Description
The County of San Mateo's Information Services Department seeks an IS Systems Specialist III to serve in the Security Division. Under general supervision, the individual in this position performs the most complex and varied technical tasks related to the configuration, troubleshooting, maintenance, and monitoring of the County's security infrastructure. This position serves as a technical leader and technical subject matter expert in specific security area(s) and is called upon to analyze existing and future computing environments and ensure that all solutions comply with County policy, frameworks and industry accepted best practices.
As an integral part of the Security team, the IS System Specialist III will be responsible for system administration across a variety of platforms and services such as: Firewalls (Palo Alto); Intrusion Detection and Prevention (Palo Alto Threat Prevention and Wildfire); Endpoint Protection Suite/XDR; Security Orchestration Platform (XSOAR); Cloud Security services; XDR SIEM monitoring and management; Vulnerability identification and mitigation/remediation. The position also requires support in ancillary systems that support IAM/ARM platforms such as SolarWinds, Active Directory, OKTA. Additionally, this position will perform intrusion event investigative and reporting activities as required. Similarly, incumbents in this class must regularly analyze requests for new system implementations and ensure that strategies are applied that support best practice security design and integration with existing security infrastructure. Furthermore, this position will be tasked with performing analysis and data production and reporting in support of any identified indicators of compromise, audit and policy compliance across the enterprise.
CLASS CHARACTERISTICS
This is the advanced journey class in the IS Systems Specialist series. Incumbents serve as subject matter experts in specific area(s), perform complex and varied technical support, provide analytical support for County-wide infrastructure, and frequently solve problems requiring analysis of unique issues or problems without precedent and/or structure. Incumbents serve as technical lead for assigned projects. Employees at this level are required to be fully trained in all procedures related to assigned area(s) of responsibility, working with a high degree of independent judgment, tact, and initiative. This classification is distinguished from the IS Systems Specialist II by the complexity and size of the applications supported and the amount of discretion exercised when solving problems and developing resolutions. This classification is further distinguished from the IS Senior Systems Specialist in that the latter is responsible for the daily technical and functional direction of assigned staff, work is performed within a broad framework of general policy requiring creativity and resourcefulness to accomplish goals and objectives, applies concepts, plans, and strategies which may deviate from established methods and practices, and regularly leads projects of critical importance and substantial consequence of success or failure to the County.
The ideal candidate for these positions will have:
- Extensive experience supporting Palo Alto Firewalls or substantially similar platforms, including design, ongoing operations, maintenance, and security risk analysis.
- In-depth understanding of network protocols, and IP subnet assignments and schema management.
- Demonstratable knowledge and experience in Security Orchestration platforms such as Cortex SOAR.
- Knowledge and ability in identity and rights management concepts and supporting systems such as Okta, Active Directory and SolarWinds.
- Knowledge in SIEM platforms and the ability to customize such systems when required to strengthen integrated reporting.
- Proven skills in network security concepts such as macro/micro segmentation and network access control concepts.
- Knowledge of email protection platforms, such as Mimecast, sufficient to understand attack delivery and proliferation tactics as well as knowledge to initiate account or email store cleansing tasks when required.
- Thorough understanding of attack chain (MITRE) frameworks, structures and tactics and the ability to apply sound response strategies sufficiently to ensure event or incident chain is disrupted and mitigated.
- Significant understanding of a variety of remediation processes sufficient to ensure that any security event or incident is fully understood and that protective systems are tuned to prevent such occurrences in the future.
- Sound understanding of system continuity and resiliency approaches to ensure that restoration of systems and services is available at all times without exception.
- Conversant in regulatory requirements, such as CJIS, HIPAA, and an understanding of how these, and other, regulatory requirements can be satisfied through the application of network and security processes and systems.
- Comprehensive knowledge of security frameworks (CIS/NIST) and the ability to design compliant solutions as well as demonstrate skill in implementing processes to validate framework compliance.
- Significant experience and understanding of Cloud security platforms and services such as those provided through AWS or Azure.
- Comprehensive understanding of cloud-based security platforms and services and how those systems provide essential services to the enterprise computing ecosystem.
- Knowledge and skills in the area of Zero Trust concepts and design for a distributed enterprise environment.
- Extensive understanding of best practice security concepts and design strategies with the ability to communicate those concepts to the user population in a way that supports an understanding of these concepts and why they are necessary.
- Strong analytical skills - ability to interpret complex information from various sources to reach accurate conclusions.
- Strong communication skills - ability to explain complex issues in a way that both the average user and technologists will understand.
- An excellent sense of creativity – ability to find innovative solutions to business problems while still incorporating sound security strategies.
- The ability to identify what needs to get done and doing it; extremely self-motivated.
- The ability to work with cross-functional technical teams to gather information and influence decisions.
Additional Desired Skills:- DNS, DHCP administration, securing and architectural design.
- Knowledge of multiple forests and Trusts.
- Setting up and supporting encrypted internet tunneling.
- Data Loss Prevention platforms and concepts.
- HTTPS inspection services and concepts.
- Cloud firewall and CASB environments such as Zscaler and Prisma.
- Sound system, device and user authentication methodologies such as MFA.
- Experience with Active Directory structures, optimization and integration with Azure AD or similar cloud directories.
Examples Of Duties
Management reserves the rights to add, modify, change, or rescind the work assignments of different positions and to make reasonable accommodations so that qualified employees can perform the functions of the job.
- Analyzes, installs, configures, maintains, and monitors hardware and software upgrades to ensure effective server performance.
- Configures and implements real-time monitoring to identify and resolve service outages and critical resource shortages in a timely and efficient manner.
- Monitors system performance to identify and troubleshoot deficiencies in design, security, installation, and/or integration with other technologies.
- Researches, recommends, and implements system enhancements to improve the performance and reliability of the system; researches, recommends, tests, and implements upgrades and fixes as needed.
- Develops and recommends comprehensive standards, policies, procedures, and technical documentation pertaining to system maintenance and infrastructure.
- Provides specialized and complex technical support and assistance to staff concerning assigned systems; serves as the primary contact for and resolves related issues, conflicts, and concerns; responds to inquiries and provides information concerning system operations, projects, malfunctions, equipment, upgrades, practices, procedures, and related software applications.
- Serves as technical lead for assigned projects, including developing project budget and allocating resources, gathering user and systems requirements, working with vendors, contractors, project managers, and other project staff, installing, configuring, testing, and providing general technical support, and developing technical and user documentation.
- Provides direction during major incidents to ensure an expedient response and resolution; maintains communication with all stakeholders on incident status; identifies underlying causality of incidents and designs, proposes, and implements mitigations and remediations.
- Functions as a liaison between project managers, analysts, data specialists, communications specialists, and client systems specialists to ensure standards and protocols are maintained; assists in coordinating activities with other information services staff.
- Provides recommendations to managers and supervisors on the development of long- and short-term system infrastructure and strategic improvement plans.
- Participates in the review and recommendation of contracts with outside vendors and consultants; administers, monitors, and evaluates contract scope of work; reviews design documents to ensure technical integrity.
- Maintains relevant industry and security trends and innovations in technology related to County security operations; researches, recommends, and evaluates vendor solutions and technologies; implements improvements; works with staff to maintain, revise, or improve operations and systems.
- Writes and maintains user and technical operating instructions and documentation; provides training to users and other technical staff and advises on best practices.
- Performs other duties as assigned.
Qualifications
Education and Experience:
Any combination of training and experience that would provide the required knowledge, skills, and abilities is qualifying. A typical way to obtain the required qualifications would be:
Equivalent to graduation from an accredited four-year college or university with major coursework in management information systems, computer science, or a related field and four (4) years of increasingly responsible experience in supporting and implementing information technology infrastructure and/or server administration and specific to the specialty area assigned which includes data center management, IT facilities management, storage and backup, server management and server operating systems, and/or configuration management and event management. Additional related experience may substitute for education requirement on a year-for-year basis, up to four (4) years.
Licenses and Certifications:
- Some positions may require possession of, or ability to obtain, a valid California Driver's License.
- Some positions may require possession of, or ability to obtain, industry-recognized information technology certifications.
Knowledge of:- Advanced infrastructure design, architecture, configuration, installation, and maintenance methods and techniques.
- Advanced techniques and methods of server infrastructure evaluation, implementation, and documentation.
- Advanced troubleshooting, configuration, and installation techniques.
- Principles and practices of project management.
- Principles of computer operating systems, enterprise infrastructure, and peripheral components.
- Advanced principles and practices of designing, installing, managing, and maintaining virtualization technologies.
- Principles and practices of configuring and using of system monitoring tools.
- Principles and practices of configuring and implementing system backup solutions.
- Procedures for creating and modifying systems security.
- The organization, operation, and functions of the department as necessary to assume assigned responsibilities and to determine appropriate point of escalation.
- Applicable regulatory relevant to assigned area of responsibility.
- Principles and procedures of record keeping.
- Modern office practices, methods, and computer equipment and applications related to the work.
- English usage, spelling, vocabulary, grammar, and punctuation.
- Techniques for providing a high level of customer service by effectively dealing with vendors and County staff.
Skill/Ability to:- Perform advanced technical support functions in the design, architecture, installation, configuration, maintenance, and repair of assigned systems; take appropriate action to resolve problems or escalate to appropriate staff as needed.
- Perform complex functions in the design, installation, management, implementation, testing, and maintenance of a variety of support servers, storage systems, and other components.
- Monitor system and server utilization and recommend appropriate revisions to processes, procedures, and operations.
- Perform analyses of informational requirements and needs; identify, evaluate, and solve systems problems; design and implement new or revised systems and procedures; provide technical advice and consultation, and ensure efficient computer system utilization.
- Collect, analyze, and interpret procedures and data; develop sound conclusions, recommendations, and solutions.
- Deal tactfully with the customers and staff in providing information, answering questions, and providing customer service.
- Interpret, apply, explain, and ensure compliance with Federal, State, and local policies, procedures, laws, rules, and regulations.
- Establish and maintain a variety of filing, record keeping, and tracking systems.
- Organize and prioritize a variety of projects and multiple tasks in an effective and timely manner; organize own work, set priorities, and meet critical time deadlines.
- Operate modern office equipment including computer equipment and specialized software applications programs.
- Use English effectively to communicate in person, over the telephone, and in writing.
- Use tact, initiative, prudence, and independent judgment within general policy, procedural, and legal guidelines.
- Establish, maintain, and foster positive and effective working relationships with those contacted in the course of work.
Physical DemandsMust possess mobility to work in a standard office setting and use standard office equipment, including a computer; vision to read printed materials and a computer screen; and hearing and speech to communicate in person and over the telephone. Standing in and walking between work areas is frequently required. Finger dexterity is needed to access, enter, and retrieve data using a computer keyboard or calculator and to operate standard office equipment. Positions in this classification frequently bend, stoop, kneel, and reach to perform assigned duties, as well as push and pull drawers open and closed to retrieve and file information. Employees must possess the ability to lift and carry materials and objects up to 50 pounds with the use of proper equipment and push and pull materials and objects up to 100 pounds with the use of proper equipment.Environmental ElementsEmployees work in an office environment with moderate levels, controlled temperature conditions, and no direct exposure to hazardous physical substances. Employees may interact with upset staff when providing infrastructure support services.
Application/Examination
Open & Promotional. Anyone may apply. Current County of San Mateo and County of San Mateo Superior Court of California employees with at least six months (1040 hours) of continuous service in a classified regular, probationary, extra-help/limited term positions prior to the final filing date will receive five points added to their final passing score.
This is a continuous recruitment which may close at any time. The final filing date will be posted 5 days in advance in the County of San Mateo Human Resources Department.
A supplemental application form must be submitted in addition to our regular employment application form. Resume or CV will not be accepted as a substitute for the required employment application and supplemental questionnaire.The examination process will consist of an application screening (pass/fail) based on the candidates' application and responses to the supplemental questions. Candidates who pass the application screening will be invited to a panel interview (weight: 100%). Depending on the number of applicants, an application appraisal of education and experience may be used in place of other examinations or further evaluation of work experience may be conducted to group applicants by level of qualification. All applicants who meet the minimum qualifications are not guaranteed advancement through any subsequent phase of the examination. All examinations will be given in San Mateo County, California and applicants must participate at their own expense.IMPORTANT: Applications for this position will only be accepted online. If you are currently on the County's website, you may click the"Apply" button. If you are not on the County's website, please go tohttps://jobs.smcgov.org to apply. Online applications must be received by the Human Resources Department before midnight on the final filing date. Apply immediately. This recruitment is open on a continuous basis and selections may be made at any time within the process.
TENTATIVE RECRUITMENT SCHEDULE
Final Filing Date: Continuous until filled
Screening: TBD
Combined Panel Interviews: TBD
About the County San Mateo County is centrally located between San Francisco, San Jose, and the East Bay. With over 750,000 residents, San Mateo is one of the largest and most diverse counties in California and serves a multitude of culturally, ethnically, and linguistically diverse communities.
The County of San Mateo, as an employer, is committed to advancing equity to ensure that all employees are welcomed in a safe and inclusive environment. The County seeks to hire, support, and retain employees who reflect our diverse community. We encourage applicants with diverse backgrounds and lived experiences to apply. Eighty percent of employees surveyed stated that they would recommend the County as a great place to work.
The County of San Mateo is an equal opportunity employer committed to fostering diversity, equity, and inclusion at all levels.
.
HR Contact: Arlene Cahill (IS Systems Specialist III - V278)