Job Posting Open Until Filled Salary Range: $88,654.45 - $118,353.69 Hiring Department: Atlanta Information Management (AIM) Our culture in the Department of Atlanta Information Management (AIM) is rooted in our shared core values: Transparency, accountability, collaboration, service, and integrity. The AIM team understands our role as a strategic partner to departments throughout the city; we strongly believe technology has the potential to elevate the City of Atlanta and is essential to moving the mayor’s vision forward. With the effective use of technology, we become more efficient, more effective, and innovative. We become more capable of enhancing the experience of all affected by City government. AIM’s mission is to advance Atlanta by being consistent in the delivery of innovative, reliable, secure, and user-focused technology solutions. Our team members exemplify the shared core values above, so if you have these characteristics, consider joining us as we work to advance technology for the city, its esteemed citizens, and valued visitors. The Atlanta Information Management (AIM) the role of Security Engineer for the City of Atlanta reporting directly to the Chief Information Security Officer (CISO). The Security Engineer is responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations.Other responsibilities include analyzing, troubleshooting, and investigating security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts. Analyzes security systems and seeks improvements on a continuous basis Helps drive security standards and best practices Advises and implements application, and infrastructure security strategy. Performs breach, threat, and vulnerability analysis Helps drive user education on information security best practices Deploys, configures, and monitors new security tools Troubleshoots and fixes security infrastructure issues. Handles escalations from Cybersecurity Analysts Interacts with, configures, and troubleshoots network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote Reports possible threats or software issues Researches weaknesses and finds ways to counter them Understands software, hardware and internet needs while adjusting them according to our business environment Assists fellow employees with cybersecurity, software, hardware or IT needs Knowledge, Skills and Abilities Ability to set the tone for the organization and motivate management and the team. Understanding of information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL. Maintaining security for assessment, evaluation, and incident forensic work. Ability to prioritize projects Comfortable working in a fast-paced environment Excellent communication skills An understanding of best practices and how to implement them at a business-wide level Critical thinking skills and the ability to solve problems as they arise Qualifications and Education Requirements Bachelor’s degree in Cyber Security, Computer Science, Software Engineering, or a related field (equivalent five years of professional experience may be considered for substitution for the required degree on an exception basis). 1-2 years of relevant experience, graduate degree, and 0-2 years of relevant experience Preferred Qualifications – Education and Experience: Bachelor’s degree in computer science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics 4-6 years of relevant experience or equivalent combination of education and work experience Hands-on experience with one or more of the following platforms or technologies: SIEM, Sentinel, Palo Alto, Windows Defender, Proofpoint, and Qualys Ability to Script Advanced knowledge of Unix, Linux, Windows and operating systems Advanced knowledge of networking protocols and services such as the following: FTP, HTTP, SSH, SMB, LDAP, etc. Packet analysis tools (tcpdump, Wireshark, ngrep, etc.) Experience as a network intrusion analyst Licensures and Certifications The following certifications are preferred: GCIA, GPEN, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, or similar certification