Senior Endpoint Cybersecurity Engineer Employment Type:  0 - Full-time Regular Pay Range:  $108, - 163, Location:  Castle Rock, CO Overtime Exempt:  Y Elected Office / Department:  INFORMATION TECHNOLOGY The Endpoint Cybersecurity Engineer is part of a team that performs three core functions for the County. The first is the day-to-day operations of the in-place security solutions. The second is the identification, investigation and resolution of security breaches detected by those systems. This person will ensure the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, and tracking suspicious computer activity. The third involves the day-to-day operations of the management toolsets we leverage for our endpoint environment, Microsoft Endpoint Configuration Manager and Microsoft Intune. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion and conduct user activity and vulnerability audits where required. This position also includes work that is strategic in nature related to the Cyber Security roadmap.

This person will also participate in the improvement of the overall County Cyber Security Program. This will include support of the County cyber training and new cyber software installations. Generally, the hiring range is $99,223-$124,029 annually. Qualifications, education and experience as it relates to the position will be taken into consideration when determining hiring salary. Yourfuture is important to us. Douglas County offers a comprehensive benefits package — including medical, dental, vision, and retirement plans — plus a wide range of additional resources to support your health, growth, and overall well-being. ESSENTIAL DUTIES AND RESPONSIBILITIES: (The following examples are illustrative only and are not intended to be all inclusive.)

Operational Management (60%)

Work with the IT operations team to maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (, security tools) or not (, workstations, servers, network devices, etc.). Maintain operational configurations of all in-place security solutions as per the established baselines. Build and secure the task sequences used to deploy our endpoints. Secure our infrastructure by deploying 1st and 3rd party patches on a schedule. Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they be under direct control (, security tools) or not (, workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic activity. Incident/breach troubleshooting and remediation may require potential after hours’ support. Participate in the design and execution of vulnerability assessments, penetration tests and security audits.

Strategy & Planning (20%)

Participate in the planning and design of enterprise security architecture. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures). Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan. Assess need for any security reconfigurations (minor or significant). Review, manage, create and maintain policies and conditional access to protect County data. Conduct and present research on emerging products, services, protocols, and standards in support of security enhancement and development efforts. Build and present reports and dashboards demonstrating the Security state at the County. Participating in developing a security incident response plan and protocols.

Acquisition & Deployment (20%)

Recommend, schedule, and perform security improvements and upgrades. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically. MINIMUM QUALIFICATIONS: EDUCATION and/or EXPERIENCE: A Bachelor’s Degree in computer science or equivalent from an accredited college, university or technical school is required. Sufficient experience may be substituted for a degree. A minimum of five years’ work experience in cyber security operational environment, IT risk management, IT Compliance, IT audit or similar field is required. A combination of education and experience may be considered. CERTIFICATES, LICENSES, REGISTRATIONS: At least one current certification in Cyber Security (, CISA, CISM, CISSP, and/or Security+) is required. Suitable experience and education may be considered in lieu of certifications.