s state government. It is against this 
backdrop that DMS strives to demonstrate its motto, “We serve those who serve Florida.”

Special Notes:
DMS is committed to successfully recruiting and onboarding talented and skilled individuals into 
its workforce. We recognize the extensive training, experience, and transferrable skills that 
veterans and individuals with disabilities bring to the workforce. Veterans and individuals with 
disabilities are encouraged to contact our recruiter for guidance and answers to questions 
through the following provided email addresses:
DMS.Ability@dms.fl.gov
DMS.Veterans@dms.fl.gov
An individual with a disability is qualified if he or she satisfies the skills, experience, and other 
job related requirements for a position and can perform the essential functions of the position 
with or without reasonable accommodation. Candidates requiring a reasonable accommodation, 
as defined by the Americans with Disabilities Act, must contact the DMS Human Resources 
(HR) Office at (850) 488-2707. DMS requests applicants notify HR in advance to allow sufficient 
time to provide the accommodation.
Successful completion of background screening will be required for this position

The State of Florida is an Equal Opportunity Employer/Affirmative Action Employer, and does not tolerate discrimination or violence in the workplace.

Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify the agency hiring authority and/or People First Service Center (1-866-663-4735). Notification to the hiring authority must be made in advance to allow sufficient time to provide the accommodation.

The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act.

VETERANS’ PREFERENCE.  Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veterans’ Preference will receive preference in employment for Career Service vacancies and are encouraged to apply.  Certain service members may be eligible to receive waivers for postsecondary educational requirements.  Candidates claiming Veterans’ Preference must attach supporting documentation with each submission that includes character of service (for example, DD Form 214 Member Copy #4) along with any other documentation as required by Rule 55A-7, Florida Administrative Code.  Veterans’ Preference documentation requirements are available by clicking here.  All documentation is due by the close of the vacancy announcement.