Cybersecurity Engineer G126 Information Technology
Columbus Consolidated Government · Columbus, GA · 2 wk ago
Information TechnologyFull-time
Major Duties and Responsibilities
- Monitors security logs, alerts, and dashboards related to email security, endpoint protection, SIEM activity, and other tools.
- Documents and escalates anomalies, suspicious activity, and alerts to the Information Security Manager.
- Performs daily health checks on critical security tools to ensure proper functionality.
- Assists in the intake, documentation, and preliminary investigation of security incidents.
- Follows established incident response procedures under the direction of the Information Security Manager.
- Gathers evidence, compiles logs, and helps with containment steps such as password resets or workstation isolation.
- Aids in maintaining and delivering cybersecurity training materials.
- Affirms regular access reviews to ensure users have appropriate permissions.
- Affirms compliance with CCG security policies, standards, and procedures.
- Reviews workstation, server, and network device settings for adherence to configurations established by the Information Security Manager.
- Affirms tracking vulnerabilities, patch cycles, and remediation progress across departments.
- Conducts routine scans and compiles results for the Information Security Manager to review.
- Maintains records of investigations, monitoring activities, and security tasks.
- Updates internal knowledge bases, security procedures, and documentation as directed.
- Prepares summaries, trend reports, and statistics for the Information Security Manager.
- Helps review existing security measures and identify areas for improvement.
- Conducts basic research on emerging threats and technologies and shares findings with management.
- Participates in periodic disaster recovery, incident response, and business continuity testing.
Knowledge, Skills And Abilities
- Basic understanding of cybersecurity concepts, tools, and best practices.
- Familiarity with security logs, email security systems, antivirus tools, and endpoint protection platforms.
- Good communication and customer service skills when working with other departments.
- Ability to follow established procedures accurately and escalate issues appropriately.
- Ability to research and stay aware of ongoing threat developments.
- Basic understanding of relevant state and federal cybersecurity expectations.
Minimum Educational And Training Requirements
- Bachelor’s Degree in Cybersecurity, Information Technology, or a related field; OR equivalent combination of education and experience such as: One (1) to two (2) years of experience in IT support, network operations, cybersecurity, or related field of work.
- CompTIA Security+, ISC(2) CC, or other equivalent industry certification.
Physical Requirements
- The work is typically performed while sitting at a desk or table with intermittent standing and walking.
- The employee must occasionally lift light and heavy objects, use tools or equipment requiring a high degree of dexterity, and distinguish between shades of color.
- The following physical abilities are required: Balancing, grasping, handling, lifting, reaching, repetitive motion, speaking, standing, talking, visual acuity.
Benefits
- Low-cost Medical Insurance
- Prescription Drug Plan
- Dental Plan
- Vision Plan
- Flexible Spending Accounts
- Life Insurance
- Supplemental Life Insurance
- Long Term Disability
- Supplemental Retirement Plan
- Free and Discounted Services
- Employee Assistance Program
Required Questions
- Which best describes your level of education? (You will be asked to provide documentation)
- Do you possess a valid driver's license?
- You're reviewing alerts in your SIEM and notice something that doesn't look right but doesn't clearly match a known pattern either. Walk me through how you'd investigate it before deciding whether to escalate.
- Tell me about a time you had to explain a security issue or policy to someone in a non-technical department who didn't want to hear it. How did you handle that conversation?
- What experience do you have with endpoint protection, email security tools, or SIEM platforms specifically? Which tools have you used and what did you actually do with them day to day?
- You're asked to do a routine access review and you notice someone has permissions they clearly shouldn't have anymore, maybe a former employee's account still active, or someone with access way beyond their role. What do you do?