Welcome to the City of Charlotte
Charlotte is America’s Queen City, opening her arms to a diverse and inclusive community of residents, businesses and visitors alike. Here you will find a safe, family-oriented city where people work together to help everyone thrive. The mission of the City of Charlotte is to deliver quality public services and promote the safety, health, and quality of life for all residents.
Our guiding principles include:
Attracting and retaining a skilled and diverse workforce
Valuing teamwork, openness, accountability, productivity, and employee development
Providing all customers with courteous, responsive, accessible, and seamless quality services
Taking initiative to identify, analyze, and solve problems
Collaborating with stakeholders to make informed decisions
SUMMARY
Responsible for protecting information systems by researching and maintaining awareness of the latest cyber threats and vulnerabilities, identifying mitigating controls and advising on corrective actions. This position will work with all City technology teams to ensure that necessary technical security requirements are met. As a member of the Innovation and Technology Cyber Security team, this individual will focus on leading operational-related security initiatives to support technology infrastructure, and/or enterprise applications and services while also facilitating the use of technology to ward off attempts by attackers who are targeting sensitive consumer and corporate information. This individual will lead efforts to automate cyber security processes and plan, develop, and coordinate cyber security projects as needed.ESSENTIAL DUTIES & RESPONSIBILITIES
Lead and execute security tasks related to technology projects or initiatives.
Configure and install cyber security systems to include scheduling and attendance of afterhours maintenance windows.
Lead validation cyber security architectures and documentation.
Conduct maintenance and monitoring of cyber security systems.
Provide leadership in response to cyber security incidents.
Develop remediation plans for any gaps reported in audits or recommended process improvements.
Lead collaboration with City departments to manage security vulnerabilities or investigations.
Conduct security research in keeping abreast of latest security issues.
Lead the coordination of managed security services to implement security initiatives.
Lead and execute security tasks related to Innovation and Technology security requests.
Provide advanced leadership in evaluation and implementation of cyber security requirements for technology systems.
Lead the development of scripts and software to automate cyber security processes.
Must be able to work efficiently, expeditiously, and independently with limited supervision.
Perform other related duties as assigned.
COMPETENCIES FOR SUCCESSFUL PERFORMANCE OF JOB DUTIES
Knowledge of:
English grammar, spelling, and punctuation.
Extensive experience with combining AI and ML models with broader system architectures, including cloud-based infrastructure, software applications, and APIs.
Extensive experience with cloud security concepts, including the ability to assess existing cloud implementations for security issues, engineering and implementing new cloud security tools, and providing security expertise for DevOps teams.
Extensive experience with Splunk Enterprise Security, including Search and Reporting, adding new log sources, developing custom parsing rules, administrating forwarders, and deployment servers.
Extensive experience with basic red team tools such as Nmap, Nessus, Metasploit, or other related tools.
Extensive experience with red team and penetration testing processes.
Extensive experience with Security Information and Event Management (SIEM) technologies, including building, administering, operating, and tuning such systems.
Extensive experience with endpoint hardening techniques, including security controls implemented locally and via policy management systems.
Extensive experience with endpoint protection and endpoint detection and response (EDR) systems, including building, administering, operating, and tuning such systems.
Extensive experience with web application security concepts and flaws, including an understanding of how to detect and exploit the most common security flaws found in web applications.
Extensive experience with risk-based, technical assessments of applications using both dynamic and static scanning tools, as well as manual assessment and penetration testing techniques.
Extensive experience with IT system security review processes, including threat modeling, and other risk identification techniques.
Extensive experience with IT system auditing processes for compliance with applicable policies, standards, and regulations.
Extensive experience with privileged access management and password management systems, including building, administering, operating, and tuning such systems.
Extensive experience with information security policy and process development, including the ability to clearly document policies and processes.
Extensive experience with security product evaluation, including requirements development and proof of concept execution.
Extensive experience with project management concepts, including the ability to coordinate and execute IT security projects.
Extensive experience with secure system architecture development, including evaluation of system architectures for security threats, advising IT project teams on necessary security measures, and diagraming architectures.
Extensive experience with system administration, including management of a system’s hardware and software, performing routine maintenance, troubleshooting problems, and management of a system’s full lifecycle.
Skill in:
Strong analytical and problem-solving skills to tackle complex, multi-layered challenges.
Interpersonal skills necessary to develop and maintain effective and appropriate working relationships.
Excellent communication and interpersonal skills.
Able to communicate technical subject matter to an audience with limited technology background.
Cross-platform skillsets, able to navigate and troubleshoot issues in any modern operating system (Linux, MacOS, Windows).
Developing automated processes utilizing a Security Orchestration, Automation and Response (SOAR) platform such as Splunk.
PowerShell and Python scripting languages.
Applying modern cryptography best practices and certificate management.
Identifying, analyzing, and evaluating cybersecurity threats and applying software controls to mitigate those risks.
Requirements:
High School Graduate or Equivalent and nine (9) years of related work experience
OR2 Year College Degree and seven (7) years of related work experience
ORBachelor's Level Degree and five (5) year of related work experience
ORMaster's Level Degree and three (3) year of related work experience or an equivalent combination of education and relevant experience that provides the necessary knowledge, skills, and abilities to successfully perform the essential job duties.
Must be located in or near Charlotte, NC.
Must work in office at minimum two days a week. Subject to change due to business needs.
CONDITIONS OF EMPLOYMENT
The City’s Background Check Policy requires background checks to be conducted on final internal or external candidate(s) applying for any position with the City of Charlotte. The type of information that will be collected as part of a background check includes, but is not limited to: reference checks, social security verification, education verification, criminal conviction record check, and, if applicable, a credit history check, sex offender registry and motor vehicle records check.
Background checks must be in compliance with all federal and state statutes, such as the Fair Credit Reporting Act (FCRA). The checks must be consistent with the guidelines set forth by these laws requiring organizations to obtain a candidate’s written authorization before obtaining a criminal background report, motor vehicle records check or credit report; and to properly store and dispose of information derived from such reports.
Final candidates must pass a pre-employment drug-screening test and physical examination. During the selection process, candidates may be asked to take a skills test, and/or participate in other assessments.
The City of Charlotte is an Equal Opportunity Employer and does not unlawfully discriminate on the basis of race, religion, color, sex, national origin, marital status, age, disability, sexual orientation, political affiliation or on the basis of actual or perceived gender as expressed through dress, appearance, or behavior.
Our culture is to serve the community honorably.
HOW TO APPLY
Apply online.
Federal law requires employers to provide reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job.
You are welcome to visit the City of Charlotte Human Resources Department lobby, where self-service application kiosks are available. They are located in our office at 700 East 4th Street, Suite 200, Charlotte, NC 28202. We are open Monday through Friday, from 9:30 a.m. to 3:30 p.m. (EST), excluding official City holidays.
For questions about your application or the hiring process, please email Careers@ci.charlotte.nc.us.
The City of Charlotte is committed to making our services and programs accessible to all. Upon request, auxiliary aids, written materials in alternate formats, language access, and other reasonable accommodations or modifications will be provided. To make a request, please fill out the Innovation & Technology ADA request form or call 704.336.4120.
BENEFITS
The City of Charlotte provides a comprehensive benefits package to eligible employees.
Click here to learn more about the City of Charlotte’s benefits.
The City of Charlotte is a drug and alcohol-free workplace.