Website Louisville Metro Government

Description

Summary Objective

The purpose of this position is to provide Louisville Metro Government (Metro) and the Cyber Security teams with actionable intelligence on exploitable components of the Metro network and information systems. This position will serve as the red team component for the Cyber Security team.
This position works under direct supervision of the Information Security Officer and Senior Security Advisor.

 

Examples of Duties

ESSENTIAL FUNCTIONS

The essential functions listed below are those that represent the majority of the time spent working in this class. Management may assign additional functions related to the type of work of the class as necessary.

Provides timely information that impacts computer security policies and procedures.
Performs discovery of exploitable systems, services, and components thereof for systems owned or contracted by Louisville Metro Government.
Inspects systems, services, and components thereof for new services purchased by Metro to manage third-party risk.
Collaborates with key stakeholders in Metro and affiliated third parties to address and correct identified exploitable deficiencies.
Performs structured penetration testing of Metro systems.
Trains and mentors key stakeholders in Metro on best-practice frameworks and tools for threat- surface reduction including, but not limited to, OWASP, CIS-CAT, and NIST CSF.
Creates professional technical and executive briefs regarding completed risk assessments and penetration tests.
Collects real world threat intelligence into planning efforts to guide future testing of Metro and affiliated third-party systems.
Performs related work as assigned.

Minimum Requirements

MINIMUM EDUCATION AND EXPERIENCE REQUIREMENTS

Bachelor’s degree in computer sciences, cyber security, or related field with emphasis on ethical hacking.
Three (3) years of experience in red team operations and ethical hacking or an equivalent combination of education, training and experience.

OR

Professional certification in ethical hacking, penetration testing, or a related field (1 year).
Six (6) years of experience in red team operations and ethical hacking or an equivalent combination of education, training and experience.

OTHER MINIMUM REQUIREMENTS

Must submit to fingerprinting for criminal history check.
Must complete the annual security awareness training.

PHYSICAL DEMANDS

Physical demands refer to the requirements for physical exertion and coordination of limb and body movement.

Performs sedentary work that involves walking or standing some of the time and involves exerting up to 10 pounds of force on a regular and recurring basis or sustained keyboard operations.

UNAVOIDABLE HAZARDS (WORK ENVIRONMENT)

Unavoidable hazards refer to the job conditions that may lead to injury or health hazards even though precautions have been taken.

None.

AMERICANS WITH DISABILITIES ACT COMPLIANCE

Louisville Metro Government is an Equal Opportunity Employer. ADA requires the Louisville Metro Government to provide reasonable accommodations to qualified persons with disabilities. Prospective and current employees are encouraged to discuss ADA accommodations with management.

STANDARD CLAUSES

May be required to work nights, weekends, holidays and emergencies (man-made or natural) to meet the business needs of Louisville Metro Government.

This job description is not designed to cover or contain a comprehensive listing of essential functions and responsibilities that are required of an employee for this job. Other duties, responsibilities, and activities may change or be assigned at any time with or without notice.

ESSENTIAL SAFETY FUNCTIONS

It is the responsibility of each employee to comply with established policies, procedures and safe work practices. Each employee must follow safety training and instructions provided by their supervisor. Each employee must also properly wear and maintain all personal protective equipment required for their job. Finally, each employee must immediately report any unsafe work practices or unsafe conditions as well as any on-the-job injury or illnesses.

Every manager/supervisor is responsible for enforcing all safety rules and regulations. In addition, they are responsible for ensuring that a safe work environment is maintained, safe work practices are followed, and employees are properly trained.

To apply for this job please visit www.governmentjobs.com.