Security Engineer

POSITION SUMMARY

The Security Engineer plays a critical role in safeguarding the Ohio Secretary of State's networks, systems, and data from cybersecurity threats and vulnerabilities. This position is responsible for implementing, administering, and continuously improving cyber defense technologies and security controls to protect enterprise technology assets and sensitive information.

Working on the Cyber Defense Team, the Security Engineer supports the detection, prevention, analysis, and response to cybersecurity incidents and contributes to the design and sustainment of a resilient cyber defense infrastructure.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Cyber Defense Systems Administration

• Administer specialized cyber defense systems and applications, including antivirus, intrusion detection and prevention systems (IDS/IPS), audit and remediation tools, and Virtual Private Network (VPN) devices.

• Perform installation, configuration, maintenance, backup, restoration, and testing of cyber defense platforms.

• Build, install, configure, and test dedicated cyber defense infrastructure and platforms.

• Administer test environments and evaluate applications, hardware, access controls, and configurations managed internally or by service providers.

Threat Detection, Prevention, and Optimization

• Coordinate with Cyber Defense Team analysts to manage and update security rules, signatures, and content blacklists for cyber defense tools.

• Create, edit, and manage network access control lists on firewalls, intrusion prevention systems, and related security devices.

• Identify potential conflicts or performance issues associated with cyber defense tools and perform tuning, testing, and optimization of sensors and signatures.

• Evaluate the impact of implementing and sustaining cyber defense technologies on enterprise systems and operations.

Incident Response and Technical Support

• Provide advanced technical support to enterprise-wide cyber defense personnel during cybersecurity incidents.

• Assist with troubleshooting, diagnosing, and resolving anomalies within cyber defense infrastructure.

• Apply incident handling methodologies to support containment, eradication, and recovery efforts.

Security Architecture and Risk Management

• Assist in assessing cybersecurity risks and recommending technical safeguards to mitigate vulnerabilities.

• Support the application of cybersecurity and privacy principles related to confidentiality, integrity, availability, authentication, and non-repudiation.

• Contribute to system, network, and operating system hardening efforts, including secure configuration, logging, segmentation, and least-privilege access.

Other Duties

• Perform related duties as assigned to support the mission and objectives of the Cyber Defense and Information Technology teams.

At the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website ! Our benefits package includes:

Medical Coverage

Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period

Paid time off, including vacation, personal, sick leave and 11 paid holidays per year

Childbirth, Adoption, and Foster Care leave

Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more)

Public Retirement Systems ( such as OPERS, STRS, SERS, and HPRS ) & Optional Deferred Compensation ( Ohio Deferred Compensation ) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.

Qualifications

MINIMUM QUALIFICATIONS

Education

• Required: Associate or higher degree in computer science, information technology, cyber security, or related field

Certifications

• Required: One or more of the following (or equivalent) industry recognized certifications addressing system security, network infrastructure, access control, cryptography, assessments and audits, organizational security, information security, information systems, network security, information assurance, troubleshooting, and security operations:

o ISC2 Certified Information Systems Security Professional (CISSP)

o ISC2 Certified Information Systems Auditor (CISA)

o SANS GIAC, GSEC, GCIH, GCIA, GPEN

o EC Council - Certified Ethical Hacker (CEH)

o CompTIA Security+

o Cisco Certified Network Associate (CCNA) - Security

• Preferred: System-specific administrative and/or security-related certifications in Microsoft, Cloud, SIEM, Vulnerability Scanning, and IDS/IPS devices.

Experience

• Required: A minimum of three years of experience in real-world security challenges including network security vulnerability, advanced network analysis, basic cyber analysis/operations, network traffic analysis, Intermediate cyber, and hunt

Knowledge, Skills & Abilities

Knowledge

• Cybersecurity principles related to confidentiality, integrity, availability, authentication, and non-repudiation.

• Cyber threats, vulnerabilities, and common attack vectors.

• Network security architecture, protocols, and methodologies (e.g., TCP/IP, DNS, DHCP, OSI model).

• Intrusion Detection and Prevention Systems (IDS/IPS), firewalls, and web filtering technologies.

• Risk management processes, including vulnerability assessment and mitigation strategies.

• Laws, regulations, policies, and ethical standards related to cybersecurity and privacy.

• Data backup, recovery, and continuity concepts.

Skills

• Strong technical skills in network security, operating systems, and cybersecurity tools.

• Proficiency in automation and scripting using languages such as Python, PowerShell, Kusto Query Language (KQL), Shell, or similar.

• Skill in tuning sensors, managing access controls, and securing network communications.

• Skill in protecting networks against malware using preventive and detective controls (e.g., NIPS, anti-malware, spam filtering, device restrictions).

• Skill in network traffic analysis using appropriate tools and methodologies.

Abilities

• Ability to troubleshoot and resolve complex cyber defense infrastructure issues.

• Ability to analyze security data and translate findings into actionable recommendations.

• Ability to work collaboratively with cybersecurity analysts, engineers, and leadership.

• Ability to manage multiple priorities and respond effectively during cybersecurity incidents.

• Ability to maintain accuracy, confidentiality, and professionalism when handling sensitive security information.