Analyze, update, and support all activities related to the availability, integrity, and confidentiality of employee, arrestee, inmate, and business information in compliance with the Sheriff Office's security policies and procedures, regulations, and law.
Note: Depending on assigned responsibilities, employees may perform some or all of the duties below.
Assist in gap analysis between security policies/standards/regulations and practices, processes, and solutions; recommend actions to the agency.
Assist in establishing, documenting, and managing processes and supporting tools used to accomplish information technology (IT) compliance with regulatory and best practice security and compliance frameworks (e.g., Criminal Justice Information Services (CJIS), US National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), and service organization controls (SOC) reporting.
Analyze data from threat and vulnerability feeds for applicability to the organization.
Assist agency functions in the event of incidents or breaches.
Produce vulnerability, configuration, and coverage metrics and reports to demonstrate assessment coverage and remediation effectiveness.
Interact with other IT staff/agency personnel in meetings to enhance the understanding security issues.
Assist with IT asset security control coverage and metrics reporting regarding security and compliance data using existing tools as appropriate.
Analyze threat and vulnerability reports producing relevant findings.
Review and report on all system logs, alerts, and notifications from agency systems.
Validate that all Sheriff’s Office systems receive security patches and updates in a timely manner.
Review periodic security assessments and tests for finding enumeration.
Monitor and generate appropriate alerts to cybersecurity intelligence from a variety of sources.
Prepare automated and ad hoc reports and/or interpret data from various security sources.
Assist with application meta-data inventory, mapping, and the development of data flow process documentation.
Assist in maintaining critical vendor information.
Promote activities to foster information security awareness within the organization when appropriate.
Perform other related duties as required.
Working knowledge of networking, database design, and data flow design.
Working knowledge of products, platforms, systems, and/or processes supported and integration with other systems and processes.
Working knowledge of standards and information security policies in individual and related areas.
Working knowledge of industry specific, law enforcement regulations appropriate for the agency supported (e.g., CJIS, NIST).
Working knowledge of cybersecurity information and terms.
Strong presentation skills.
Strong English written and verbal communications skills.
Strong analytical and solution/problem solving skills.
Strong task management skills.
Proven project and team leadership skills.
Working within an office environment within a law enforcement agency.
Remaining in a stationary position for extended periods of time at a keyboard, workstation, or meeting and/or training site.
May be required to engage in light physical exertion (e.g., lifting, carrying, pushing and/or pulling of objects and materials of light weight from 5 to 10 pounds).
May be required to work non-standard hours including nights, weekends, and holidays.
A high school diploma or possession of a GED certificate.
Five years of experience in administering security controls in an organization.
Five years of experience in networking, database design, programming and scripting, or server administration.
OR
An associate degree from an accredited institution of higher education in a technical field.
Four years of experience in administering security controls in an organization.
Four years of experience in networking, database design, programming and scripting, or server administration.
OR
A bachelor’s degree from an accredited institution of higher education in a technical field.
Three years of experience in administering security controls in an organization.
Three years of experience in networking, database design, programming and scripting, or server administration.
OR
Three years of experience in a Hillsborough County Sheriff’s Office Information Services Division position.
Pre-employment testing is required.
Attendance at the specified Sheriff's Office work location is required.
Depending on assignment, employees may be required to possess a valid Florida Driver License at time of employment. Driving history will be thoroughly reviewed and may be grounds for disqualification.
No visible tattoos on face, head, and neck. Tattoos determined to take away from the professional appearance of the Sheriff’s Office must be covered with an appropriate white, black, or neutral covering.
No illegal drug sale within lifetime.
No illegal drug use within the past 36 months. No marijuana use within the last 12 months.
No felony convictions within lifetime.
No misdemeanor convictions involving perjury, false statement, or domestic violence within lifetime.
No dishonorable discharge from any branch of the United States Armed Forces, the United States Coast Guard, National Guard, or Reserve Forces.
Successful completion of a background investigation including criminal, reference, employment, and neighborhood checks; polygraph; medical evaluation; and drug screening.
The duties and responsibilities on this job description represent the essential functions that an employee must be able to satisfactorily perform with or without reasonable accommodations. Reasonable accommodations shall be made upon request to enable employees with disabilities to perform the essential functions of their job, absent undue agency hardship. The Sheriff’s Office retains the right to change or assign other duties to this job as necessary.
Experience with public safety and/or law enforcement environments.
One year of experience in project and change management.
Certification as a Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), and/or other related professional designation(s).