Security Engineer
Description:
Description of Work
Discover why NCDIT is the ideal destination for your professional growth - Why Work for NCDIT.
This position may be eligible for hybrid remote work in accordance with state policy and the agency’s remote work program but does require weekly onsite work.
The position is designated Statutory Exempt and is exempt from the State Human Resources Act.
Are you passionate about protecting systems and data from today’s evolving cyber threats?
NCDIT is seeking an experienced Security Engineer to help drive enterprise-wide cybersecurity initiatives and ensure compliance with state and federal regulations. You’ll work at the forefront of cybersecurity operations—identifying vulnerabilities, responding to incidents, and helping build a resilient infrastructure for the State of North Carolina. In this role, you’ll operate and maintain cutting-edge security tools, perform in-depth assessments, lead vulnerability scans, and help shape strategies that strengthen the state’s information security posture. You’ll work alongside a collaborative team of professionals in a fast-paced, mission-driven environment.
Duties include, but are not limited, to:
Operate and tune security tools including Nessus, SIEMs, and IDS/IPS platforms
Analyze logs, system alerts, and threat indicators to identify and respond to risks
Perform vulnerability and compliance scans across platforms and networks
Audit firewalls and assess system configurations to enforce state security standards
Develop and implement Continuous Diagnostics & Mitigation (CDM) strategies
Why Join NCDIT
We’re leading digital transformation across the State of North Carolina. Our work matters—to every citizen, agency, and business we serve. Join us and make an impact while growing your cybersecurity career with access to modern tools, skilled mentors, and a clear mission. Apply today and help secure the systems that power North Carolina.
About the Division
The state Chief Information Officer (SCIO) is responsible for securing North Carolina’s information assets, including data and the supporting infrastructure. The NC Department of Information Technology’s (NCDIT) Enterprise Security and Risk Management Office (ESRMO), supports the state CIO by providing leadership in the development, delivery and maintenance of a cybersecurity program that safeguards the North Carolina’s information and supporting infrastructure against unauthorized use, disclosure, modification, damage or loss. This comprehensive statewide cybersecurity program encompasses: Information security implementation, monitoring, threat and vulnerability management, cyber incident management, and enterprise business continuity management. ESRMO works with executive branch agencies to help them comply with requirements that include: legal and regulatory requirements, statewide technical architecture, and industry best practices. It also works with state agencies, federal and local governments, citizens and private-sector businesses to help manage risk to support secure and sustainable information technology services to meet the needs of North Carolina’s citizens.About the Organization
The N.C. Department of Information Technology (NCDIT) serves as the Technology Center for the State of NC. Services that NCDIT provides reach a client base of state and local government agencies, as well as schools, colleges and universities. NCDIT’s mission is to enable trusted business-driven solutions that meet the needs of North Carolinians. NCDIT provides technology services to state agencies and is charged with closing the digital divide by expanding availability of broadband services and promoting the adoption of affordable, high-speed internet.
As NCDIT’s services reach North Carolina residents from all backgrounds, we believe that our workforce should reflect the demographics of the state. The workforce is our most valuable asset to recognize, understand and meet the IT needs of our constituents across North Carolina. Our agency’s culture is derived through the implementation of thoughtful, practical, innovative and data-driven strategies. We are an Employment First state, ensuring that people with disabilities have equal opportunities to succeed in the state government workplace (Executive Order 92). NCDIT supports recent executive orders to address pay equity for women (Executive Order 93), establish paid parental leave for birth, adoption, and foster care (Executive Order 95), and implement fair chance policies (Executive Order 158). NCDIT also has several initiatives designed to help past and current military personnel and their spouses find rewarding careers with us. Join a team that welcomes, values, respects and supports all members of our work community.If you have student loans, becoming a state employee includes eligibility for the Public Service Loan Forgiveness Program. Visit to learn more.
Knowledge, Skills and Abilities / Competencies
Resumes/CVs are intended to be used as a complement to an application. Generally resumes/CVs are lacking the detail and breadth of an applicant’s full education and work history so applicants should complete the application with more detail than what their resume contains to show that they meet both the Education Requirements and ALL Knowledge, Skills and Abilities (KSAs) listed below in order to qualify. Click these links for additional information: Introduction to the Job Application and Addressing Knowledge, Skills and Abilities. (Note: These links refer to Dept. of Public Safety process; this process is the same for Dept. of Information Technology.)
To qualify for this position, applicants must document on the application that they possess ALL of the following:
Experience with security tools, techniques, and/or incident response practices (e.g., vulnerability scanning, penetration testing, packet-level analysis, root cause analysis, digital forensics, threat hunting, incident handling frameworks, IPS, SIEM)
Experience with security threats and/or attack vectors (e.g., buffer overflow, cross-site scripting, SQL injection)
Experience with industry standard security protocols and/or compliance frameworks (e.g., MFA, Biometrics, SSO, PKI, IRS 1075, PCI)
Experience with developing and/or implementing Continuous Diagnostics and Mitigation (CDM)
Experience with Active Directory and its features (e.g., Group Policy, Identity Management, LDAP)
This position requires a fingerprint-based background search. Hires must agree to a fingerprint-based background search prior to being hired.
Minimum Education and Experience Requirements
Some state job postings say you can qualify by an ‘equivalent combination of education and experience.’ If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.Bachelor's degree in computer science or a related IT field or closely related field from an appropriately accredited institution and two years of progressive experience in IT Security or closely related area
OR
Associate degree in computer science or a related IT field or closely related field from an appropriately accredited institution and three years of progressive experience in IT security or closely related area; or an equivalent combination of education and experience.
Supplemental and Contact Information
The North Carolina Department of Information Technology (DIT) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders.
NCDIT uses the Merit-Based Recruitment and Selection Plan to fill posted positions. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position.
The Department of Information Technology will not accept "See Resume" or inserted text resumes in lieu of all work experience and education completed on the application.
Employment at NCDIT is contingent upon a satisfactory background check.
Applicants seeking Veteran's Preference must attach a DD form 214, Certificate of Release or Discharge from Active Duty, along with your application.
Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if you are a current member of the NC National Guard in good standing. If you are a former member of the NC National Guard who served for at least 6 years and was discharged under honorable conditions, you must attach either a DD256 or NGB 22.
Applicants applying for positions that require specific coursework, must upload and attach a copy of the transcript with their application.
Applicants with relevant professional certifications to the posted job must attach proof of active certification along with the information in the “Certificates and Licenses” section.
If applicants earned college credit hours but did not complete a degree program, they must attach an official transcript to each application to receive credit for this education.
If applicants earned a foreign degree, foreign degrees require an official evaluation for U.S. equivalency, and must be submitted to Human Resources for verification. There are several organizations that perform this specialized service, feel free to use any service of your choosing. The National Association of Credential Evaluation Services (NACES) has several options on their website that can provide credential verification:
HYBRID/FLEXIBLE WORK SCHEDULES:
At NCDIT, we are dedicated to fostering a collaborative and flexible work environment, offering a hybrid remote work option for positions that are conducive to remote flexibility. If you do not currently reside within a reasonable commuting distance of the assigned duty station, new hires are granted up to 120 days from their start date to relocate. This relocation ensures the ability to work onsite multiple days per week. If you're eager to contribute to a dynamic workplace, we encourage you to apply!
COMPENSATION & BENEFITS:
The state of North Carolina offers excellent comprehensive benefits. Employees can participate in health insurance options, standard and supplemental retirement plans, and the NCFlex program (numerous high-quality, low-cost benefits on a pre-tax basis). Employees also receive paid vacation, sick, and community service leave. In addition, paid parental leave is available to eligible employees.
Some highlights include:
The best funded pension plan/retirement system in the nation according to Moody’s Investor’s Service
Twelve (12) holidays/year
Fourteen (14) vacation days/year which increase as length of service increases and accumulate year-to-year
Twelve (12) sick days/year which are cumulative indefinitely
Longevity pay lump sum payout yearly based on length of service
401K, 457, and 403(b) plans
Learn more about employee perks/benefits:
Why Work For NC?
NC OSHR: Benefits
NC OSHR: Total Compensation Calculator
To apply for this position, please click the "Apply" link above (on the Government Jobs website) or visit to complete an on-line application.
Due to the volume of applications received, we are unable to provide information regarding the status of your application over the phone. To check the status of your application, please log in to your account and click "Application Status." If you are selected for an interview, you will be contacted by management. If you are no longer under consideration, you will receive an email notification. If there are any questions about this posting other than your application status, please contact:
NCDIT Human Resources
Shaun Osborne
For technical issues with your application, please call the GovernmentJobs.com Applicant Support Help Line at .