•                 

  • IT Professional - Cybersecurity

    CVG -- Cincinnati/Northern Kentucky International Airport
    Job Description
    KENTON COUNTY AIRPORT BOARD invites applications for the position of:
    IT Professional- Cybersecurity

    CLOSING DATE:
        Open Until Filled

    CLASS SUMMARY:
    The purpose of this position is to increase the overall cybersecurity posture of the organization by identifying and reducing or eliminating technical risk.

    ESSENTIAL DUTIES:
    This class specification represents only the core areas of responsibilities; specific position assignments will vary depending on the needs of the department.

    OPERATIONS:
    • Designs, implements and maintains all internal cybersecurity-related systems, including but not limited to vulnerability management, intrusion detection/prevention, firewalls, and security information and event management.
    • Collaborates within IT and throughout the organization to assess organizational information security risks and identify paths forward in mitigating or remediating those risks.
    • Responsible for network security and logging.
    • Stays up to date on emerging threats, industry issues and trends, and the global information security landscape.
    • Works with IT leadership and internal auditors to create and update information security policies.
    • Oversees external security assessments and penetration testing.
    • Assists in the development and testing of business continuity and incident response plans
    • Performs regular vulnerability scans and facilitates the remediation as necessary
    • Works with internal and external auditors to document, test, and validate various IT controls
    • Creates documentation related to policies, processes, and systems owned by the Cybersecurity team
    • Mentors junior staff
    • Leads external security assessments, audits, and penetration testing initiatives
    • Ensures technical solutions adhere to various compliance frameworks such as PCI-DSS, HIPAA, and GDPR
    • Responsible for all contract management activities as documented in KCAB Policy 1014, Contract Management. As the subject matter expert, responsible for all key aspects of contract management ensuring KCAB’s interests are represented in any business activities regarding the agreement. Manages contract compliance and resolves issues.

    CUSTOMER SERVICE:
    • Provides on site or remote access diagnoses and resolution to IT security problems by responding to service desk requests and planned work requests.
    • Effectively communicates changes to the organization or relevant parties as needed.
    • Administers the security awareness training and internal simulated phishing campaigns

    ADMINISTRATION:
    • Administers the vulnerability management platform
    • Administers firewalls and VPN
    • Administers intrusion detection and/or intrusion prevention systems
    • Administers security information and event management platform
    • Backup administrator for the centralized logging platform

    TEAM EFFORT:
    • Contributes to team effort by promoting a culture of service and excellence.
    • Performs other duties of a similar nature and level as assigned.

    TRAINING AND EXPERIENCE:
    Bachelor’s degree in Information Technology or a related field to the area of assignment and five years of technology experience designing and maintain IT security including networks, security, and hardware; or, an equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.

    KNOWLEDGE OF:
    • Identity and Access Management
    • Network Security
    o Access Control Lists (ACL)
    o Intrusion Detection and Prevention (IDS/IPS)
    o Firewall administration
    o Virtual Private Network (VPN)
    • Risk Management
    • Security Information and Event Management (SIEM)
    • Vulnerability Management
    • Security Framework(s)
    o Payment Card Industry Data Security Standard (PCI-DSS)
    o International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)
    o Center for Internet Security (CIS)
    o National Institute of Standards and Technology (NIST)
    • Group Policy
    • File system access controls
    • Endpoint security, including Windows, Linux, macOS, and mobile

    SKILL IN:
    • Demonstrated skill in problem resolution and decision making;
    • Demonstrated skill in prioritizing and effectively handling multiple projects;
    • Maintaining confidentiality, privacy and security of protected information;
    • Clearly and effectively communicating, negotiating and advocating, both orally and in writing;
    • Use of a variety of computer-based technologies including word processing and spreadsheets and those specific to job duties;
    • Establishing and maintaining effective, fair, cooperative, collaborative and respectful relationships with internal and external colleagues, peers, work teams and workgroups.

    ADA AND OTHER REQUIREMENTS:
    Positions in this class typically require: climbing, balancing, stooping, kneeling, crouching, reaching, fingering, grasping, standing, walking, talking, hearing, seeing and repetitive motions.
    Heavy Work: Exerting up to 10 pounds of force occasionally, and/or up to 50 pounds of force frequently and/or in excess of 20 pounds of force constantly to move objects.

    Interested candidates can obtain more information and apply at www.cvgairport.com/jobs.

    The Kenton County Airport Board is an Equal Opportunity Employer/Minorities/Females/Disabled/Veterans
    Contact Information