Under direction, is responsible for performing work associated with developing, communicating, implementing, enforcing, and monitoring security controls to protect ITSD's technology assets from intentional or inadvertent modification, disclosure, or destruction, including designing, testing, and implementing secure operating systems, networks, and databases. May exercise technical supervision over assigned staff.

Work Location:
100 W Houston St San Antonio, Texas 78205; Onsite (case by case remoting possible with manager's consent)

Work Schedule
7:45 a.m. - 4:30 p.m., Monday - Friday

• Develops, designs, builds, and supports systems and solutions that may have system-wide impact and integrate across the enterprise.
• Conducts password analysis, network-based and Web application-based vulnerability scanning, virus management, and intrusion detection.
• Evaluates cyber threats, vulnerabilities, and mitigation plan.
• Proactively troubleshoots, diagnoses, documents, and resolves escalated support problems.
• Providing technical security direction for the planning, creating, and execution of testing efforts.
• Provides analysis and recommendations for application security design.
• Monitors and analyzes system relevant access logs.
• Analyzes and advise storage team of the security backup and system disaster recovery.
• Determines requirements impact on existing architecture, work
  processes, and systems.
• Performs assessments of multiple complex systems, networks, and applications to identify deviations from acceptable configurations, regulatory compliance, or local policy, while measuring effectiveness of security architecture against known vulnerabilities.
• Applies cybersecurity principles in daily practice, including the NICE Framework workforce categories (Securely Provision, Operate and Maintain, Oversee and Govern, Protect and Defend, Analyze, Collect and Operate, Investigate).
• Provides technical guidance, training, and problem-solving assistance to peer and junior Engineers.
• Performs related duties and fulfills responsibilities as required.

• Bachelor's Degree in from an accredited college or university
• Five (5) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration that includes one of the following: a) network technologies and network monitoring tools, b) web-related technologies (web applications, web Services, Service Oriented Architectures) and of network/web-related protocols, or c) cloud solutions.

• Microsoft Azure admin, Office 365 admin, Purview, EntraID, securcloud ity knowledge including HIPAA, CJIS, PCI.

• If selected for this position, official transcripts, diplomas, certifications and licenses must be submitted at the time of processing. Unofficial transcripts and copies of other relevant documents may be attached to the application for consideration in advance.
• Please be advised that if selected for this position, information regarding employment history as it relates to the qualifications of the position will be needed for employment verification. Applicants claiming military service to meet the experience requirement for this position may attach a DD214 to the application.
• Unless otherwise stated, applicants are permitted to substitute two years of related full-time experience for one year of higher education or one year of related higher education for two years of experience in order to meet the minimum requirements of the job. One year of full-time experience is defined as 30 or more hours worked per week for 12 months. One year of higher education is defined as 30 credit hours completed at an accredited college or university.
• Applicants selected for employment with the City of San Antonio in this position must receive satisfactory results from pre-employment drug testing and background checks. If required for the position, a physical, motor vehicle record evaluation, and additional background checks may be conducted.

• Knowledge of cyber threats and vulnerabilities
• Knowledge of risk management processes, including assessing and mitigating risk
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity
• Skill in utilizing computer networking concepts and protocols, and network security methodologies
• Skill in utilizing test harnessing, test simulation, testing platforms, and testing techniques
• Skill in utilizing cybersecurity principles, including one or more of the NICE Framework workforce categories (Securely Provision, Operate and Maintain, Oversee and Govern, Protect and Defend, Analyze, Collect and Operate, Investigate)
• Skill in working in an agile environment
• Skill in database and security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Skill in creating and executing test plans
• Ability to leverage modern architectural components to design modular, flexible solutions
• Ability to create both technical and non-technical end-user documentation
• Ability to perform all the essential functions of the position, with or without accommodations
• Ability to work primarily in an office environment