1. Essential Security Endpoint and Operations Duties
Under general supervision of the IT Manager II, the consultants will work as Senior Enterprise Architects in DEPT’s Infrastructure Support Division (ISD) in support of the organization’s enterprise information technology operations, including all associated hardware/software components and confidential/sensitive data. The consultant is responsible for the implementation, maintenance and operations related to network security of DEPTs statewide information technology systems.
Architectural and operational support responsibilities include, but are not limited to, architectural lead/mentor of technical operations staff as well as technical integration, process development, improvement, maintenance, and support of:
• Endpoint protection to include antivirus, encryption, host intrusion detection, host data loss prevention, and change management.
• Public Key Infrastructure activities, to certificate issuance, and support.
• Public Cloud Security Infrastructure for Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS).
2. Essential Security Network and Perimeter Duties
Architectural and operational support responsibilities include, but are not limited to, architectural lead/mentor of technical operations staff as well as technical integration, process development, improvement, maintenance, and support of:
• Perimeter malware and URL filtering.
• Network Intrusion Prevention and Data Loss Prevention.
• Email Hygiene
• Simple Mail Transfer Protocol (SMTP)
• Cloud Access Security Broker (CASB)
3. Essential Security for Multi-Factor Authentication, Single Sign-on, Zero Trust, and Mobile Device
Management
Architectural and operational support responsibilities include, but are not limited to, architectural lead/mentor of technical operations staff as well as technical integration, process development, improvement, maintenance, and support of:
• Multi-Factor Authentication (MFA) maintenance and disposition of soft and hard security tokens.
• Single Sign-on (SSO) integration with all internal and cloud applications.
• Zero Trust framework visualization, mitigations, and optimizations.
• Mobile Device Management (MDM)
4. Security Compliance
The consultants will provide technical security review and analysis to ensure that all applicable security policies and standards are adhered to and that information systems are compliant with all department, state, and federal information security requirements.
5. Security Leadership/Mentor/Guidance
Provide master level technical knowledge and leadership for all security engineering related infrastructure projects. Lead teams within DEPT and coordinate with non-DEPT staff to develop and implement new enterprise infrastructure components, test enhanced capabilities, and provide a "master" level of DEPT enterprise technical knowledge across all system environments to ensure the highest level of coordination and integration for the DEPT infrastructure. Provide analytical and technical review and analysis to ensure all applicable enterprise infrastructure policies and standards are adhered to. Ensure information systems are compliant with all department, state, and federal information technology and security requirements.
6. Closure, Transition, Training and Knowledge Transfer
This includes: Assisting with the transition of the existing network security infrastructure to maintenance and operations (M&O) mode, providing leadership in the transition of work from the Contractor to the DEPT staff, training staff to take over services, and conducting lessons-learned meetings.
