Cybersecurity Information Technology Apprentice/Infrastructure

Cybersecurity Information Technology Apprentice/Infrastructure Specialist Associate

Organization: Administrative Services

Agency Contact Name and Information: Alexis Hill ()

Unposting Date: May 13, 2026, 3:59:00 AM

Primary Location: United States of America-Ohio-Franklin County-Columbus

Compensation: $24.16-$25.77

Schedule: Full-time

Classified Indicator: Classified

Union: OCSEA

Primary Job Skill: Information Technology

Technical Skills: Information Technology, Cybersecurity

Professional Skills: Attention to Detail, Critical Thinking

Primary Technology: Not Applicable

About Us: The Ohio Department of Administrative Services (DAS) takes great pride in its work to support the priorities of the DeWine-Tressel administration to ease access for those doing business with the state, secure state data and technology resources, and create efficiencies for our state government partners while keeping costs in check. DAS is the engine of state government, providing innovative solutions and supporting the efficient operation of state agencies, boards, and commissions. DAS program areas serve our Ohio government customers, who in turn directly serve the interests of Ohioans. We help procure goods and services, deliver information technology and mail, recruit and train personnel, promote equal access to the state workforce, lease and manage office space, process payroll, print publications, and perform a variety of other services. The Office of Information Security and Privacy supports the productivity, innovation, and organizational objectives of the state in providing secure services to the people of Ohio. We provide technology, policies, standards, architecture, information, and solutions to enhance the privacy and security of Ohio's data and systems.

Job Description

What You'll Do:

Works under immediate supervision & requires some knowledge of information technology in order to assist Office of Information Security and Privacy staff for assigned program area:

Security Engineering

Assists in providing support, administration, and maintenance necessary to ensure effective and efficient information security systems

Assists in conducting technology assessment and integration process

Provides and supports a prototype capability and/or evaluates its utility

Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions

Provides guidance to customers about applicability of information systems to meet business needs

Assists to develop and conduct test of systems to evaluate compliance with specification and requirements by applying principles and methods for cost-effective planning, evaluation, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.

Risk and Compliance

Assists in performance of security reviews, to identify gaps in security architecture, and develop a security risk management plan

Assists in reviewing authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network

Assists with review of qualifications of the cloud service providers to thoroughly vet cloud vendors

Assists in performing risk analysis (e.g., threat, vulnerability, and probability of occurrence) on new systems and applications for initial installations and major updates

Vulnerability Management

Assists in conducting assessments of threats and vulnerabilities; determining deviations from acceptable configurations, enterprise or local policy; assessing the level of risk and determining appropriate mitigation countermeasures in operational and nonoperational situations

Assists in the measuring the effectiveness of defense-in-depth architecture against known vulnerabilities

Supports penetration testing on networks, systems or elements of systems

Assists to identify systemic security issues based on the analysis of vulnerability and configuration data

Assists in the preparation of vulnerability reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions

Why Work for the State of Ohio

At the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes:

Medical Coverage

Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period

Paid time off, including vacation, personal, sick leave and 11 paid holidays per year

Childbirth, Adoption, and Foster Care leave

Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more)

Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation)

*Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.

Qualifications

Minimum Qualifications:

Apprentice: 1 course or 2 months experience in Information Systems/Information Technology, or a related field including but not limited to: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, IT Security and Help Desk/Customer Support

Associate: 18 months combined work exp. &/or trg. In any combination of the following: installing, monitoring/maintaining, configuring, upgrading, &/or administering/operating a single technology domain.

Or successful completion of IT Apprenticeship program at designated agency.

Or completion of associate core program in computer science or information systems

Knowledge of:

Computer hardware and software

Ticketing software (e.g. Service Now)

Customer Service techniques and standards

State IT policies, procedures and applicable laws

Operations and processes for diagnosing common or recurring system problems

Computer Network Defense and vulnerability assessment tools, including open source tools, and their capabilities

Current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities

Database procedures used for querying security tools to gather information

Classes of attacks (e.g., passive, active, insider, close-in, distribution, etc.)

Different operational threat environments (e.g., first generation [script kiddies], second generation [non- nation state sponsored], and third generation [nation state sponsored])

Electronic devices (e.g., computer systems/components, access control devices, digital cameras, electronic organizers, hard drives, memory cards, modems, network components, printers, removable storage devices, scanners, telephones)

How traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI)

Incident response and handling methodologies

System and application security threats and vulnerabilities

Personally Identifying Information (PII)

Operations and processes for diagnosing common or recurring system problems

Principal methods, procedures, and techniques of gathering information and producing, reporting, and sharing intelligence

Organization's core business/mission processes

Skill in:

Technical writing and documentation practices (e.g standard operating procedures, training documents, work flow diagrams)

Reading/verbal comprehension (i.e. comprehend and apply written & verbal instructions)

Operating PC Hardware and Software (e.g. MS Word, Excel, PPT, Outlook)

Critical thinking (i.e. impact analysis, troubleshooting)

Conducting open source research for troubleshooting network and client-server issues

Basic operation of computers

Using network analysis tools to identify vulnerabilities

Preserving evidence integrity according to standard operating procedures or national standards

Securing network communications

Abilities:

Communication (e.g. Oral, Written, Active Listening)

Problem sensitivity/problem solving

Time Manage (e.g. organization and prioritization)

Active learning