Job Description:
Information Security Engineer
Description
Job Posting Closes at 11:59PM on:07/19/26
Division:Business Innovation & Technology Division
Management Level:Individual Contributor
Scheduled Weekly Hours:40
Benefit Eligibility: This position is eligible for Standard Benefits which includes dental, medical, and vision insurance, paid time off and holidays, retirement matching, wellness programs, and tuition reimbursement.
Description:The
Information Security Engineer is responsible for enhancing and maintaining the security that protects Jefferson County’s data, systems, and networks. Provide expert recommendations and hands on guida nce , while influencing and collaborating with operational IT teams, law enforcement agencies, and external security organizations to foster a culture adhering to the C onfidentiality, I ntegrity, and A vailability principles of information security . Evaluate new technologies throughout the organization for security concerns, successfully advocating adoption of security principles, maintaining security technologies, and promoting security awareness. Design and implement security solutions, mitigate cybersecurity threats, and ensure compliance with government security policies and regulations.
SCHEDULE: This position operates on a hybrid schedule of 40 hours per week. The role is primarily remote, with one scheduled in-office day per week and additional on-site work as needed.
COMPENSATION: Hiring Range : $1 18 ,000 -$1 2 2 ,000 USD Annually
Compensation will be determined based on education, experience and skills.
BENEFITS: Jefferson County offers a generous benefits package that supports your personal and professional life. Benefits include medical, dental, and vision insurance; paid time off and holidays, including a
starting bank of 40 hours of PTO for new hires ; retirement matching; wellness programs; tuition reimbursement; flexible schedules; remote work options; and more. For more information, click here for our Total Rewards summary.
ESSENTIAL DUTIES: Perform s all duties of a cybersecurity analyst :
- Provides cybersecurity support, identification, analysis, issue resolution, and implementation and integration of cybersecurity solutions
- Monitors and evaluates security alerts and analyzes security data to identify potential threats and vulnerabilities
- Assist s in conducting routine vulnerability assessments and penetration testing
- Assist s in incident identification, analysis, and containment , and the development, maintenance, and implementation of cybersecur i ty incident response plan s
- Participate s in the configuration and maintenance of security tools
- Recommend s configuration changes and standards to improve security posture
- Assist s with required auditing and assessment functions, and in creating and updating security documentation and reports
- Assist s with providing security awareness training
- Compiles metrics for information security to allow for trending to assist in reviews of current processes, identify awareness needs, and facilitate measure ment for continuous improvement
- Collaborate s with senior security team members on various projects
- Keep s current on security technology and security news
- Serve s as a primary escalation point during incidents, to both aide in mitigation and containment , as well as offer strategic insight and recommendations to strengthen incident response protocols and prevent reoccurrence
- Researches , designs, and implements cyber security solutions for organization systems and products that comply with all applicable security policies , standards , and regulations (e.g., PCI, CJIS, HIPAA)
- Works with IT and internal and external business partners to perform in-depth security assessments and risk analyses to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software . `
- Collaborates with software development teams to ensure secure coding practices are followed .
- Provide s support for user access management and account provisioning.
- Analyzes and makes recommendations to improve network, system and application architectures .
- Examines network, server, and application logs to determine trends and identify security incidents .
- Assists in the review and update of cyber security policies, architectures and standards .
- Assists in responding to audits, penetration tests and vulnerability assessments .
- Mentor s and provide s guidance to junior team members.
- Research es emerging security technologies, threats, vulnerabilities, regulatory changes , and industry trends and best practices to ensure compliance and proactive security measures .
- Other duties as assigned.
QUALIFICATIONS: Research shows that women and other underrepresented and historically marginalized groups tend to apply only when they check every box in the posting. If you are reading this and hesitating to click “apply” for that reason, we encourage you to go for it! A true passion and excitement for making an impact is just as important as work experience.
Minimum Qualifications:
- Experience: At least three (3) years of professional, hands-on experience designing, implementing, supporting, or securing IT systems, networks, applications, or cloud environments. Preferred qualifications include five (5) to seven (7) years of relevant experience.
- Education: Bachelor’s degree in C omputer S cience , Information Technology, Cybersecurity, or a related field.
- License/Certifications: OSCP , OSEP, GIAC CSEC , CISSP, CISM , CIPM or equivalent preferred
*Note: An equivalent combination of education and experience is acceptable
Preferred knowledge, skills and abilities :
Technical Skillset:
- Broad operating system knowledge, Windows (workstation and Server), Linux, mobile operating systems .
- Strong security knowledge to include firewall , IDS/IPS, web server security, wireless security , cloud, OT , and cryptography .
- Experience designing, implementing, integrating, and maintaining enterprise cybersecurity technologies, including Active EDR, SIEM, database security, and vulnerability management.
- Proficiency in at least one scripting language ( e.g. Python , PowerShell ) for automation and security monitoring .
- Experience designing, implementing, and maintaining security automation solutions using scripting, APIs, workflow automation, and orchestration tools to improve operational efficiency and strengthen cybersecurity operations.
- Understanding of cybersecurity frameworks and standards such as NIST, CIS, and ISO 27001 .
- Familiarity with compliance regulations relevant to government entities (CJIS, HIPAA, PCI , PII ) .
- Strong knowledge of ITIL or equivalent methodology .
Soft Skillset:
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one .
- Strong problem-solving and trouble-shooting skills .
- D ay-to-day general management of cybersecurity.
- Strong customer service skills in various formats and settings.
- Professional verbal and written communication in presentations, written communication, and oral discussion. Ability to clearly communicate complex technical concepts to both technical and non-technical audiences and adjust communication from executives to end users.
- Exceptional interpersonal skills with the ability to collaborate effectively with other team members of different backgrounds and levels of experience.
- Proven ability to create business cases , make recommendations , and deliver projects .
- Ability to hit the ground running and move from high-level goals to tactical roadmaps.
- Po s sess a growth mindset and a bility to consistently demonstrate a positive de meanor, good attitude and behavior in the workplace.
- Self-motivated and possessing of a high sense of urgency and personal integrity.
- Highest ethical standards and values.
Additional Job Information: - A valid Colorado driver’s license is required for positions that drive on County Business in either a county or personal vehicle within30-daysof hire or beginning to serve as an intern or volunteer.
- Offer of employment is contingent upon successful completion ofcriminal history, motor vehicle report, education verification, and/or referencesfor all positions.
Accommodations Statement : We encourage people with disabilities to apply and are committed to providing reasonable accommodations throughout our hiring process. For assistance with applications, interviews, or other hiring-related accommodations, contact
[email protected] . This contact is for accommodation requests only and cannot provide application status updates.
APPLICATION: Qualified applicants are encouraged to apply.
All applicants must submit an online employment application by 11:59PM on the posted cut-off date. Follow this link to apply now: Jefferson County Colorado Career Opportunities
- A resume and cover letter submitted with your application is encouraged but will not substitute for the information requested on the application.
- Current Jefferson County employees must apply through their employee profile in Workday.
- In any materials you submit , you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.
Applications are reviewed for minimum qualifications listed in the qualifications section of the job bulletin, and applicants are contacted directly by the hiring team if selected. To view the status of your application, please log into your candidate portal .
Education:Associate's Degree, Bachelor's Degree
Experience:Work Experience: Minimum three years
Certifications:Languages:Category:Information Technology Services