9/13/24 Update re: Notice of Closure of Conejos County Courthouse

12/18/24: Holiday Closures Announced for Combined Courthouses and Probation Offices

Network Security Engineer

Job Title
Network Security Engineer
Job Code
R44035
Job Series
Network Security Engineer
FLSA Status
Exempt
OCC Group
Professional Services (PS)
Signature of the State Court Administrator approval available on file in the Human Resources Division.
General Statement Of Duties

The Network Security Engineer works to secure the Colorado Judicial Branch’s network infrastructure by configuring, testing, and optimizing networks, and assisting the Senior Network Security Engineer and Information Security Manager. Implements solutions to improve overall information security.

Distinguishing Factors

This position is distinguished from other information technology positions by the responsibility of providing technical leadership of security initiatives.  Position is within the Information Technology Services (ITS) division with a focus on information security. Employees in this position report to the Information Security Manager.

Essential Functions Of the Position

Participate in the planning and design of enterprise network security architecture. 

Work collaboratively with the Information Security Manager in designing and implementing all security related functions for the Judicial network.  This includes backup systems and procedures and disaster recovery plans and tests. Cisco Firewall and IPS/IDS proficiency is required.

Assists in monitoring functions of all devices within the Judicial network to ensure proper network security and configuration compliance.  Assists with troubleshooting and resolving network security events identified via SIEM. Therefore, SIEM knowledge is required.

Maintains up-to-date detailed knowledge of network security including awareness of new or revised security solutions, as well as the development of new attacks and threat vectors.

Assists the Information Security Manager in the design and execution of network vulnerability assessments, network penetration tests, and network security audits.

Individual in this position must be independent and proficient in all aspects of troubleshooting process, network security strategy and design.

Provides support to other ITS teams.

Acts as a resource to Judicial staff and when working with other state agencies and/or other organizational units.

Identifies, evaluates, and implements network hardware security, voice security, video security and data security solutions.

This position shares responsibilities with the Senior Network Engineer in a variety of different areas, including but not limited to: firewalls, routers, switches, VoIP, video applications, wireless, QoS, proxy, VPNs and access control systems.

Plans network configuration, deployment and hardening of F5 BIG-IP load balancers, Cisco Nexus switches and other Data Center network equipment.
Implements and manages Cisco ISE.

Assists with installation, maintenance and hardening of all network devices within the Judicial network.

Translate security policies, procedures, and standards into technical network architecture and/or configurations.

Attends meetings as required.

Performs other duties as related to information computer systems.

Supervisor Responsibilities

Responsible for one's own work product and may provide guidance, assistance, or mentorship to less knowledgeable or experienced coworkers, volunteers, or interns. This may include scheduling of work, instructing in work methods, and reviewing work products. May provide input into hiring, performance evaluation, and discipline/termination processes.

Minimum Education

A bachelor’s degree from an accredited college or university in computer science or a related field and four or more years’ experience directly working with Cisco firewalls is required. At least one of these security certifications is required: CCNP, CISSP, SSCP, CEH, GIAC, Security +, OSCP, CCNA.

OR

Experience may substitute for the required education on a year for year basis as follows: graduation from high school or equivalent and eight years working in computer-related areas; four years of the computer experience must be directly with Cisco firewalls.

Physical Demands

While performing the duties of this job, the employee is regularly required to talk and hear. The employee is frequently required to sit and reach with hands and arms and perform repetitive motions with wrists, hands, and fingers. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 50 pounds or more. Specific vision abilities required by this position include close vision, color vision, depth perception, ability to adjust and focus, and the ability to see clearly at 20 feet or more.

Work Environment

While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts, work in high precarious places and the risk of electrical shock. Frequently handles emergency or crisis situations and may be subject to varying and unpredictable situations and work hours. The employee is subject to frequent interruptions, multiple calls and inquiries, and may occasionally handle absentee replacement on short notice. The noise level in the work environment is usually moderate.