Job Class Search
Job Details
IT Security Expert
The IT Security Expert is a specialized role that requires deep technical expertise in cybersecurity to design, implement, and maintain the most advanced and effective security measures for the State of Arkansas. This position requires proficiency in cybersecurity technologies, risk management, and incident response. The IT Security Expert provides high-level technical guidance and support to the state's security operations, including threat detection, vulnerability management, and security policy enforcement.
Class Code:
IIE04C
Job Grade:
IST10
Special Job Requirements:
Typical Functions:
The assignment of supervisory duties is determined by the hiring agency’s operational needs. Non-supervisory roles will serve as senior technical experts. Conduct detailed vulnerability assessments and penetration testing to identify potential security threats and weaknesses in the state’s infrastructure. Provide technical expertise in evaluating and implementing security tools, including firewalls, intrusion detection/prevention systems, and encryption technologies. Lead efforts to protect state data and systems from sophisticated cyberattacks, developing and applying advanced techniques for threat detection and mitigation. Act as a key member of the incident response team, responding to cybersecurity incidents, investigating breaches, and ensuring swift containment and resolution. Conduct forensic analysis of compromised systems and work with external agencies as needed to identify the source and impact of cyberattacks. Develop and refine incident response protocols to enhance the state’s preparedness for cybersecurity threats. Collaborate with other IT and cybersecurity teams to design and implement secure network architectures for state systems and applications. Review and recommend secure coding practices and system design principles to mitigate vulnerabilities. Contribute to the development and enforcement of IT security policies, ensuring adherence to state standards and regulations. Assist in maintaining compliance with industry regulations, including NIST, HIPAA, FISMA, and others, by conducting regular audits and assessments.
Knowledge, Abilities, and Skills:
Advanced threat detection and mitigation techniques, including malware analysis, firewalls, encryption, and intrusion detection. Incident response and digital forensics methodologies. Security frameworks such as NIST, CIS, ISO 27001, and FISMA. Programming and scripting languages, such as Python, PowerShell, or Bash for automation and security tasks. Advanced proficiency in security tools such as SIEM, antivirus, IDS/IPS, and vulnerability scanners. Strong analytical and troubleshooting skills for identifying and resolving complex security issues. Ability to work independently and manage multiple high-priority tasks. Ability to think critically and creatively to solve complex security challenges.
Minimum Qualifications:
Bachelor’s degree in Cybersecurity, Information Technology, or related field preferred. Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are preferred. At least six years of experience in information security, with a focus on advanced threat detection, incident response, and system security.
Required Certificates:
N/A OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE.
Exempt:
E