Under general supervision, assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, personal computers, mobile devices, LANS, WANs, servers, data storage and the physical and logical components that integrate these systems together as an enterprise networking backbone.

 

The 1041 Assistant Security Engineer is the entry level in the Engineer series. The class is distinguished from the Journey level by the complexity of the tasks, projects or duties assigned. Positions at this level perform a significant portion of the work assigned to the journey level, but without the independence or full responsibility expected of positions at the journey level. Assignments are generally limited in scope and are set within procedural frameworks established by higher level positions. As experience accrues, the incumbent performs with increasing independence. Work requires incumbents to exercise some judgement in selecting appropriate established guidelines to follow. Significant deviations require prior approval. Interpretation of general administrative or operational policies is sometimes necessary. Serves as an assistant technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and reducing risk of system and/or asset compromises.

 

Essential Duties

  1. Maintains and operates information system security controls and countermeasures.
  2. Monitors and assists with the implementation of security controls and procedures in business processes related to use of information systems and assets.
  3. Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
  4. Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts with third-party incident responders, including law enforcement.
  5. Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
  6. Monitors trends, news and changes in threat and compliance environment with respect to organizational risk; assists in the execution of plans for compliance and mitigation of risk; assists in the completion of risk and compliance self-assessments and third-party risk and compliance assessments.
  7. Assists with the administration of information security training and awareness programs.

 

Back to Security Engineer