] Office of Human Resources - Montgomery County Public Schools

OFFICE OF HUMAN RESOURCES AND DEVELOPMENT → CLASSIFICATION → IT SYSTEMS ENGINEER, INFORMATION SECURITY AND COMPLIANCE

Sorted by job title: A - C | D - H | I - Q | R - Z

IT Systems Engineer, Information Security and Compliance

MONTGOMERY COUNTY PUBLIC SCHOOLS CLASS DESCRIPTION
OFFICIAL TITLE: IT Systems Engineer CODE: 5270 SQ/OQ: Optimal Qualified
WORKING TITLE: IT Systems Engineer, Information Security and Compliance GRADE: 27 MONTHS: 12
SUMMARY DESCRIPTION OF CLASSIFICATION: Under direction of the Director of the Department of Infrastructure and Operations, coordinates, designs, and maintains system-wide information security and compliance initiatives; safeguards enterprise systems and data by defining access privileges, control structures, and resources, as determined by best practices, industry standards, and stakeholder needs; identifies and mitigates system vulnerabilities, violations, and inefficiencies through routine audits; provides status updates on system performance through multiple means; acts on privacy breaches and malware threats. Lead engineer on firewall and web filtering technologies making sure the district solutions are adequate and up-to-date. Lead engineer on network Disaster Recovery solutions.
MINIMUM QUALIFICATION STANDARDS
KNOWLEDGE, SKILLS, AND ABILITIES: Thorough knowledge and experience with all Internet transmission protocols including the underlying details of TCP\IP, and the common higher layer protocols: HTTP, HTTPS, FTP, and of the encapsulation protocols for VPN. Thorough knowledge of the administration of one or more of the following operating systems (Windows, Linux, MacOS, and ChromeOS required); the ability to incorporate the Open Systems Interconnection (OSI) model as it applies to a full-flow of traffic. Ability to identify and mitigate network vulnerabilities, as well as communicating best practices in avoiding security flaws. Considerable knowledge of an area of network security, especially network edge firewalls, web filters and cloud-based and end-user VPN services. Thorough understanding of and the ability to design network penetration techniques and test the computer networking system; highly skilled with Firewalls, proxies, content filters, SIEM, antivirus, IDPS concepts, and device logging. Thorough knowledge of disaster recovery and business continuity best practices for critical systems required. Ability to construct high level and detail level network security and disaster recovery diagrams to be shared with management, other departments, and coworkers. Ability to manage multiple complex projects and tasks while paying close attention to details. Strong analytical and problem solving skills. Confidence in decision making with a track record of exercising good judgment. Must be detail-oriented, highly organized, and an effective communicator. Excellent oral and written communication and human relations skills.
EDUCATION, TRAINING, AND EXPERIENCE: BSc/BA degree in Computer Science, Information Technology systems, or related field from an accredited university required. Masters degree, preferred. Five years or more documented professional experience in information technology, networking systems, and network security.
CERTIFICATE AND LICENSE REQUIREMENTS: Professional certification in one or more of the following: CISSP, CompTIA Security+, CISA preferred.
PHYSICAL DEMANDS: (Special requirements such as lifting heavy objects and frequent climbing.) Position is required to work at computer workstations for sustained periods of time.
SPECIAL REQUIREMENTS: (Frequent overtime or night work required, etc.) Non-compensated overtime, especially during peak periods and when urgent work requirements exist.
OVERTIME ELIGIBLE: No

EXAMPLES OF DUTIES AND RESPONSIBILITIES:

Note: (Incumbents may perform any combination of the essential functions shown below. This position description is not intended to be an exhaustive list of all duties, knowledge, or ability associated with this classification, but is intended to accurately reflect the core job elements.)


Researches and recommends security measures to protect system assets based on information technology trends and security standards.

Works closely with the district¿s firewall and web filter vendor to provide the most comprehensive enterprise solutions possible.

Leverage technology tools to monitor network and systems security (SIEM, log analyzers, antivirus);

Performs routine penetration testing and preventative maintenance in collaboration with network administrators;

Deploys security measures to protect systems and infrastructure, including firewalls, IPS/IDS, and web content filtering

Documents security breaches and assess the impact to district assets;

Mitigates potential vulnerabilities to ensure data integrity.

Maintains current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures, such as specific configurations required.
Stay current on IT security trends and news

Interfaces with other MCPS departments proper security protections;

Reviews and revises the MCPS security and acceptable use policies.

Reviews and revises disaster recovery and business continuity plans.

Understands and applies the seven core competencies of the Supporting Services Professional Growth System (SSPGS) commitment to students, knowledge of job, professionalism, interpersonal, communication, organization, and problem solving.

Performs related duties consistent with the scope and intent of the position.
Class Established: 4/2018
Date(s) Revised: 6/2020
Last Reviewed:

This description may be changed at any time.