Agency Information Security Professional 1 at Ohio Department of Administrative Services

, Ohio, United States -

Full Time

Start Date

Immediate

Expiry Date

18 Jun, 26

Salary

54.17

Posted On

20 Mar, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Monitoring, Problem-Solving, Collaboration, Application Security, SIEM, IDS/IPS, Endpoint Protection, SAST/DAST Scanners, SCA, WAFs, Threat Detection, Vulnerability Validation, Incident Response, Secure Development, Cyber Resilience, Vulnerability Management

Industry

Government Administration

Description

Office of Information Services The Office of Information Services (OIS) works to support the business functions and the delivery of health, human, and employment services through the application of information technology (IT). OIS supports the delivery of programs to millions of recipients through the development and round-the-clock operation of automated information systems. Due to the number of end-users and technologies supported, OIS is one of the largest and most complex IT organizations within Ohio state government. Learn more about the Office by visiting the ODJFS OIS webpage. What You Will Do There are two positions available, one within the Application Security Team, and one within the Cyber Resilience Team. While each position has a different focus, both share a common mission: strengthening the agency’s security through daily monitoring, problem-solving, and collaboration. On the Application Security Team: You will work directly with enterprise security, developers, system owners, and project teams to secure applications across their full lifecycle. Configure, support, and monitor tools like SIEM, IDS/IPS, endpoint protection, SAST/DAST scanners, SCA, and WAFs. Analyze application and network activity to detect anomalies, threats, or weaknesses. Validate authentication, authorization, logging, monitoring, and data protection controls in new and existing apps. Review application configurations and code-level vulnerabilities, track remediation, and verify fixes. Participate in security incidents, gathering evidence from application logs, dashboards, and alerts. Help refine secure development practices and contribute to documentation, standards, and lessons learned. On the Cyber Resilience Team: You will help strengthen the agency’s preparedness against disruptions, cyber-attacks, and system failures. Configure, support, and monitor enterprise security tools such as SIEM, IDS, endpoint security, and network defense technologies. Analyze network traffic to identify malicious activity and determine methods used, potential impacts, and appropriate responses. Support vulnerability management efforts across systems and infrastructure. Assist with business continuity and disaster recovery tools, plans, and readiness activities. Participate in audits, maintain security documentation, and help coordinate responses to audit inquiries. Automate security tasks using scripting tools (e.g., PowerShell). Contribute to continuous improvement of cyber resilience policies, processes, and capabilities. Schedule: Full-Time Hours: Standard workdays are Monday through Friday. Hours are between 7:00 a.m. and 6:00 p.m. Travel: Occasional travel within the state of Ohio. PN(s): 20041050, 20038860 The ideal candidate, at minimum, must have the following: Option 1 36 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. Option 2 Completion of associate core program in computer science 18 mos. trg. or 18 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. Option 3 Completion of undergraduate core program in computer science 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data. Option 4 12 mos. exp. as Information Technology Apprentice, 69910 Successful completion of Ohio Cyber Apprenticeship program Additional 12 mos. trg. or exp. in Information Systems/Information Technology with a focus in one of the following areas: Software Engineering/Development, Data Analytics/Business Intelligence, Database Administration, Network, or IT Security. Option 5 Equivalent of minimum class qualifications for employment noted above. Tips For Your Application When completing the different sections of this application, be sure to clearly describe how you meet the minimum qualifications outlined in this job posting. We cannot give you credit for your Work Experience and Education & Certifications if you do not provide that information in your online application. Information in attached resumes or cover letters must be entered into your application in the appropriate Work Experience or Education & Certification sections to be considered. Pay Information This position is in the State of Ohio’s OCSEA Schedule, Pay Range 34. Unless required by legislation or union contract, starting salary will be the minimum salary of that pay range (step 1, currently $36.90 per hour). These ranges provide a standardized pathway for pay increases. With continued employment, new hires move to the next step in the range after 6 months and annually thereafter. Cost of Living Adjustments increase wages in these ranges each fiscal year. The current step progression wages are in the table below. Pay Range 34 Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Hourly $36.90 $38.70 $40.59 $42.62 $44.66 $46.87 $49.18 $51.58 $54.17 Annual $76,752 $80,496 $84,427 $88,650 $92,893 $97,490 $102,294 $107,286 $112,674 Months of Employment At Hire 6 Months 18 Months 30 Months 42 Months 54 Months 66 Months 78 Months 90 Months

Responsibilities

Responsibilities involve strengthening agency security through daily monitoring, problem-solving, and collaboration, either focusing on securing applications across their lifecycle or enhancing preparedness against disruptions and cyber-attacks. Tasks include configuring and monitoring security tools, analyzing network/application activity for threats, and supporting vulnerability management or incident response efforts.