Position Information

Posting Title
IT Security Consultant (Incident Response)

Job Requisition Number
AE503048

Position Number
118201

Job Type
Full-Time

Division Name
Information Technology

Minimum Qualifications

• Graduation with a Bachelor's degree from an accredited college or university with major course work in a field related to the job, plus four (4) years related experience.
• Experience may substitute for education up to four (4) years.

Licenses or Certifications:

• None.

Notes to Applicants

Austin Energy seeks an IT Security practitioner with technical experience in Incident Response and Microsoft Cloud Security for the position of Information Technology Security Consultant to be a part of a dynamic team of experienced, Cybersecurity professionals located in the Austin area.

Some functional responsibilities of this position include the following:

• Lead the Incident Response Program for AE
• Monitor SEIMs, and respond to events
• Maintain and update the Incident Response Plan
• Lead the SOC Alert, Event and Incident Review meetings
• Respond to and/or coordinate response on compromised endpoints
• Develop Cybersecurity event monitoring and response strategy
• Report on non-compliant endpoints and work with teams to remediate
• Maintain incident ticket queue for the team, and ensure all tickets are assigned & updated
• Develop and lead threat hunting exercises
• Develop and lead cybersecurity tabletop exercises
• Manage threat feeds and intelligence vendors
• Attend Incident Response based training

This position requires a Financial and NERC - CIP background investigation.

I MPORTANT INFORMATION :

Working with Austin Energy provides a number of health and welfare benefits such as low-cost medical, dental, vision, paid leave time, a highly competitive retirement plan, career development opportunities and more. Please click HERE for more information.

Employment Application:
• The City of Austin employment application is an official document; incomplete applications will not be considered.

• Please be sure to detail on the application all current and previous employment that you wish to be considered as part of your qualifications.

• The Employment Record should be complete with job titles, employment dates, job duties, functions, and responsibilities for each position held. Starting salary will be based on overall relevant experience from your application.

• Résumés will not be accepted and statements such as "see résumé" will not be accepted. You may use "N/A" for fields that are not applicable.

• Please note that Austin Energy may close the job posting at any time after 7 days from the date of the initial advertisement. Once the job posting has closed, applications cannot be changed.

If you are selected as a top candidate:
• Verification of your education (which may include high school graduation or GED , undergraduate and/or graduate degrees) will be required. You must provide proof of education from an accredited organization/institution.

• If you are identified as a top candidate and are in the military or a veteran, you will need to provide a copy of your DD-214 prior to confirming a start date.

• This position requires a criminal background investigation.

Travel:
If you are selected for this position, and meet the Driver Safety Standards in the City of Austin Driver Safety Program, you may drive when necessary to multiple locations as part of your regular job duties. Otherwise, you are responsible for getting to and from these locations.

Fair Labor Standards Act:
This position is considered FLSA Exempt. Exempt employees are salaried and, except as provided, are not eligible for overtime compensation.

Pay Range

Commensurate

Hours

Monday through Friday.
Supporting 8:00 a.m. to 5:00 p.m. activity - 40 Hour Work Week.
May work evenings, weekends or holidays. Schedule may change based on business need.

Job Close Date
03/19/2023

Type of Posting
External

Department
Austin Energy

Regular/Temporary
Regular

Grant Funded or Pooled Position
Not Applicable

Category
Technical

Location
78741 - Currently teleworking

Preferred Qualifications

• Experience with administration and operation of a SIEM (Splunk, Azure Sentinel, etc.)
• Experienced in Cybersecurity Incident Response including Threat Hunting
• Experienced in maintaining and updating a computer security incident response plan
• Experience documenting and coordinating response activities across work groups
• Experience with hosting table top exercises, and documenting lessons learned
• Experience with developing queries using KQL and/or Splunk Query Language
• Experience with cloud security fundamentals, preferably in Azure and M365
• IT Security Certification/s - ( CISSP , GSEC , etc)
• Experience with Windows, Linux, Networking, Cloud, and VM environments
• Ability to travel to more than one work location

Duties, Functions and Responsibilities

Essential duties and functions, pursuant to the Americans with Disabilities Act, may include the following. Other related duties may be assigned.

Plan, design, implement, monitor risk mitigation and compliance of security measures, and policies and procedures.

Manage response to high-level information security issues.

Provide security program leadership in designing, procuring and implementing secure IT solutions for enterprise-wide application and infrastructure-related projects including business continuity and disaster recovery plans.

Develop, maintain and publish documentation for enterprise-wide information technology security standards, procedures and guidelines.

Maintain awareness of security industry trends and identify areas where existing information or physical security infrastructure requires change or development.

Provide risk assessments and security briefings to advise on critical issues that may affect security of enterprise infrastructure or business process.

Perform computer security incident response to possible security breaches or policy violations.

Perform information and physical security investigations.

Develop security awareness and compliance training programs.

Consult on projects or project manage security implementations and development.

Responsibilities- Supervision and/or Leadership Exercised:

• May provide leadership, work assignments, evaluation, training, and guidance to others.

Knowledge, Skills and Abilities

Must possess required knowledge, skills, abilities, and experience and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.

• Knowledge in networking, wireless, databases, applications and system operations and how they interact with each other
• Knowledge of enterprise information security systems and implementation
• Knowledge of securing different types of systems
• Knowledge of industry and department best practices, requirements and policies and procedures
• Skills in security assessments and recommendations
• Skill in analyzing and investigation of information security trends
• Skill in mentoring and monitoring daily work activities of others
• Skill in selecting and using training/instructional methods and procedures
• Skill in documenting and maintaining complex application and process or configuration information
• Skill in identifying complex problems and implementing solutions
• Ability to educate various personnel regarding information security
• Ability to identify trends as well as isolated events
• Ability to accurately identify/determine customer needs and take appropriate actions and/or steps to address identified needs
• Ability to recognize, value, and include different perspectives, experiences, approaches, and cultures in achieving organizational goals
• Ability to gain and maintain the trust and confidence of others and the organization through consistency and reliability
• Ability to give, receive, or share thoughts, ideas, perspective, and data to create shared understanding
• Ability to inspire, motivate, and influence others to achieve individual and collective goals
• Ability to make sound decisions in a timely manner that solve issues and stand the test of time
• Ability to recognize, plan, focus upon, and work toward what is most important or critical
• Ability to recognize strengths and areas for improvement in others and to provide opportunities, guidance, and encouragement to build skills and capacity
• Ability to recognize, manage, and resolve conflict efficiently and equitably
• Skill in facilitating meetings of diverse stakeholders
• Ability to see a broad view of an issue or challenge across typical organizational lines and beyond the present
• Ability to create, convey, and instill a unified vision and purpose
• Ability to see past the moment and adapt to a rapidly changing environment
• Ability to achieve organizational goals and objectives
• Ability to navigate relationships involving complex, emotional, and/or value-based issues in order to influence and achieve positive results

Criminal Background Investigation
This position has been approved for a Criminal Background Investigation.

EEO/ADA

City of Austin is committed to compliance with the Americans with Disabilities Act. If you require reasonable accommodation during the application process or have a question regarding an essential job function, please call (512) 974-3210 or Texas Relay by dialing 7-1-1.

The City of Austin will not discriminate against any applicant or employee based on race, creed, color, national origin, sex, gender identity, age, religion, veteran status, disability, or sexual orientation. In addition, the City will not discriminate in employment decisions on the basis of an individual's AIDS , AIDS Related Complex, or HIV status; nor will the City discriminate against individuals who are perceived to be at risk of HIV infection, or who associate with individuals who are believed to be at risk.