IT Security Specialist I - Full-Time - $55,000 - $62,000 Annually
Are you looking to be part of an innovative team of professionals dedicated to telling South Carolina's diverse stories? As the storytellers of South Carolina, the South Carolina State Museum (SCSM) strives to share the rich natural, technological and cultural diversity of the state through its permanent collections, programs, exhibitions and digital content. The SCSM is the largest museum in South Carolina, stewarding over 1.1 million objects and specimens and welcoming 5 million+ visitors over its 36-year history. The museum has recently embarked on a renovation of 150,000 square feet of its exhibition, programmatic and collection storage spaces occupying four floors of a historic 1890s textile mill on the National Register of Historic Places. Come be a part of our team reimagining what the South Carolina State Museum can be for our next generation of visitors, students, and scholars, and enjoy living in South Carolina's capital city, recently ranked the 7th most affordable city in America by the Wallstreet Journal/Realtor.com.
JOB OVERVIEW
The Information Technology Security Specialist drives and promotes all aspects of information security at the museum. Collaborates with the IT Manager to recommend updates and configurations of networks, servers, software, and hardware, as well as manages user accounts, enforces policies, provides training, oversees privilege management, and supports incident response efforts. Regular auditing, both internal and external, and enforcement of policies required by the state Department of Information Technology. Working as part of the IT department, the Security Specialist will work with museum department heads to optimize security and operational effectiveness, to best meet the needs of the museum.
POSITION RESPONSIBILITIES
- Design, develop, and implement the agency's cybersecurity program. Create and continuously update agency cybersecurity policies, standards, and procedures to protect IT systems, networks, and data. Ensure all policies, standards, and procedures align the SC Department of Administration's Division of Information Security (DIS) and Enterprise Privacy Office (EPO)
- Oversee continuous monitoring of systems to identify, respond to, and mitigate security incidents while administering and optimizing security technologies, including firewalls, intrusion detection systems, endpoint protection, and encryption tools, to ensure timely resolution and minimal impact.
- Develop and execute incident response and disaster recovery plans to ensure business continuity during and after security events. Conduct yearly required testing and planning.
- Act as the Agency Privacy liaison. Develop the Privacy program and conduct Privacy impact assessments, assist in performing data inventory and classification activities and serve as the lead on Privacy incident response.
- Serve as secondary backup for IT Manager and provide basic IT support for routine tasks and troubleshooting.
- Other Duties as assigned
MINIMUM AND ADDITIONAL REQUIREMENTS
- Bachelor's degree in information technology systems, computer science, or a related field. Relevant experience may be substituted for the bachelor's degree on a year-for-year basis.
- Experience in the information technology field to include experience in a security-focused role.
- Must be capable of physically accessing all areas of the museum facility to include climbing ladders and stairs, working in enclosed spaces, lifting and carrying up to 40Ibs., using hand tools required for various installations/repairs, and be color sighted.
ADDITIONAL COMMENTS
- Knowledge of system and network security for common operating systems and local area networks.
- Familiarity with security tools and technologies to deploy, manage, measure and audit system and network security.
- Basic understanding of application, hosted service, and cloud security principles.
- Ability to contribute to the development of detailed technical documentation on security processes and procedures.
- Basic analytical and problem-solving skills.
- Basic knowledge and understanding of information risks concepts and principles as a means of relating business needs and security controls.
- Ability to communicate with audiences with varying levels of technical knowledge
