Senior Security Engineer

Job Expired

About the job

Senior Security Engineer

Department of Assets, Information and Services-IT

Number of Positions: 6

Salary: $123,864.00

Under supervision, this is the advanced level in the class series responsible for executing the security strategy and implementing and maintaining complex security measures for the protection of computer systems, networks, and information, in accordance with security policies and guidelines, and performs related duties as required.

This class is assigned to the Engineer Information Technology Job Family which consists of engineers and developers that design, build, test, deploy, and support IT products and solutions.

The Senior Security Engineer currently has six vacancies covering five focuses. The five focuses are; Cybersecurity Operations – Security Engineering, Cybersecurity Operations – Threat Management, Cybersecurity Operations – Security Operations, Cybersecurity Support – Identity & Access Management, Operational Technology Security (two positions).

This class is distinguished from the entry-level by the amount of discretion exercised over technical issues, problems and resolutions; positions must possess a significant level of specialized technical and functional expertise beyond that expected at the entry level; require highly specialized knowledge, abilities and skills and experience and often exercise independent judgement in the performance of their duties. The senior level also has greater latitude in determining work methods and assignments; greater authority over assignments and decisions required to complete the work than the lower-level classification; and works on large complex security systems or networks.

ESSENTIAL DUTIES

  • Creates controls to detect potential security violations and makes recommendations to improve security
  • Designs and implements security solutions for detection and notification, security auditing, alerting, and response, vulnerability detection and remediation
  • Reviews security information system schematics, diagrams, and other program documentation to assist with development and preparation of cost estimates
  • Performs capacity and future growth planning of the enterprise security infrastructure to ensure a highly available security environment
  • Verifies security systems by developing and implementing test scripts and running security scans
  • Maintains and supports information security tools such as antivirus, end-point detection and response, Data Loss Prevention, vulnerability scanning tools and other security controls which safeguard and monitor events
  • Certifies the security functionality of components and services
  • Provides expertise and assistance to ensure the infrastructure and information assets are protected
  • Validates baseline security configurations for operating systems, applications, networking, and telecommunications equipment
  • Participates in 24/7 on-call rotation, Incident Response and Disaster Recovery efforts
  • Maximizes security footprint by monitoring security tools, troubleshooting escalated security problems and incidents, identifying security gaps, and evaluating and implementing enhancements
  • Provides responsive support for security problems found during normal working hours and outside normal working hours
  • Resolves and consults on the most complex security issues and keeps customers informed about security problems and resolutions
  • Analyzes reports and historical data to identify security problems and troubleshoots, diagnoses, and resolves security problems
  • Communicates status and documents problems and resolutions for future reference
  • Assists in the development of incident response, continuity and disaster recovery plans with department stakeholders and third-party service providers
  • Evaluates vendor solutions to ensure compliance with requirements and cost-effectiveness, working with vendors to resolve security problems and develop solutions, evaluating services provided and recommending changes
  • Develops and maintains enterprise IT standards across the security footprint
  • Track, monitors, and analyzes key cybersecurity metrics and KPIs
  • Recommends security products by researching needs and evaluating corporate standards list and security training programs targeting specific areas of improvement.
  • Managing and mentoring team members

Additional duties may be required for this position.

Location: 2 N LaSalle, Chicago, IL

Days: Monday-Friday

Hours: 9:00am-5:00pm

THIS POSITION IS IN THE SENIOR EXECUTIVE SERVICE.

Qualifications

MINIMUM QUALFICATIONS

Graduation from an accredited college or university with a Bachelor’s in Computer Science, Information Systems, Cybersecurity or a directly related field, plus four (4) years of work experience in IT and security work, system analysis, application development, systems administration, or designing and deploying security solutions; or an equivalent combination of education, training, and experience.

NOTE: To be considered for this position you must provide information about your educational background and your work experience. You must include job titles, dates of employment, and specific job duties.(If you are a current City employee, Acting Up cannot be considered.) If you fail to provide this information at the time you submit your application, it will be incomplete, and you will not be considered for this position. There are three ways to provide the information: 1) you may attach a resume; 2) you may paste a resume; or 3) you can complete the online resume fields.

NOTE: You must provide your transcripts or diploma, professional license, or training certificates at time of processing, if applicable. You must also provide your valid U.S. driver’s license at time of processing.

SELECTION REQUIREMENTS

This position requires applicants to complete an interview. The interviewed candidate(s) possessing the qualifications best suited to fulfill the responsibilities of the position will be selected.

Preference will be given to candidates possessing the following:

  • One or more Information Security Certifications such as: CompTIA: Security+, GIAC Certification: GCWN, GSEC, ISC2: CISSP, SSCP, CCSP, Cloud Security Alliance: CCSK
  • Knowledge of designing and implementing security solutions such as network technologies, network monitoring tools, web-related technologies, network/web-related protocols and security solutions supporting Operational Technologies such as Supervisory Control And Data Acquisition (SCADA), Building Controls Systems and Internet of Things (IoT) environments
  • Knowledge of security systems, including firewalls, intrusion detection systems, antivirus software, authentication systems, log management, content filtering, identity and access management solutions, etc.
  • Knowledge of database and operating system security
  • Previous experience in leading projects
  • Knowledge of applicable City and department, policies, procedures, rules, and regulations

ALL REFERENCES TO POLITICAL SPONSORSHIP OR RECOMMENDATION MUST BE OMITTED FROM ALL APPLICATION MATERIALS SUBMITTED FOR CITY EMPLOYMENT.

The City of Chicago is an Equal Employment Opportunity and Military Friendly Employer.

City of Chicago Department of Human Resources

Brandon Johnson, Mayor Katie (Doyle) Deane, Acting Commissioner

Applications for this position will be accepted until 11:59 pm CDT on 12/29/2023.

Job Posting: Dec 5, 2023, 4:08:17 PM | Closing Date (Period for Applying) – External: Dec 29, 2023, 11:59:00 PM

Salary: $123,864 Pay Basis: Yearly

More Information

  • This job has expired!
Share this job

13th Anniversary Global InfoSec Awards for 2025 now open for super early bird packages! Winners Announced during RSAC 2025...

X