Salt River Pima-Maricopa Indian Community

Scottsdale, Arizona, United States

Developer / cybersecurity Analyst Ii

Posted over 1 month ago · Full time

Job Description

Definition

Definition : Under general supervision of the Cybersecurity Manager, performs level two security configuration, administration and maintenance duties for the Salt River Pima-Maricopa Indian Community (SRPMIC). Manages security processes and technology improvements in support of the organization's Cybersecurity Strategic Plan. Works cohesively with the IT teams and divisions to conduct risk assessments, administer and audit security systems. As a member of the security team assists in the development, implementation and maintenance of the security architecture design. Provides Information Security Automation utilizing the Python language. Automates log analysis and packet analysis with file operations, regular expressions, and analysis modules. This job class is treated as FLSA Exempt.

Essential Functions : Essential functions may vary among positions and may include the following tasks and other characteristics. This list of tasks is ILLUSTRATIVE ONLY and is not intended to be comprehensive listing of tasks performed by all positions in this classification.

Examples of Tasks

1. Mentor: Mentors Cybersecurity Analyst I and other Security team staff on cybersecurity best practices and standard IT policies and procedures.

2. Security Team Member: Participates as a key member of the security team in setting organizational security direction.

  • Contributes knowledge of security best practices and technical skills. Utilizes problem solving techniques during security planning, implementation and incident response activities.
  • Assumes responsibility for protecting all confidential information discussed, documented or otherwise provided in the course of security events.


3. Leadership: Provides leadership and promotes shared responsibility among the team.
  • Leads the effort in the development and enhancement of standards and procedures related to security development processes and training.
  • Continually seeks to further group empowerment and conflict resolution.
  • Personifies leadership and promotes shared responsibility amongst teams.
  • Listens and communicates effectively with a diverse group of people.
  • Champions continuous improvement efforts within the Security Team, Information Technology Department, Tribal Government and the Community.


4. Cybersecurity Level II

  • Confidentialit y: Assumes responsibility for protecting all confidential information discussed, documented or otherwise provided in the course of security events
  • Network Security Support : Proactively audits and reviews the network and security infrastructure.
  • Monitors LAN/WAN, network, security firewalls, routers and systems to ensure security standards are maintained.
  • Reviews wired and wireless network solution design, interoperability verification, and installation that support secure internal and external connections to the Company's network.
  • Serve key team member for incident management of all network security-related issues.
  • Provides operational reporting that effectively communicates security posture of the SRPMIC organization.
  • Provides technical input and assistance to troubleshoot security issues.


  • Security Risk Assessments : Implement and maintain security, technology, and assessments based on the organization's selected security framework.
  • Maintains the adopted security standards and industry best practices.
  • Works closely with internal stakeholders and security leadership to build and maintain an effective security program to protect the confidentiality, integrity, and availability of IT assets, and help mitigate overall organizational risks.


  • Investigation Support: Respond to breaches or personnel investigation requests.
  • Ensure accurate data capture, chain of custody and reporting for an incident or investigation.
  • Provide leadership, consultation or technical support.
  • Maintain confidentiality and integrity of systems, data and security processes.


5. Documentation : Establishes, maintains and enforces IT Department policies and procedures in collaboration with IT management team.

  • Recognizes and identifies potential areas where existing policies and procedures require change, or where new ones need to be developed.
  • Develops and implements security operational policies and procedures.


6. Project Management: Manages and executes project level tasks and milestones.

  • Assumes security related project management duties as assigned on an as-needed basis.
  • Manages activities of IT staff and outside venders to ensure project completion.


7. Software Code Development: Develops software solutions to automate the daily routine of today's information security professional and achieve more value in less time.

  • Leverage Python to perform routine tasks quickly and efficiently.
  • Develop forensics tools to carve binary data and extract new artifacts.
  • Read data from databases and the Windows Registry.
  • Interact with websites to collect intelligence.
  • Develop UDP and TCP client and server applications.
  • Automate system processes and process their output
  • Participates in the design and architecture of developed software systems.
  • Develops code in accordance with design specifications, coding standards, policies and procedures. Incorporates feedback received from senior team members during code reviews.


8. Miscellaneous: Performs other job related tasks as assigned by the Information Security Officer or IT Director/CIO.

Knowledge, Skills, Abilities and Other Characteristics:
  • Knowledge of the history, culture, laws, ordinances, customs and traditions of the SRPMIC.
  • Knowledge assessing network security system needs and procedures.
  • Knowledge of LANs/WANs, Virtual LANs, Routers and Firewalls.
  • Knowledge of TPC/IP structures, VoIP, VLAN, DHCP and WINS
  • Knowledge of routing protocols BGP, EIGRP, OSPF
  • Knowledge of Cisco Routers, WIN networks, SQL Server, and Active Directory.
  • Knowledge of security configurations ACL, Cisco ASA, DMZ's, IPSEC VPN, SSL VPN.
  • Knowledge of E-Mail systems.
  • Knowledge of Network Security Firewalls.
  • Knowledge of IT and network Best Practices.
  • Knowledge of Check Point firewalls.
  • Knowledge of Cisco switching, firewalls, VPN, IPSEC and GRE
  • Knowledge of network monitoring and troubleshooting Solarwinds Orion.
  • Knowledge of F5 load balancer
  • Knowledge of two factor authentication (RSA Security Authorization Manager)
  • Knowledge of software licensing laws
  • Knowledge of Encase versions 7 and 8 forensic tools.
  • Knowledge of chain of custody practice.
  • Knowledge of development and implementation of security incident response program.
  • Knowledge of CIS, NIST and FedRamp controls/standards.
  • Knowledge in development and communication of Policies and Standards.
  • Knowledge of database table design methodology and data table normalization.
  • Knowledge of object oriented software development and implementation methodologies.
  • Knowledge of software testing and documentation methodologies.
  • Knowledge of Python, Perl, HTML, JavaScript (jQuery), AJAX/JSON, RESTful Web Services, and Software Development Lifecycle Methodologies (SDLC).
  • Knowledge of systems configuration, security, and resource monitoring

  • Skill providing outstanding internal and external customer service.
  • Skill interfacing at all staff levels and providing effective verbal and written communication.
  • Skill managing medium to network security projects.
  • Skill with verbal & written communication.
  • Skill in effectively prioritizing and executing tasks in a high-pressure environment
  • Skilled at defining issues, analyzing and evaluating information, presenting recommendations and identifying alternative solutions.
  • Skill with problem solving and group analysis.
  • Skill resolving application development and software installation problems.
  • Skill designing and developing software systems


  • Ability to learn new programming languages, frameworks and methodologies quickly with minimum supervision.
  • Ability to accurately and quickly identify and diagnose application development related problems and take appropriate corrective action.
  • Ability to work effectively across and within diverse teams.
  • Ability to effectively manage simultaneous security issues.
  • Ability to effectively manage network security related change and requirements gathering in a fast-paced, high-demand work environment.
  • Ability to work under stressful conditions, may require 24/7 incident support.
  • Ability to discuss many options and objectively determine the best solution to a problem.
  • Highly self-motivated and directed combined with extensive experience working in a collaborative, team-oriented environment.

Minimum Qualifications

  • Education: A Bachelor's degree from an accredited college or university in Information Systems, Management Information Systems, Computer Science, Engineering or related discipline required.


  • Experience:
  • Five (5) years' experience with the following:
  • Working in IT, Network/Server security services, hands-on network security implementation experience, monitoring, managing, troubleshooting and reporting
  • Direct work experience administrating a Windows Sever 2003/08/12 server and supporting Windows networked clients workstations (Windows Server and 2003/08/12)
  • Installation and Support of Microsoft 2000/03 Networking
  • Network Design (WAN, LAN and IP)
  • Provide Level III support of networking problems (Router and Firewall outages)
  • Cisco IOS 12.X and newer configuration and support
  • Firewall Support of CheckPoint Firewall R76 and newer for configuration and support
  • Management of two factor authentication, RSA Security Authorization Manager
  • Network Design (WAN, LAN and IP)
  • Experience conducting security risk assessments using various methodologies.


    • Three (2) years demonstrated experience performing 3 of the following tasks:
  • Network LAN & WAN monitoring via Solarwinds Orion and other tools
  • Cisco Router Maintenance
  • Cisco routing and switching experience, including LAN/WAN/Wireless architecture design
  • Experience with wireless RF networks and how to effectively troubleshoot these environments
  • Experience with secure remote access technologies design and support
  • Experience supporting frameworks and compliance mandates such as ISO 2700x, NIST 800, SOX, and HIPAA.
  • Experience in security architecture design and reviews.
  • Experience or knowledge in conducting cyber security vulnerability assessments and remediation planning.
  • Experience in Security Awareness program development and implementation.


    • Three (3) years demonstrated experience in development, implementation and maintenance of large and medium-scale systems required. 3 years demonstrated experience with Python, HTML, JavaScript and Software Development Lifecycle methodologies (SDLC) required.
    • Demonstrated successful experience performing the following technologies required :
    • Python
    • Client side technologies including JavaScript (jQuery), AJAX, and JSON
    • Object Oriented Analysis and Object Oriented Design methodologies
    • Adherence to Agile Software Development Lifecycle Methodologies
    • Microsoft SQL Server or equivalent database technology
    • Process automation using Python in a Cybersecurity setting
    • Automating system processes and process their output
    • Demonstrated successful experience in the following technologies is preferred :
    • Development of forensic tools to carve binary data and extract new artifacts
    • Interacting with websites and system processes to collect intelligence
    • API code-level integration targeting Elastic and Prometheus stacks
    • Continuous integration/delivery automation with Hudson/Jenkins or similar
    • Lifecycle management tools (Atlassian Jira and Confluence or similar)


    • One or more of the following certifications is preferred:
  • Security +
  • Systems Security Certified Practitioner (SSCP®)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • SANS Global Information Assurance Certifications (GIAC)
  • EnCase® Certified Examiner (EnCE®)


    • Equivalency: Equivalent combinations of education and experience that will allow the applicant to satisfactorily perform the duties of the job may be considered.


    • Underfill Eligibility: An enrolled Community Member whom closely qualifies for the minimum qualifications for a position may be considered for employment under SRPMIC Policy 2-19, Underfill


    Special Requirements

    • Special Requirements: May be required to work beyond normal work hours including nights, weekends and holidays.

    • May be required to receive and maintain a Salt River Pima-Maricopa Indian Community, Community Regulatory License, and State Certification (ADOG).
    • All applicants applying for jobs will be subject to Pre-Employment Drug Test and extensive Fingerprint and Background Check. In addition, all employees providing services to a campus with children will be subject to the "Community Code of Ordinances", Chapter 11 "Minors", Article X. "Investigation of Persons Working with Children", random drug testing and completion of a background check every five (5) years.


    Prior to hire as an employee, applicants will be subject to drug and alcohol testing. Will be required to pass a pre-employment background/fingerprint check. Employees are subject to random drug and alcohol testing.

    SRPMIC is a mandatory covid vaccine employer. All employees are required to be fully vaccinated as a condition of employment.

    "SRPMIC is an Equal Opportunity/Affirmative Action Employer" Preference will be given to a qualified Community Member, then a qualified Native American and then other qualified candidate.

    In order to obtain consideration for Community member/Native American preference, applicant must submit a copy of Tribal Enrollment card or CIB which indicates enrollment in a Federally Recognized Native American Tribe by one of the following methods:

    1) attach to application

    2) fax (480) 362-5860

    3) mail or hand deliver to Human Resources.

    Documentation must be received by position closing date. The IHS/BIA Form-4432 is not accepted . Your Tribal ID/CIB must be submitted to HR-Recruitment-Two Waters.
    ecfb0cb57b6d607b83ebbab4cd441ce6

    Sorry, this job has expired.