Each candidate must submit a government-issued ID (Driver’s License or Passport) and provide three professional references (names, official emails, and phone numbers).
The State of Ohio – Department of Administrative Services is seeking an IT Security Specialist 2 to support the ESS Security & Infrastructure Operations team. This senior-level specialist will lead major security initiatives, implementations, and integrations while ensuring infrastructure security across multiple platforms.
Security Integration – Integrating security into the CI/CD pipeline with automated security testing and scanning.
Vulnerability Management – Identifying, assessing, and managing security vulnerabilities throughout the SDLC.
Security Automation – Implementing security automation tools and scripts to streamline processes.
Threat Modeling & Risk Assessment – Conducting risk assessments to identify security vulnerabilities.
Security Policy & Compliance – Enforcing security policies and ensuring compliance with industry standards and regulations.
Collaboration – Working with IT teams and stakeholders to implement security best practices.
Incident Response – Participating in security incident response and recovery efforts.
Continuous Improvement – Enhancing security practices and tools based on industry best practices.
Documentation – Maintaining records of security processes, procedures, and findings.
Lead major security initiatives and projects.
Conduct security assessments and vulnerability management using tools like Qualys, Checkmarx, and AutoRabit CodeScan.
Manage security in DevOps platforms (Azure DevOps, Copado).
Implement security controls for operating systems (Windows, Linux).
Administer security controls for Cloud computing platforms (Salesforce).
Ensure compliance with security frameworks (OWASP Top 10, SANS 25, NIST SP 800-53).
Manage security for web applications using tools like F5 Web Application Firewall, Cloudflare, and AppOmni.
Operate SIEM/SOAR tools like Chronicle and Splunk for threat detection.
Work with integration platforms such as ServiceNow, MuleSoft, Oracle Integration Cloud, and Tibco.
Assist in incident response efforts and provide security recommendations.
Maintain thorough documentation of security measures, risks, and resolutions.
| Skill | Experience (Years) |
|---|---|
| Security scanning & vulnerability management (Qualys, Checkmarx, AutoRabit CodeScan) | 4+ |
| DevOps platforms (Azure DevOps, Copado) | 4+ |
| Operating systems (Windows, Linux) | 4+ |
| Cloud computing security (Salesforce) | 4+ |
| Security frameworks & standards (OWASP, SANS 25, NIST SP 800-53) | 4+ |
| Web application security (F5 WAF, Cloudflare, AppOmni) | 4+ |
| SIEM/SOAR tools (Chronicle, Splunk) | 4+ |
| Integration platforms (ServiceNow, MuleSoft, Oracle Integration Cloud, Tibco) | 4+ |
| Familiarity with scripting (Python, PowerShell, .NET) | Preferred |
| Familiarity with cybersecurity platforms (CrowdStrike) | Preferred |
Bachelor’s Degree in IT, Cybersecurity, or a related field.
4+ years of experience in IT security roles.
Proficiency in security scanning, vulnerability management, and security automation.
Strong knowledge of security frameworks, SIEM/SOAR tools, and DevOps security.
CompTIA Security+ Certification
CySA+ Certification
CISM or CISA Certification
Experience with cybersecurity tools like CrowdStrike.
Familiarity with scripting and programming (Python, PowerShell, .NET).
Updated Résumé
Government-issued ID (Driver’s License or Passport)
Three professional references (Names, official emails, phone numbers)