Overview
Remote
On Site
USD 111,000.00 - 140,000.00 per year
Full Time
Skills
Telephone Exchange
Recruiting
Supervision
Performance Management
Onboarding
Performance Improvement
Problem Solving
Program Management
Human Resources
Training
Performance Monitoring
Coaching
Professional Development
Penetration Testing
Scripting
Antivirus
Risk Assessment
Data Processing
SIEM
Normalization
Data Collection
Server Administration
Servers
IDS
UPS
Splunk
Database
End-user Training
System Security
Network
Security Awareness
Information Technology
Auditing
IT Security
Management
Documentation
Regulatory Compliance
Data Security
Risk Management
Firewall
Encryption
Testing
Network Protocols
System Administration
Collaboration
Analytical Skill
Attention To Detail
Communication
Computer Science
Information Security
Cyber Security
CISSP
CISM
Security+
Job Details
Title: Cyber Security Engineer
State Role Title:Info Technology Specialist III
Hiring Range: $ 111,000 - $140,000
Pay Band: 6
Agency: Virginia Department of Health
Location:VDH-Central Office
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
Performance Management (for employees who supervise others)
Serves in a managerial/supervisory capacity to conduct performance management activities and ensure onboarding/offboarding and training for staff
Establishes and reviews work assignments and priorities and implements performance improvement strategies and/or problem resolution for related issues, in conjunction with program management and Human Resource staff
Ensures relevant training and workplace safety for staff
Conducts required performance monitoring and appraisals, establishes clear performance expectations, addresses deficiencies in a timely manner, and documents underperformance in accordance with state guidelines
Supports employee growth through regular feedback, coaching, and professional development opportunities
Data Protection & Security Implementation
Performing remote or onsite PenTests on all VDH systems, networks, and applications to identify security weaknesses
Analyze the vulnerabilities and mitigation methods and provide reports which include findings, risks, and conclusions
Recommend security improvements and methods to mitigate security risks
Work with VDH IT to determine their testing requirements and create and implementing new penetration testing methods, scripts, and tool
Develop and implement strategies to safeguard computer data against accidental or unauthorized access, modification, destruction, or other breaches.
Ensure the integrity of data and systems by conducting regular vulnerability scans, security checks, and updates.
Ensure that the latest security patches are installed across systems in a timely manner.
Oversee the maintenance and functionality of anti-virus protection systems, ensuring the latest threat definitions are applied.
Monitor for new vulnerabilities and respond promptly to emerging security threats.
Conduct regular risk assessments to evaluate the security posture of data processing systems.
Ensure that sensitive and confidential information is appropriately encrypted when transmitted across networks to prevent unauthorized access.
Must have extensive knowledge of SIEM tool such as Splunk. Must be able to on-board new data sources and Ingest logs.
Periodic review of Errors/warnings reported by internal Splunk logs Log normalization (CIM); monitoring to ensure nothing has changed (e.g., CIM compliant logs have not changed in structure).
Expanding log source collection of an existing source type
Custom script development (e.g., for data collection or integration to non-standard products)
Deployment Server management to distribute Splunk Universal Forwarder (UF) instances
Syslog servers that collect data from infrastructure systems (firewalls, IDS, UPS or other syslog generating device)
Splunk heavy forwarders which can collect information from various databases or third-party systems
Technical Assistance & User Training
Maintain overall system security, improve server and network efficiency, and train users to promote security awareness and best practices.
Address security concerns through user education and tailored security protocols.
Work closely with internal users to understand and support a variety of technical issues, including data access needs, security violations, and programming modifications.
Serve as a point of contact for users requiring assistance with security-related concerns.
Modify computer security files to incorporate new software, correct errors, or change individual access status.
Systems Maintenance & Coordination
Adapt and update security processes, applications, and tools to address evolving software requirements and correct identified errors.
Coordinate and schedule the implementation of data security protocols, ensuring compliance with both internal policies and external vendor requirements.
Collaborate with vendors and internal staff to ensure that security measures align with organizational goals.
Works closely and collaboratively with the information technology team for resolving issues
Coordinates with IT and Business teams to address security issues in a collaborative manner
Coordinates security audit issues between Auditors and IT and works as a team
Documentation & Other Duties
Knowledge of NISTm800-53r5
Document and maintain clear policies, procedures, and guidelines related to computer security and emergency response measures.
Develop and manage security documentation for both compliance and operational reference.
Supports special projects as assigned.
May perform other duties as assigned; may be required to assist in the event of an emergency declaration.
Other duties as assign
Minimum Qualifications
Experience in cybersecurity, data protection, and risk management.
In-depth knowledge of security principles, firewalls, anti-virus software, encryption, and vulnerability testing.
Strong understanding of network protocols, security technologies, and system administration.
Ability to collaborate effectively with users, vendors, and internal teams.
Strong analytical skills and attention to detail in assessing risk and security needs.
Excellent communication skills, both written and verbal.
Additional Considerations
Advanced knowledge in Computer Science, Information Security, or a related field.
Certification in cybersecurity (e.g., CISSP, CISM, CompTIA Security+, CC) is desirable.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
VDH accepts only on-line applications. Faxed, mailed, or e-mailed applications will not be considered. Applications are accepted until 11:55 p.m. on the job closing date. Applications and/or resumes should include relevant work history which indicates your quali?cations for this position. Supplemental questions are encouraged to be answered in a comprehensive manner and reference any pertinent knowledge, skills, and abilities as well as any previous experience that relates to the position.
Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Service's Child Abuse and Neglect Central Registry check, U.S. HHSIG Exclusion List check, employment reference check and E-Verify. Other ?nancial, credit, driving, background checks or completion of Statement of Economic Interests may be required for certain positions
It is the policy of the Commonwealth and VDH that all aspects of human resource management be conducted without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists); sex; color; national origin; religion; sexual orientation; gender identity or expression; age; veteran status; political affiliation; disability; genetic information; and pregnancy, childbirth, or related medical conditions. VDH employees have a shared Code of Ethics, which can be found in the bottom banner of our website: ;br>If you have been affected by DHRM Policy 1.30 layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment.
As a V3 (Virginia Values Veterans) employer VDH Welcomes Veterans to apply!
Contact Information
Name: Lindsay Schneider
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title:Info Technology Specialist III
Hiring Range: $ 111,000 - $140,000
Pay Band: 6
Agency: Virginia Department of Health
Location:VDH-Central Office
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
Performance Management (for employees who supervise others)
Serves in a managerial/supervisory capacity to conduct performance management activities and ensure onboarding/offboarding and training for staff
Establishes and reviews work assignments and priorities and implements performance improvement strategies and/or problem resolution for related issues, in conjunction with program management and Human Resource staff
Ensures relevant training and workplace safety for staff
Conducts required performance monitoring and appraisals, establishes clear performance expectations, addresses deficiencies in a timely manner, and documents underperformance in accordance with state guidelines
Supports employee growth through regular feedback, coaching, and professional development opportunities
Data Protection & Security Implementation
Performing remote or onsite PenTests on all VDH systems, networks, and applications to identify security weaknesses
Analyze the vulnerabilities and mitigation methods and provide reports which include findings, risks, and conclusions
Recommend security improvements and methods to mitigate security risks
Work with VDH IT to determine their testing requirements and create and implementing new penetration testing methods, scripts, and tool
Develop and implement strategies to safeguard computer data against accidental or unauthorized access, modification, destruction, or other breaches.
Ensure the integrity of data and systems by conducting regular vulnerability scans, security checks, and updates.
Ensure that the latest security patches are installed across systems in a timely manner.
Oversee the maintenance and functionality of anti-virus protection systems, ensuring the latest threat definitions are applied.
Monitor for new vulnerabilities and respond promptly to emerging security threats.
Conduct regular risk assessments to evaluate the security posture of data processing systems.
Ensure that sensitive and confidential information is appropriately encrypted when transmitted across networks to prevent unauthorized access.
Must have extensive knowledge of SIEM tool such as Splunk. Must be able to on-board new data sources and Ingest logs.
Periodic review of Errors/warnings reported by internal Splunk logs Log normalization (CIM); monitoring to ensure nothing has changed (e.g., CIM compliant logs have not changed in structure).
Expanding log source collection of an existing source type
Custom script development (e.g., for data collection or integration to non-standard products)
Deployment Server management to distribute Splunk Universal Forwarder (UF) instances
Syslog servers that collect data from infrastructure systems (firewalls, IDS, UPS or other syslog generating device)
Splunk heavy forwarders which can collect information from various databases or third-party systems
Technical Assistance & User Training
Maintain overall system security, improve server and network efficiency, and train users to promote security awareness and best practices.
Address security concerns through user education and tailored security protocols.
Work closely with internal users to understand and support a variety of technical issues, including data access needs, security violations, and programming modifications.
Serve as a point of contact for users requiring assistance with security-related concerns.
Modify computer security files to incorporate new software, correct errors, or change individual access status.
Systems Maintenance & Coordination
Adapt and update security processes, applications, and tools to address evolving software requirements and correct identified errors.
Coordinate and schedule the implementation of data security protocols, ensuring compliance with both internal policies and external vendor requirements.
Collaborate with vendors and internal staff to ensure that security measures align with organizational goals.
Works closely and collaboratively with the information technology team for resolving issues
Coordinates with IT and Business teams to address security issues in a collaborative manner
Coordinates security audit issues between Auditors and IT and works as a team
Documentation & Other Duties
Knowledge of NISTm800-53r5
Document and maintain clear policies, procedures, and guidelines related to computer security and emergency response measures.
Develop and manage security documentation for both compliance and operational reference.
Supports special projects as assigned.
May perform other duties as assigned; may be required to assist in the event of an emergency declaration.
Other duties as assign
Minimum Qualifications
Experience in cybersecurity, data protection, and risk management.
In-depth knowledge of security principles, firewalls, anti-virus software, encryption, and vulnerability testing.
Strong understanding of network protocols, security technologies, and system administration.
Ability to collaborate effectively with users, vendors, and internal teams.
Strong analytical skills and attention to detail in assessing risk and security needs.
Excellent communication skills, both written and verbal.
Additional Considerations
Advanced knowledge in Computer Science, Information Security, or a related field.
Certification in cybersecurity (e.g., CISSP, CISM, CompTIA Security+, CC) is desirable.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
VDH accepts only on-line applications. Faxed, mailed, or e-mailed applications will not be considered. Applications are accepted until 11:55 p.m. on the job closing date. Applications and/or resumes should include relevant work history which indicates your quali?cations for this position. Supplemental questions are encouraged to be answered in a comprehensive manner and reference any pertinent knowledge, skills, and abilities as well as any previous experience that relates to the position.
Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Service's Child Abuse and Neglect Central Registry check, U.S. HHSIG Exclusion List check, employment reference check and E-Verify. Other ?nancial, credit, driving, background checks or completion of Statement of Economic Interests may be required for certain positions
It is the policy of the Commonwealth and VDH that all aspects of human resource management be conducted without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists); sex; color; national origin; religion; sexual orientation; gender identity or expression; age; veteran status; political affiliation; disability; genetic information; and pregnancy, childbirth, or related medical conditions. VDH employees have a shared Code of Ethics, which can be found in the bottom banner of our website: ;br>If you have been affected by DHRM Policy 1.30 layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment.
As a V3 (Virginia Values Veterans) employer VDH Welcomes Veterans to apply!
Contact Information
Name: Lindsay Schneider
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.