Position Overview and Responsibilities
DEP’s Office of Technology and Information Services (OTIS) is currently recruiting for a Senior IT Business Consultant. This position serves as an information security engineer for the department and reports to the Information Security Manager. This is a highly technical position that creates and executes operational security initiatives on a continuing basis to improve the agency’s information security posture.
The ideal candidate will be a confident communicator, comfortable engaging with both internal and external stakeholders. They must exhibit exceptional organization and troubleshooting skills, attention to detail, along with strong written and verbal communication. Flexibility is essential, as the role will at times require availability outside of standard 8-5 business hours. We seek a proactive team member who can also work independently, demonstrating a strong working knowledge of enterprise cybersecurity solutions and practices. The ability to take direction, execute and document tasks efficiently is crucial. Additionally, the candidate should be comfortable with emerging technologies and an ever‑changing threat landscape.
Specific duties and responsibilities
Assist with maintaining the information security incident response plans and procedures to comply with Florida State standards and rules. This includes:
- Maintaining procedures to ensure security requirements are incorporated into the change control process
- Maintaining the protection of the physical and virtual operating environment for agency‑owned or managed IT resources
- Maintaining a policy and procedure review process that facilitates continuous improvement of IAM security
- Maintaining a policy and procedure review process that facilitates continuous improvement to security standards
- Establishing an information security program that includes policies, procedures, standards, guidelines, an awareness program, a risk management process, a Cybersecurity Incident Response Team, and a disaster recovery program aligned with the agency’s Continuity of Operations Plan
- Proactively researching latent security threats and recommending risk mitigation actions
- Performing information security investigations in conjunction with the Inspector General’s Office and law enforcement agencies
- Developing, maintaining, and executing the department’s IT Security Strategic Plan
- Reviewing and modifying identity and access management policies
- Reviewing and modifying firewall rules iteratively to be more secure
- Responding to information security incidents and executing countermeasures
- Reviewing access requests and providing access control oversight when needed
- Maintaining technical skillset to adapt to new technologies and recommending security‑focused training
- Monitoring e‑mail filtering and spam control systems and configuring as necessary to improve security
- Ensuring cryptographic standards are maintained in systems and applications
- Assisting with ensuring compliant CJIS systems and recommending technologies for on‑premise and cloud‑based CJIS infrastructure
- Evaluating desktop policies to ensure proper patching levels and security policies are maintained
- Assisting the ISM with strategic tasks including security risk assessments, audits and governance
- Performing other duties as assigned
Required Knowledge, Skills, and Abilities
- Superior communication skills, both verbal and written
- Extensive experience in technical information security roles
- Experience with principles of enterprise information security
- Experience researching and implementing security technologies
- Knowledge of computer networking concepts, protocols, and network security methodologies
- Experience analyzing network traffic and packet‑level analysis
- Knowledge of cyber threats, vulnerabilities, and attackers
- Experience recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of system and application security threats and vulnerabilities
- Knowledge of Cloud service models
- Experience identifying, capturing, containing, and reporting malware
- Experience troubleshooting security events on Windows endpoint and server operating systems
- Experience with information classification programs and procedures
- Experience designing and implementing IAM policies for both on‑prem and cloud‑based identity management
- Excellent coordination and collaboration skills
- Valid driver’s license and ability to travel as needed
Minimum Qualifications
- 3 years of enterprise cybersecurity work experience
- Experience in cybersecurity incident response
- Experience participating in cybersecurity or IT audits
- Experience with Active Directory
- Experience with cloud architecture
- Valid driver’s license
- Position of Special Trust requirement and successful background screening
Our Organization and Mission
The Florida Department of Environmental Protection (DEP) is the state’s lead agency for environmental management and stewardship – protecting our air, water and land. The vision of DEP is to advance Florida’s position as a world leader in protecting natural resources while growing the state’s economy.
How You Will Grow
DEP encourages its employees to constantly innovate and seek efficiencies. OTIS has an extensive training program, including courses and certifications such as CompTIA A+, Security+, Network+, CISSP, PMP®, ScrumMaster, and many others.
Where You Will Work
Tallahassee, Florida – on‑site position.
