Agency Information Security Professional 2

Join to apply for the Agency Information Security Professional 2 role at Ohio Department of Education and Workforce

20 hours ago Be among the first 25 applicants

Join to apply for the Agency Information Security Professional 2 role at Ohio Department of Education and Workforce

Get AI-powered advice on this job and more exclusive features.

The Ohio Department of Education and Workforce is seeking an experienced information security professional to help us expand, improve, and secure the applications and services we provide to our workforce and to schools and families.

Information Technology Office

The Information Technology Office (ITO) provides technology services to Ohio’s schools and districts, students and families, and the agency workforce. By joining our team, you will become a contributor to some of the most important services in the Ohio K-12 education system. We create and maintain the systems that fund schools and districts, provide school choice opportunities and scholarships to parents, help students obtain college credit while still in high school, and much more. Your work can directly impact the education of Ohio’s children!

What You’ll Do

The primary role of the Agency Information Security Professional is to ensure that the agency’s applications and services, both internal and public facing, are secure from exploitation, fraud, and intrusion. The successful candidate will have a growth mindset to help the agency balance the risks of new and fast-changing technology with the exciting opportunities it creates. Excellent communication skills are a must to enable team collaboration and information sharing with the CIO, other IT leaders, and the state enterprise information security team.

Key Responsibilities Include

• Serve as the agency’s information security and privacy subject matter expert
• Manage incident response activities, including maintaining and proactively testing the plan and playbooks
• Configure, monitor, and support enterprise security tools
• Maintain and enforce security policies and procedures
• Review vendor contracts, terms, etc. to ensure alignment to agency and state requirements
  
  

Key tools in use today that the successful candidate will use include Qualys, CrowdStrike, BlueCoat, and Azure Advisor. Tools related to security used by other IT teams include Github Advanced Security and SonarQube for app developers, and SCCM and InTune by IT Operations.

For more details, see the complete position description below.

Complete Position Description

Primary Technology: Security Monitoring

Secondary Technology: Security Software and Hardware

Monitor and ensure cybersecurity posture for the agency. (50%)

• Acts as the agency’s primary administrator for state enterprise security tools (e.g. Qualys, Crowdstrike, BlueCoat, Azure Advisor), including establishing access levels for and monitoring use by other agency personnel.
• Review user authorization reports, vulnerability management reports, and/or other security reports and logs from state enterprise and/or agency tools. Identify significant gaps. Develop and coordinate remediation efforts with other IT teams.
• Conduct and administer security tests (e.g. tabletop exercises, penetration tests, backup/restore, resiliency and failover, scheduled scans).
• Participate in and/or coordinate risk assessments. Coordinate remediation efforts for IT risks.
• Maintain the agency Incident Response Plan. Design new and update existing incident response playbooks with other IT teams.
• Assist other IT teams (developers, IT operations, DBAs, data professionals) in analyzing, identifying, and implementing the security requirements for new systems.
• Develop and review authorization and assurance documents, including privacy impact assessments, to confirm acceptable risk for software applications and systems.
• Provide guidance to agency development staff on best practices on coding and using state enterprise tools to create secure code.
• Evaluate requests for security exceptions. Submit and coordinate exception requests with the state enterprise security office.
  
  

Act as the security and privacy subject matter expert. (30%)

• Develops, maintains, and enforces information security and privacy policies and procedures for the agency. Monitor changes in state enterprise policy that impacts agency security or privacy policy.
• Review vendor contracts, terms of service, security documents, and other resources during product/service procurement and/or proposal review to determine alignment to state and agency security requirements.
• Participate in state enterprise security and privacy workgroups, conferences, or other collaboratives.
• Liaisons with the state enterprise security office.
  
  

Manage incident response activities. (10%)

• Performs triage of potential security incidents to determining scope, urgency, potential impact, summarizing findings, and recommending whether an incident should be declared.
• Coordinate incident response activities according to the agency’s Incident Response Plan and playbooks.
• Facilitate communications with agency leadership, state enterprise security, and others according to the Plan.
• Collects and analyzes evidence and artifacts (e.g., equipment, logs, files, source code, malware, trojans) as needed for state enterprise security, Legal, or others. Documents original condition of digital &/or associated evidence. Ensures chain of custody is followed.
  
  

Professional Development (5%)

With the supervisor, creates and follows a professional development plan.

Maintains and updates job related skills using available resources, including (but not limited to) online training provided by the agency and partner agencies or companies; relevant books, articles, webinars, forums, and conferences; or other resources deemed appropriate by the supervisor.

Shares acquired knowledge with peers and co-workers, in both informal (one-on-one, team meetings) and structured settings (trainings, mentorships, etc.) as appropriate. Plans and conducts knowledge transfer activities for peers and/or co-workers via verbal instruction, technical documentation, presentations, or other means.

Other duties as assigned. (5%)

The work location of this position is 25 South Front Street, Columbus, Ohio 43215. You will be required to report to this work location full-time, if selected.

48 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.

• Or completion of associate core program in computer science; 30 mos. trg. or 30 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
• Or completion of undergraduate core program in computer science; 24 mos. trg. or 24 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
• Or completion of graduate core program in computer science; 12 mos. trg. or 12 mos. exp. in computer data security either through monitoring system/network traffic for anomalous activity, systems development or controlling accessibility of data.
• Or 12 mos. exp. as Agency Information Security Professional 1, 69991.
• Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skill: Cybersecurity
  
  

Organization

Education and Workforce

Agency Contact Name and Information

Simmone Johnson simmone.johnson@education.ohio.gov

Unposting Date

Jul 2, 2025, 11:59:00 PM

Work Location

25 South Front Street

Primary Location

United States of America-OHIO-Franklin County-Columbus

Compensation

$38.84-$57.13

Schedule

Full-time

Classified Indicator

Classified

Union

OCSEA

Primary Job Skill

Cybersecurity

Technical Skills

Cybersecurity

Professional Skills

Analyzation, Innovation, Responsiveness

Primary Technology

Security Monitoring

Agency Overview

About Us:

The Ohio Department of Education and Workforce is a diverse team of passionate, education-focused professionals responsible for overseeing and enhancing the quality of education for each of Ohio’s 1.7 million students. The Department provides the resources and supports essential to raising student achievement and accelerating learning opportunities, advancing the connectivity between K-12 and postsecondary learning, creating programs to support and expand workforce experiences, and ensuring students have the necessary supports to be ready each day to learn.

As the governing body responsible for overseeing and enhancing the quality of education within the State of Ohio, the Department of Education and Workforce is dedicated to promoting educational excellence and ensuring equal access to learning opportunities for all students. The Department is committed to collaborating with schools, districts, educators, students, families, businesses, nonprofits and all stakeholders to achieve our educational goals.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Other
• Industries
  Government Administration

Referrals increase your chances of interviewing at Ohio Department of Education and Workforce by 2x

Get notified about new Information Security Specialist jobs in Columbus, OH.

Columbus, Ohio Metropolitan Area 19 hours ago

Dublin, OH $69,000.00-$117,000.00 1 day ago

Columbus, OH $90,000.00-$100,000.00 1 week ago

Whitehall, OH $67,600.00-$122,200.00 2 days ago

Columbus, OH $120,000.00-$130,000.00 1 month ago

Columbus, OH $135,000.00-$135,000.00 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.