- Entry level
- No Education
- Salary to negotiate
Under the general direction, the Enterprise Information Security Professional will be responsible for designing, deploying and maintaining Identity and Access Management (IAM) technologies and related tools for the protection of Harris County's information systems and critical assets.
- Assists in driving improvements to the IAM technology, Privileged Access Management (PAM) tools and overall Identity Governance and Administration (IGA) strategies for the County.
- Assists in the implementation of an enterprise Multi-factor authentication (MFA) solution.
- Assists in the daily administration and support of IAM, PAM and MFA technologies and services.
- Effectively communicates directly with customers and stakeholders on the integration requirements including provisioning, de-provisioning, and user lifecycle into the IAM platform.
- Serves as a subject matter expert on system integration strategies, data integrity, workflow development and automation strategies for users and connected systems.
- Ensures that the IAM technology and controls provide direct support of HIPPA, PCI, and CJIS policies and other regulatory requirements as needed.
- Researches, designs and implements solutions to address access control needs, risks and vulnerabilities on behalf of the enterprise.
- Supports the development of cybersecurity procedures, standards, best practices, project plans, and communications as needed to support the overall delivery of cybersecurity objectives.
- Supports continuous improvement of related processes and the adoption of new processes and technologies with the goal of deep integration into organizational processes.
- Works on multiple projects as a subject matter expert, including projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.
- May also participate in the evaluation and implementation of other new security solutions and technologies.
Harris County is an Equal Opportunity Employer https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx
- High school diploma, or G.E.D. equivalency from an accredited educational institution.
- Three (3) years of progressive work experience in an Information Security role that deals with user access controls, data governance, identity management or the roles and procedures managing the controls.
- Knowledge and understanding of modern identity & access management concepts and best practices.
- Hands-on experience with Active Directory or at least one enterprise Identity & Access Management platform.
- Strong research, analysis, analytical, problem-solving and process development skills.
- A broad understanding of cybersecurity concepts across all domains, applicable security frameworks (e.g. ISO 2700X, NIST and CIS Critical Security Controls) and regulations (e.g. SOX, PCI, HIPAA, and CJIS).
- Demonstrates knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies and an ability to relate them to the County and its objectives.
- Excellent communication skills with the ability to interact with a variety of different teams and be the thought leader on keeping risk and cybersecurity compensating controls as a priority.
- Strong organizational skills, including the ability to adhere to cybersecurity processes, and tools, and to keep the focus on multiple tracks of work and open issues in parallel.
- Ability to work on multiple projects simultaneously and deliver on numerous competing priorities while maintaining realistic expectations.
- Ability to confront challenges in a constructive fashion and influence others through consensus-building techniques.
- A passion for cybersecurity, self-starter mentality, flexibility and willingness to take on new challenges and the ability to thrive in a team environment.
NOTE: To qualify for this position,required education, experience, knowledge and skills must be clearly stated on your application's employment history. Resumes are welcome, but we do not use any information provided on your resume to qualify and refer you to the Hiring Department for consideration.
Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to CJI (Criminal Justice Information) systems or access to an area where CJI is received, maintained or stored either manually or electronically (i.e. custodian, maintenance).
- Conviction, probation, or deferred adjudication for any Felony.
- Conviction, probation, or deferred adjudication for any Class A Misdemeanor.
- Conviction, probation, or deferred adjudication for a Class B Misdemeanor if within the previous 10 years.
- Open arrest for any criminal offense (Felony or Misdemeanor).
- Family Violence conviction.
- Bachelor's degree in Computer Science, Information Systems or similar area of study from an accredited college or university.
- One (1) year experience with at least one of the following languages: Powershell, SQL, VB.NET.
- Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) or CompTIA Security+ Certification.
- Experience with Quest One Identity, Sailpoint, Oracle OIG, IdentityIQ, IBM IGI, Saviynt or similar Identity and Access Management software.
- A broad understanding of cybersecurity concepts across all domains, applicable security frameworks (e.g. ISO 2700X, NIST and CIS Critical Security Controls) and regulations (e.g. SOX, PCI, HIPAA, and CJIS)
- Demonstrates knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies and an ability to relate them to the County and its objectives
- Hands-on experience with or direct knowledge of Microsoft enterprise applications, Windows Server OS, Linux based systems
- 40 hours per week / Monday - Friday Weekends and 24hourson-call infrequently, as needed.
- Commensurate with experience
- Based on 26 pay periods
Due to a high volume of applications positions may close prior to the advertised closing date.