IT SECURITY PROGRAM SPECIALIST - 01192026-74495

Job Information

LOCATION OF (1) POSITION(S) TO BE FILLED: DEPARTMENT OF FINANCE & ADMINISTRATION, STRATEGIC TECHNOLOGY SOLUTIONS DIVISION, DAVIDSON COUNTY

This position is designed as Hybrid.

FTI / CJIS Fingerprints and Name Based. This position requires a criminal background check. Therefore, you may be required to provide information about your criminal history in order to be considered for this position.

WORKING TITLE: IT SECURITY PROGRAM SPECIALIST

Qualifications

Education and Experience: Bachelor's degree in a relevant IT or business discipline and one year of experience in business continuity, disaster recovery, risk management, or information security analysis.

Substitution of Education for Experience: Relevant work experience may substitute for education on a year-for-year basis (up to four years).

Necessary Special Qualifications: None

Examination Method: Education and Experience, 100%

Overview

Under general supervision, the IT Security Program Specialist is responsible for supporting and evaluating enterprise-level information security initiatives, disaster recovery plans, and risk mitigation efforts. Operating under general supervision, the role contributes to system continuity strategies and performs risk and vulnerability assessments across multiple agencies. This position supports the resilience of statewide IT operations by contributing to enterprise security protocols, continuity planning, and user awareness initiatives, and is distinguished from higher classifications by the absence of lead or advanced program responsibilities. This class differs from Security Program Coordinator in that an incumbent of the latter performs advanced-level work or functions as the lead in a security program area.

Responsibilities

1. Business Continuity & Disaster Recovery - Assists in the development and testing of recovery plans and continuity strategies to ensure operational resilience during outages or emergencies.
2. Vulnerability Management & Application Security - Participates in enterprise-level risk assessments, identifies threats, and contributes to the creation of mitigation strategies.
3. Cloud Security - Assists in analysis and reporting of cloud security and contributes to the creation of cloud security strategies.
4. Security Monitoring & Analysis - Monitors systems and reports for vulnerabilities and potential breaches; performs analysis to uncover security gaps and trends.
5. Policy & Program Support - Assists in developing and updating security policies, procedures, and enterprise standards.
6. Training & Awareness - Supports user training initiatives and communicates security practices and threats across the organization.
7. Communication & Collaboration - Coordinates with internal teams and external partners to resolve issues, plan exercises, and ensure cohesive security measures.

Competencies (KSA's)

Competencies:
1. Action Oriented
2. Customer Focus
3. Manages Ambiguity
4. Drives Results
5. Tech Savvy

Knowledges:
1. Information security best practices and standards
2. Risk assessment and management principles
3. Security frameworks, policies, and regulatory requirements
4. Disaster recovery and continuity planning processes
5. IT systems and operating environments

Skills:
1. Problem solving and critical thinking
2. Communication and documentation
3. Training and user engagement
4. Vulnerability analysis and threat detection
5. Time management and prioritization

Abilities:
1. Analyze and interpret complex security data
2. Adapt to evolving threats and technologies
3. Coordinate with stakeholders across agencies
4. Communicate effectively in high-pressure situations
5. Maintain focus and accuracy during emergencies

Tools & Equipment

1. Laptop and mobile computing tools
2. Adobe PDF software
3. Microsoft Office Suite
4. SharePoint and ServiceNow
5. Everbridge and security awareness platforms