POSITION SUMMARY 
The Security Engineer plays a critical role in safeguarding the Ohio Secretary of State’s networks, systems, and data from cybersecurity threats and vulnerabilities. This position is responsible for implementing, administering, and continuously improving cyber defense technologies and security controls to protect enterprise technology assets and sensitive information.

Working on the Cyber Defense Team, the Security Engineer supports the detection, prevention, analysis, and response to cybersecurity incidents and contributes to the design and sustainment of a resilient cyber defense infrastructure.

ESSENTIAL DUTIES AND RESPONSIBILITIES
Cyber Defense Systems Administration
•    Administer specialized cyber defense systems and applications, including antivirus, intrusion detection and prevention systems (IDS/IPS), audit and remediation tools, and Virtual Private Network (VPN) devices.
•    Perform installation, configuration, maintenance, backup, restoration, and testing of cyber defense platforms.
•    Build, install, configure, and test dedicated cyber defense infrastructure and platforms.
•    Administer test environments and evaluate applications, hardware, access controls, and configurations managed internally or by service providers.

Threat Detection, Prevention, and Optimization
•    Coordinate with Cyber Defense Team analysts to manage and update security rules, signatures, and content blacklists for cyber defense tools.
•    Create, edit, and manage network access control lists on firewalls, intrusion prevention systems, and related security devices.
•    Identify potential conflicts or performance issues associated with cyber defense tools and perform tuning, testing, and optimization of sensors and signatures.
•    Evaluate the impact of implementing and sustaining cyber defense technologies on enterprise systems and operations.

Incident Response and Technical Support
•    Provide advanced technical support to enterprise-wide cyber defense personnel during cybersecurity incidents.
•    Assist with troubleshooting, diagnosing, and resolving anomalies within cyber defense infrastructure.
•    Apply incident handling methodologies to support containment, eradication, and recovery efforts.

Security Architecture and Risk Management
•    Assist in assessing cybersecurity risks and recommending technical safeguards to mitigate vulnerabilities.
•    Support the application of cybersecurity and privacy principles related to confidentiality, integrity, availability, authentication, and non-repudiation.
•    Contribute to system, network, and operating system hardening efforts, including secure configuration, logging, segmentation, and least-privilege access.

Other Duties
•    Perform related duties as assigned to support the mission and objectives of the Cyber Defense and Information Technology teams.
 

MINIMUM QUALIFICATIONS 
Education 
•    Required: Associate or higher degree in computer science, information technology, cyber security, or related field 

Certifications  
•    Required: One or more of the following (or equivalent) industry recognized certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, organizational security, information security, information systems, network security, information assurance, troubleshooting, and security operations: 
o    ISC2 Certified Information Systems Security Professional (CISSP) 
o    ISC2 Certified Information Systems Auditor (CISA) 
o    SANS GIAC, GSEC, GCIH, GCIA, GPEN 
o    EC Council - Certified Ethical Hacker (CEH)
o    CompTIA Security+
o    Cisco Certified Network Associate (CCNA) – Security 

•    Preferred: System-specific administrative and/or security-related certifications in Microsoft, Cloud, SIEM, Vulnerability Scanning, and IDS/IPS devices.     

Experience
•    Required: A minimum of three years of experience in real-world security challenges including network security vulnerability, advanced network analysis, basic cyber analysis/operations, network traffic analysis, Intermediate cyber, and hunt

Knowledge, Skills & Abilities 
Knowledge
•    Cybersecurity principles related to confidentiality, integrity, availability, authentication, and non-repudiation.
•    Cyber threats, vulnerabilities, and common attack vectors.
•    Network security architecture, protocols, and methodologies (e.g., TCP/IP, DNS, DHCP, OSI model).
•    Intrusion Detection and Prevention Systems (IDS/IPS), firewalls, and web filtering technologies.
•    Risk management processes, including vulnerability assessment and mitigation strategies.
•    Laws, regulations, policies, and ethical standards related to cybersecurity and privacy.
•    Data backup, recovery, and continuity concepts.

Skills
•    Strong technical skills in network security, operating systems, and cybersecurity tools.
•    Proficiency in automation and scripting using languages such as Python, PowerShell, Kusto Query Language (KQL), Shell, or similar.
•    Skill in tuning sensors, managing access controls, and securing network communications.
•    Skill in protecting networks against malware using preventive and detective controls (e.g., NIPS, anti-malware, spam filtering, device restrictions).
•    Skill in network traffic analysis using appropriate tools and methodologies.

Abilities
•    Ability to troubleshoot and resolve complex cyber defense infrastructure issues.
•    Ability to analyze security data and translate findings into actionable recommendations.
•    Ability to work collaboratively with cybersecurity analysts, engineers, and leadership.
•    Ability to manage multiple priorities and respond effectively during cybersecurity incidents.
•    Ability to maintain accuracy, confidentiality, and professionalism when handling sensitive security information.