United States Bankruptcy Court District of Utah Position Announcement UTBC 2024-03
Position: IT Security Specialist Location: Salt Lake City, Utah Starting Salary Range: CL 27 ($58,030 - $94,338) or CL 28 ($69,551 - $113,078) Starting salary commensurate with experience, education and qualifications. Closing Date: Application deadline is July 22, 2024. Open until filled. POSITION OVERVIEW: The United States Bankruptcy Court for the District of Utah is seeking a proactive and experienced Information Technology (IT) Security Specialist for a full-time position in our Salt Lake City office. Reporting directly to the IT Director, the IT Security Specialist will play a key role in safeguarding the court's information systems and ensuring compliance with security protocols. This position requires a strong background in system security administration, excellent organizational skills, and effective communication abilities. The successful candidate will be responsible for developing and implementing security strategies, managing incident responses, and providing security training to court personnel. Representative Duties: The representative duties below provide generalized examples of major responsibilities for this position and do not encompass all assigned tasks. • Policy Development and Compliance: Stay updated on national security policies from the Administrative Office and assist the IT Director in developing and implementing local security policies that comply with national guidelines. Review, evaluate, and recommend improvements for the court's technology security programs. • Risk and Vulnerability Assessment: Conduct regular security risk and vulnerability assessments of information systems using tools like NESSUS and SPLUNK. Coordinate with the IT Director and national IT governance to document and remediate identified vulnerabilities. • Security Architecture and Implementation: Design and implement security policies, architectures, and strategies to safeguard court data, system resources, and assets, ensuring confidentiality, integrity, and availability across the system development life cycle. Implement tools for detecting, preventing, and analyzing security threats. • Project and Process Management: Manage information security projects, ensuring milestones are met. Develop standardized methodologies, templates, and procedures to ensure consistent IT security practices and integration of technology that supports judiciary national IT security best practices. • System and Network Monitoring: Monitor networks and systems for security breaches using software/tools to detect intrusions and anomalous behavior. Regularly review firewall, DNS logs, and Splunk logs for abnormal traffic or unauthorized activity. • Incident Response and Investigation: Investigate and document security breaches, lead incident response efforts, and conduct technical and forensic investigations to assess impact and damage. • Patch and Update Management: Schedule, test, and deploy patches, security updates, and reconfigurations for servers, workstations, and network components. Facilitate the patching and mitigation of identified vulnerabilities. • Training and Awareness: Promote awareness and adoption of security best practices. Conduct security training, including quarterly phishing simulations, and educate team members and coworkers on IT security software and best practices. • Documentation and Reporting: Maintain comprehensive documentation for all aspects of enterprise IT systems. Review and advise the court on the yearly IT security scorecard and ensure all security documentation is up to date. • Technical Support: Provide technical support to local court personnel, respond to help desk requests, log issues in the ticketing system, and assist with user account management and desktop applications. • Strategic Planning: Collaborate with the IT Director to develop a long-term enterprise security strategy and action plan, ensuring alignment with court objectives and national security protocols. • Backup and Recovery: Review data backup procedures, perform periodic restore testing to ensure data integrity and security, and identify opportunities for security process improvements, executing improvement plans as needed. QUALIFICATIONS: General Experience: Must be a high school graduate and have performed at least two years of progressively responsible technical, administrative, or other work that indicates the possession of, or the ability to acquire, the knowledge and skills needed to perform the duties of the position. Some, or all, of the two years of required general experience may be substituted with education above the high school level. Specialized Experience: Specialized Cybersecurity education is preferred. Specialized experience in progressively responsible technical or administrative positions requiring the regular and recurring application of procedures that demonstrate the ability to successfully perform the duties of the position. Such work should have involved the routine use of specialized terminology and automated software and peripherals. Preferred Experience: • Bachelor's degree in computer science or related field. CompTIA A+ and Network+ Certifications. • Understand IT security best practices and demonstrated ability to analyze, design, implement security systems, policies, and procedures. Understand theories, principles, and best practices of desktop computer and mobile device hardware and software, data communications and networking components and information technology security. • Significant experience with computer hardware, software, operating systems, mobile devices, and supporting Microsoft Office 365. • Advanced knowledge of Active Directory (AD), Intrusion Detection, Security Policies / GPOs, Operating System (OS) hardening, Identity Management concepts, systems patching, backup
systems, Cloud Technology, and device authentication a plus. • Security +, CISSP, CISM, or equivalent certifications. Experience configuring, maintaining, and using Nessus, KACE, Splunk, CyberArk, Forcepoint, Apex One, and other security tools. • Advanced knowledge of Microsoft 365 principles and practices for an enterprise production environment. • Candidate should be working towards or have achieved one or more of the following certifications: CISA, CISM, CISSP, CCSP, GIAC-GSEC, GIAC-GISF, CompTIA Security+, Network+, CEH (Certified Ethical Hacker). • Experience using PowerShell code to automate processes, create efficiencies, or integrate systems is a plus. • Experience with recent versions of software including Windows Server 2022 Standard Edition, Microsoft Active Directory, Windows 10/11, Office 365, Outlook. The successful applicant will also possess: • Excellent customer service skills and the ability to interact tactfully and courteously with a diverse range of people. • Strong problem-solving skills with a keen attention to detail. • Strong verbal and written communication skills, including structured writing for documentation, policies, and compliance. • Demonstrated eagerness to learn, take on new challenges, and show initiative. • Strong organizational skills with the ability to manage multiple assignments with frequent interruptions. • Excellent collaboration skills with IT and other court staff. • Ability to maintain confidentiality and exercise sound judgment. • Professional demeanor and strong work ethic. • Excellent computer skills with proficiency in various programs and applications. • Capacity to understand complex technical concepts, intellectual honesty, and independent thinking. • Outstanding leadership qualities, including mature judgment, self-motivation, results-driven attitude, detail orientation, and organization. CONDITIONS OF EMPLOYMENT: All application information is subject to verification. Appointment to this position is provisional, contingent upon a fingerprint and criminal background check. Employees of the judiciary are "at-will" employees. Judiciary employees are required to adhere to the Code of Conduct for Judicial Employees. Applicants must be citizens of the United States of America or be eligible to work in the United States. BENEFITS: The United States Bankruptcy Court is part of the judicial branch of the United States government. Court employees are not included in the government's Civil Service classification. They are, however, entitled to the following benefits: paid vacation, paid holidays, sick leave, choice of health plans, federal employees retirement system, life insurance, flexible spending accounts (health and dependent care), long term care options, and the Thrift Savings Plan (the federal government's 401K plan). This position is subject to mandatory direct deposit for payment of net pay.
APPLICATION PROCEDURE:
Qualified persons should submit: 1) Application for Judicial Branch Federal Employment (AO- 78), 2) a resume, and 3) cover letter to the address. Application form AO-78 is available via the US Court's website: Application for Judicial Branch Federal Employment | United States Courts (uscourts.gov)
United States Bankruptcy Court Attn: Jon Willardson, Human Resources Manager 301 Frank E. Moss Courthouse 350 So. Main St. Salt Lake City, Utah 84101
Incomplete applications will not be considered. Only qualified applicants will be considered for this position, and only those candidates selected for an interview will be contacted. ABOUT THE COURT: The United States Bankruptcy Court for the District of Utah is comprised of three full-time bankruptcy judges and one full-time recall bankruptcy judge, that serve the entire state of Utah. The clerk's office, located in Salt Lake City, provides clerical and administrative support for the Court, which conducts hearings in Salt Lake City, and St. George.