G

IT Security Specialist 2

GovServicesHub
Contract
On-site
Columbus, District of Columbia, United States
IT Security Specialist

Job Location: Columbus, OH (Onsite)

Note:
Candidates with state experience are required.

  • Each candidate must submit a government-issued ID (Driver’s License or Passport) and provide three professional references (names, official emails, and phone numbers).

Job Description:

The State of Ohio – Department of Administrative Services is seeking an IT Security Specialist 2 to support the ESS Security & Infrastructure Operations team. This senior-level specialist will lead major security initiatives, implementations, and integrations while ensuring infrastructure security across multiple platforms.

Specialty Areas:

  • Security Integration – Integrating security into the CI/CD pipeline with automated security testing and scanning.

  • Vulnerability Management – Identifying, assessing, and managing security vulnerabilities throughout the SDLC.

  • Security Automation – Implementing security automation tools and scripts to streamline processes.

  • Threat Modeling & Risk Assessment – Conducting risk assessments to identify security vulnerabilities.

  • Security Policy & Compliance – Enforcing security policies and ensuring compliance with industry standards and regulations.

  • Collaboration – Working with IT teams and stakeholders to implement security best practices.

  • Incident Response – Participating in security incident response and recovery efforts.

  • Continuous Improvement – Enhancing security practices and tools based on industry best practices.

  • Documentation – Maintaining records of security processes, procedures, and findings.

Responsibilities:

  • Lead major security initiatives and projects.

  • Conduct security assessments and vulnerability management using tools like Qualys, Checkmarx, and AutoRabit CodeScan.

  • Manage security in DevOps platforms (Azure DevOps, Copado).

  • Implement security controls for operating systems (Windows, Linux).

  • Administer security controls for Cloud computing platforms (Salesforce).

  • Ensure compliance with security frameworks (OWASP Top 10, SANS 25, NIST SP 800-53).

  • Manage security for web applications using tools like F5 Web Application Firewall, Cloudflare, and AppOmni.

  • Operate SIEM/SOAR tools like Chronicle and Splunk for threat detection.

  • Work with integration platforms such as ServiceNow, MuleSoft, Oracle Integration Cloud, and Tibco.

  • Assist in incident response efforts and provide security recommendations.

  • Maintain thorough documentation of security measures, risks, and resolutions.

Skill Matrix:

Skill
Experience (Years)
Security scanning & vulnerability management (Qualys, Checkmarx, AutoRabit CodeScan)
4+
DevOps platforms (Azure DevOps, Copado)
4+
Operating systems (Windows, Linux)
4+
Cloud computing security (Salesforce)
4+
Security frameworks & standards (OWASP, SANS 25, NIST SP 800-53)
4+
Web application security (F5 WAF, Cloudflare, AppOmni)
4+
SIEM/SOAR tools (Chronicle, Splunk)
4+
Integration platforms (ServiceNow, MuleSoft, Oracle Integration Cloud, Tibco)
4+
Familiarity with scripting (Python, PowerShell, .NET)
Preferred
Familiarity with cybersecurity platforms (CrowdStrike)
Preferred


Mandatory Requirements:

  • Bachelor’s Degree in IT, Cybersecurity, or a related field.

  • 4+ years of experience in IT security roles.

  • Proficiency in security scanning, vulnerability management, and security automation.

  • Strong knowledge of security frameworks, SIEM/SOAR tools, and DevOps security.

Preferred Qualifications:

  • CompTIA Security+ Certification

  • CySA+ Certification

  • CISM or CISA Certification

  • Experience with cybersecurity tools like CrowdStrike.

  • Familiarity with scripting and programming (Python, PowerShell, .NET).

Submission Requirements:

  • Updated Résumé

  • Government-issued ID (Driver’s License or Passport)

  • Three professional references (Names, official emails, phone numbers)