Information Technology Specialist (Information Systems Security Specialist)

Initial Posting Date:

04/02/2025

Application Deadline:

04/15/2025

Agency:

Judicial Department

Salary Range:

$8,349 - $12,953

Position Type:

Employee

Position Title:

Information Technology Specialist (Information Systems Security Specialist)

Job Description:

Interviews: will be scheduled within two weeks after the application deadline.

Benefits: The Oregon Judicial Department (OJD) provides a variety of employee benefits that includes health, dental, and vision coverage, and paid leave. Optional employee-paid benefits include life insurance, long- and short-term disability, long-term care, flexible spending accounts, and commuter benefits. New employees who are not already Public Employees Retirement System members will participate in the Oregon Public Service Retirement Plan (OPSRP) and the Individual Account Program (IAP) after six calendar months of employment in a qualifying position. The OPSRP plan can provide a lifetime pension after five years of service and the IAP is a separate investment account in addition to the pension. Employees also have an opportunity to participate in the Oregon Savings Growth Plan, a 457(b) deferred compensation retirement plan. For additional information on OJD employment benefits, visit here.

Position Highlights

The Enterprise Technology Services Division (ETSD) of the Office of the State Court Administrator (OSCA), part of OJD, is hiring an Information Systems Security Specialist (Information Technology Specialist) to join our team in Salem, Oregon.

In this role, you will protect the confidentiality, integrity, and availability of information across OJD’s enterprise-wide networks, systems, and applications through security management and compliance activities.

Essential Duties

• Develop, implement, and monitor strategic, comprehensive enterprise IT security and risk management functions across the OJD’s IT enterprise and cloud services.

• Develop and modify information security architecture standards for OJD data centers, networks, systems, and applications.

• Review, implement, and monitor patch management for OJD systems, applications, and networks.

• Develop and implement security methodology within the systems development life cycle.

• Review, analyze, manage, and communicate information security incidents as part of the Security Incident Response Team; recommend corrections and changes.

• Review vendor and contractor agreements and contracts, and provide confidentiality and security requirements recommendations.

• Conduct computer forensic analysis on OJD computers and systems to aid in investigations and security breaches; information obtained by this action is highly confidential.

• Review latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities and provide recommendations for IT security changes.

• Guide project teams on information security requirements and potential systems, networks, applications, and cloud services vulnerabilities.

• Investigate information security incidents and assist in public information requests through eDiscovery services and other available tools.

• Contribute to IT continuity and disaster recovery efforts.

• Work with OJD business partners to ensure secure information transfers and exchanges are performed as guided by OJD’s information security policies, standards, and procedures.

• Review, research, resolve, and respond to OJD help tickets for information security incidents, consultation, or ad hoc risk enterprise assessments.

• Develop, revise, implement, publish, and communicate information security policies, procedures, and standards.

• Provide training to OJD personnel on information security awareness through approved curriculum options.

• Respond to system requests for information about the OJD system.

• Guide project teams on information security risk assessment and management for OJD’s IT enterprise and cloud services.

• Scan and test OJD systems, networks, and applications for information security vulnerabilities.

• Design, develop, review, and report information security program metrics collected through compliance and risk assessments.

• Monitor networks, systems, and applications traffic for potential security breaches and information leakage.

• Mitigate risk through properly defined security requirements, risk assessments, and security testing.

• Manage OJD enterprise-wide anti-virus/anti-malware suite of reporting and protection tools.

• Provide risk assessments for application requests and international travel requests.

Part of your time will be spent supporting and maintaining IT security systems such as MFA solutions and SIEM products.

Assigned tasks may be changed to accommodate workload and organizational needs.    

Instructions for REQUIRED Cover Letter and Work History/Resume

This recruitment requires a cover letter and a complete work history that addresses the Requested Skills and Attributes. To be considered for this position, you must follow these instructions:

Cover Letter (REQUIRED)

• Prepare your cover letter before starting your Workday application.

• Attach your cover letter (not to exceed two pages) in the Resume/Cover Letter section of the application. Your cover letter and filename should include your name.

• Address the cover letter “To the Hiring Manager.”

• In the body of your cover letter, please include responses to all Requested Skills and Attributes listed below.

• In the body of your cover letter, please also address the following:

  • Please tell us why you believe organizations should adhere to CIS or NIST standards.

  • Describe your experience using advanced EDR tools and how you have used them to observe/detect a threat, evaluated the exposure it caused, and how you remediated the event.

  • Please describe your experience helping organizations recognize their IT system vulnerabilities and how you recommend addressing them.

  • Please describe your experience helping organizations secure cloud infrastructure.

• Do not use a generic cover letter; please personalize your cover letter for this position. We read every letter.

Work History/Resume (REQUIRED)

• Attach your updated resume in the Resume/Cover Letter section of the application. Your resume and filename should include your name.
  
  AND
   

• Complete the Job History/Work Experience portion of your Workday profile if you are not using an updated resume.

Failure to follow these instructions may result in rejection of your application. All application materials will be evaluated for consistency of information, and your letter will be evaluated for grammar, spelling, punctuation, and language use in addition to demonstrated experience.

The application deadline is 11:59 p.m. on the date listed above.

Minimum Qualifications

(These must be evident in your resume or work history.)

The qualified candidate must have a bachelor’s degree in computer science, information technology, management, public administration, or a related field.

AND
Four (4) years of technical experience in the duties and infrastructure support required for the position.

OR

Any combination of education and experience equivalent to eight (8) years of experience that typically supports the knowledge, skills, and abilities for the position.
 

Special Qualifications

(These must be verifiable.)

You must have a current driver’s license and an acceptable driving record.

Requested Skills and Attributes

(These must be addressed in your cover letter.)

• Experience developing and implementing cybersecurity methodology.

• Experience on cybersecurity response teams.

• Experience participating on an IT response team.

• Experience monitoring IT security vulnerabilities and risks across on-site and cloud-based networks.

• Experience performing risk assessment activities.

• Experience communicating complex security issues in a manner that end users can understand.

• Current certification in ISP, CISSP, CCSP, GSEC, Security+, or an equivalent.

• Strong knowledge of Zero Trust Principles.

• Expertise in application development security (devsec).

Working Conditions

• This is a full-time position, and the work schedule is currently 8:00 a.m. to 5:00 p.m. Monday through Friday, with occasional work outside these times. This position is FLSA-exempt and ineligible for overtime compensation for hours worked in excess of 40 per workweek. 

• As a member of the Security Incident Response Team, the person in this position is on call and carries an OJD-issued mobile phone.

• Travel to court locations throughout the state, including occasional overnight stays, is required. The person in this position will occasionally operate a motor vehicle provided through the Oregon Department of Administrative Services motor pool.

• The official work location for this position is in Salem, Oregon. Hybrid work may be available for this position. All hybrid work assignments begin, end, and change only with administrative authority approval. Onsite availability is required as needed for project management, task activities, and other necessary assignments as directed by management.

• This position plans, organizes, and prioritizes daily work demands in a limited time frame.

• Unless authorized by an immediate supervisor or administrative authority, this position does not share extremely sensitive and confidential information, graphic and disturbing images, recordings, and videos found through investigating information security issues.

• Frequent email, phone, and in-person contact with people from diverse backgrounds.

• Frequent email, phone, and in-person contact with people who are confused or frustrated.

• May lift or move objects that weigh up to 25 pounds.

• The following equipment will be used on a regular basis: telephone with optional headset, mobile devices, OJD-assigned computer with multiple monitors, computer peripherals and other desktop equipment, hand trucks, and ladders.

ADDITIONAL INFORMATION
Criminal Background Check
You will be subject to a criminal background check if you are a finalist. Adverse results are evaluated on a case-by-case basis and may result in disqualification if the circumstances are directly related to the duties and responsibilities of the position.

Reference Checks

By submitting your application to OJD, you consent to reference checks about your qualifications, your workplace performance, and your work product.

United States Employment Eligibility
OJD does not offer visa sponsorships. Within three days of hire, you will be required to complete the U.S. Department of Homeland Security’s I-9 form confirming authorization to work in the United States. OJD will use E-Verify to confirm that you are authorized to work in the United States.

Future Vacancies
Apply now if you are interested in this or future vacancies. This job announcement may be used to fill future vacancies in this class of work.

Veterans’ Preference
Eligible veterans who meet the qualifications will be given preference in the recruitment process. To receive preference, veterans must attach the appropriate documentation after they receive an email in their Workday inbox requesting the information to verify eligibility. The action item, asking veterans to attach their documentation, will arrive after they have submitted their initial application materials. Visit the Oregon job opportunities Veterans web page for additional details, information, and resources.

Conduct Expectations
Because of OJD's role in providing justice and upholding the rule of law, employees of the department are required to meet the highest standards of professional conduct and ethics while on the job, and also to maintain those same high standards when taking actions in their personal lives that could reflect on the department. As an employee, you will be expected to preserve the confidentiality of information received in the course of OJD employment.

Pay Equity
As an employer, OJD complies with Oregon’s pay equity law. Salary offers are made with consideration of the candidate’s education and experience. For more information on pay equity, click here.

Employee Benefits
Click here to access information specific to OJD employee benefits.

Public Service Loan Forgiveness

OJD is an eligible employer for the Public Service Loan Forgiveness program. To learn more about this program, and how to qualify, please click here.

Questions and Support

• If you require an alternate format to complete the application process, call 503-986-5930, or TTY: Oregon Relay Service 711 for the hearing impaired. Be prepared to describe the alternate format needed.

• Workday related information and resources are available here.

• For questions about a specific OJD job posting, call 503-986-5930 or email ojd.hrsd@ojd.state.or.us.

The Oregon Judicial Department embraces equal opportunity and affirmative action. We are committed to building a diverse team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.