Responsible for the implementation of security policies, procedures and standards set by the Information Security Manager. This position works in close partnership with the infrastructure and operations teams. This includes ensuring the security, stability and integrity of the Branch’s data, voice, video, and wireless network services. The Senior Network Security Engineer will participate with the installation, configuration, monitoring, maintenance, support, and optimization of all network security hardware, software, and communication links as it relates to Information Security. They will also assist with the implementation of new network security solutions, ensure adherence to security policies and standards, as well as assist with vulnerability audits and assessments of the network infrastructure. The Senior Network Security Engineer is expected to be fully aware of the Colorado Judicial Branch’s security goals as established by its stated policies, procedures, and standards and to actively work towards upholding those goals.
This position is distinguished from other information technology positions by the responsibility of providing technical leadership of security initiatives. This position is within the Information Technology Services (ITS) division with a focus on information security.
Responsible for full knowledge of the Colorado Judicial Department’s security goals as established by its cyber security plan, stated policies, procedures and standards and actively works towards upholding those goals.
Participate in the planning and design of enterprise network security architecture. Acts as designated work leader in charge of network security.
Work collaboratively with the Information Security Manager (ISM) in designing and implementing all security related functions for the Judicial network. This includes backup systems and procedures and disaster recovery plans and tests, forensic analysis, 802.x and security investigations. Firewall and IPS/IDS proficiency is required.
Assists in monitoring functions of all devices within the Judicial network to ensure proper network security and configuration compliance. Assists with troubleshooting and resolving network security events identified via SIEM. Therefore, SIEM knowledge is required.
Maintains up-to-date detailed knowledge of network security including awareness of new or revised security solutions, as well as the development of new attacks and threat vectors.
Assists the ISM in the design and execution of network vulnerability assessments, network penetration tests, and network security audits.
Independent and proficient in all aspects of troubleshooting processes, network security strategy and design.
Provides support to other ITS teams.
Identifies, evaluates, and implements network hardware and software security, which includes voice, wireless, video, and data security solutions.
This position collaborates with the Network and Network Security Engineer in a variety of different areas, including but not limited to: firewalls, routers, switches, VoIP, video applications, wireless, QoS, VPN’s and access control systems.
Collaborates with the network team to plan the secure network configuration of switches and other data center network equipment.
Assists with the architectural design, installation, management, maintenance and hardening of all network devices within the Judicial network.
Translate security policies, procedures, and standards into technical network architecture and/or configurations.
Develops and maintains good working relationships with all Department employees and vendors.
Shares on-call support for all in-place security solutions.
Attends meetings as required.
May perform other duties as assigned.
Some positions may have supervisory accountability for other employees, volunteers, or interns. Plans, directs and coordinates activities for a unit. Duties may include scheduling and assigning work, training in all facets of work, quality control, and decisions impacting the pay, status and tenure of others. May conduct performance appraisals, and provide input into and participates in discipline, dismissal, and hiring processes.
A bachelor’s degree from an accredited college or university in computer science or a related field and 6 or more years’ experience directly working with firewalls is required. CCNA and CCNA security is required. CCNP Security is preferred. CISSP is preferred.
OR
Experience may substitute for education on a year for year basis as follows: graduation from high school or equivalent and eight years working in computer related areas; four years of the computer experience must be directly with firewalls. CCNA and CCNA security is required.
While performing the duties of this job, the employee is regularly required to talk and hear. The employee is frequently required to sit and reach with hands and arms and perform repetitive motions with wrists, hands, and fingers. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 50 pounds or more. Specific vision abilities required by this position include close vision, color vision, depth perception, ability to adjust and focus, and the ability to see clearly at 20 feet or more.
While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts, work in high precarious places and the risk of electrical shock. Frequently handles emergency or crisis situations and may be subject to varying and unpredictable situations and work hours. The employee is subject to frequent interruptions, multiple calls and inquiries, and may occasionally handle absentee replacement on short notice. The noise level in the work environment is usually moderate.