Title:  Cyber Security Engineer Entry

Purpose

To learn the effort of providing specialized enterprise-wide security engineering and managing cyber protection, defense, design, development, implementation, and operation risk to our Information, Information Technology and Operational Technology (IT/OT) Systems and network infrastructures.

Nature and Scope

There are four (4) levels in this job classification series that have similar job content but with progressively more challenging degrees and levels of skill, responsibility, knowledge, experience and qualification requirements:   

Flex Classifications (that permit progression from lower-level classes to higher level classes without examination based upon assessment of an individual's experience and performance) within the series:   

• Entry: Incumbent acquires knowledge, skills and abilities to perform the tasks associated within the series but are not yet demonstrating these at the Journey level.   
• Journey: Incumbent is demonstrating the required skills and knowledge to independently perform the full scope of the job.   

Non-Flex Classifications (that promote from lower-level classes to higher level classes and require an examination, such as an interview, based upon individual experience and performance) within the series:   

• Senior: Advanced journey level resource who is responsible for advanced assignments, as dictated by the work needing to be performed. May serve in a lead/supervisory capacity.   
• Principal: Subject matter expert/lead level/supervisory and is responsible for leading the most advanced work, as dictated by the work needing to be performed.   

Entry to Journey: Incumbents at the entry level are required to successfully “progress” to the journey level within 60 months of appointment to remain within the job series.   

Seniors and Principals must be hired through a promotional process and do not automatically progress from lower levels in the series. 

Duties and Responsibilities

Cybersecurity Engineer Entry is responsible for performing the following work functions, with supervision, in support of and to assist journey-level cybersecurity engineers:

• Defensive Cybersecurity: Evaluates data collected from various cybersecurity defense tools to mitigate risks.
• Digital Forensics: Evaluates digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
• Incident Response: Investigates, evaluates, and responds to network cybersecurity incidents.
• Infrastructure Support: Tests, implements, deploys, maintains, and administers infrastructure hardware and software for cybersecurity.
• Insider Threat Assessment: Identifies and assesses the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.
• Threat Assessment: Collects, processes, evaluates, and disseminates cybersecurity threat assessments. Develops cybersecurity indicators to maintain awareness of the status of the highly dynamic operating environment.
• Vulnerability Evaluation: Assesses systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Cybercrime: Investigates cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.
• Digital Evidence Assessment: Identifies, collects, examines, and preserves digital evidence using controlled and documented assessment and investigative techniques.
• Systems Testing and Evaluation: Plans, prepares, and executes system tests; evaluates test results against specifications and requirements; and reports test results and findings.
• Cybersecurity Architecture: Ensures that security requirements are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting systems that protect and support organizational mission and business processes.
• Performs other related duties as needed; schedules, hours and locations may fluctuate based on business needs.

Required Education

Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e. Computer Science, Systems Engineering, Electrical Engineering), or equivalent experience. If no degree, 5 or more (5+) years of relevant experience is required.

Required Experience Qualifications

At least one (1+) year of progressively relevant professional or technical experience in cybersecurity and/or information security, or at least six (6+) months relevant SMUD experience.  

Required Licenses/Certificates

At least one (1+) professional certification with an emphasis on Cybersecurity, Information Security, Security and/or Network Administration, or Audit (e.g., CompTIA Security+, GSEC, and GCIP, CEH, and CPEN), or obtain and maintain an industry recognized certification within one year of hire.  

Knowledge Of

Basic Cybersecurity fundamentals and practices.

Skills To

Troubleshoot, evaluate and problem solve; learn new skills quickly with minimal guidance; achieve project schedules and milestones; work in a team environment with dynamic deadlines and multiple priorities while remaining a team player; demonstrate facilitation and presentation abilities, strong verbal and written communication, and strong interpersonal skills; listen, learn, and speak up; demonstrate strong attention to detail; work with different groups and diverse projects as a partner; perform privacy and/or security reviews including regulatory and industry assessments, risk assessments, information inventory and data mapping, vendor management security assessments, and additional privacy or cybersecurity compliance related projects.

Desirable Qualifications

• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
• Ability to accurately define incidents, problems, and events in the trouble ticketing system.Ability to operate common network tools (e.g., ping, traceroute, nslookup).
• Ability to monitor measures or indicators of system performance and availability.
• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of cybersecurity and privacy principles.
• Knowledge of cyber threats and vulnerabilities
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
• Knowledge of operating systems.
• Knowledge of security system design tools, methods, and techniques.
• Knowledge of server and client operating systems.
• Knowledge of systems administration concepts
• Knowledge of virtualization technologies and virtual machine development and maintenance
• Knowledge of operating system command-line tools.
• Knowledge of how to use network analysis tools to identify vulnerabilities

Physical Requirements