Cyber Security Administrator

Description

Cyber Security Administrator

The City is seeking a Cyber Administrator who is responsible for monitoring, triaging, and investigating security alerts that impact our environment. This role focuses on operational security functions, including incident investigation, security tooling administration and hands-on support for implementing and maintaining security controls. The Cyber Administrator works closely with the Cyber Architect, Network and Infrastructure Managers to strengthen the City’s overall security posture while promoting cybersecurity as a collaborative and business-enabling function.

Examples of Duties

Under administrative direction, oversees, manages, and prioritizes assigned departmental activities. Monitor operating budget and preparation of same. Develop and implement strategic goals for operational efficiency and increased productivity. Establish key performance indicators (KPI), quantitative and qualitative metrics, guidelines and standards to evaluate efficiency and effectiveness, and identify opportunities for improvement. Plan, organize and direct day-to-day operations and programs. Plan, monitor and analyze metrics for to ensure timely completion of established goals and objectives. Performs other related duties as required.

Minimum Qualifications

Bachelor’s Degree in Business Administration, Public Administration, Economics, Urban Studies or related field of study is required. Six years of full-time paid experience in a leadership role in related field is required; three of those years must involve development, implementation and/or management of programs and services. Demonstrated organization, communication, and leadership skills through progressively responsible roles, culminating in a senior leadership role. Experience in developing strategies and plans. Knowledgeable of organizational functions and principles, including but not limited to, human resources management, finance, customer service, production. (Substitution: Two years of any equivalent combination of education, training and experience may substitute for each year of college education lacking.) Valid State of Ohio Driver’s License required.

Supplemental Information

Additional Duties and Task

Security Operations and Monitoring

• Monitor security alerts from SIEM, EDR, email security, cloud platforms and other security tools
• Investigate suspicious activity by collecting evidence, analyzing logs, and escalating incidents as needed
• Document investigation notes, timelines, and outcomes for all security events
• Tune alerting rules and detection logic to improve efficiency and reduce noise
  
  

Incident Response Support

• Serve as the first responder for security incidents, ensuring timely triage and escalation
• Assist the lead Cyber Analyst during active investigations and coordinated response efforts
• Maintain and update incident response procedures, checklists and documentation
• Participate in tabletop exercises, lessons-learned reviews, and improvements to processes
  
  

Security Controls Administration

• Support deployment, configuration, and maintenance of security tools, including EDR, MDM, vulnerability scanners, and cloud security platforms
• Work with Network, Applications and Infrastructure teams to apply technical and administrative controls based on end user and regulatory requirements
• Help implement policies, standards, and procedures across endpoints, networks and cloud services
• Maintain inventories, dashboards, and reporting for security technologies
  
  

Preferred Qualifications

• Knowledge of Microsoft Defender (Cloud, Endpoint, O365 and Identity) and Microsoft Sentinel.
• Knowledge of Azure Identity and Access Management (IAM) and RBAC.
• Basic knowledge of network security including firewalls, VPNs, and network segmentation.
• Experience with security monitoring tools, SIEM platforms, or endpoint security solutions.
• Understanding of cloud security principles and Zero Trust architecture.
• Basic scripting knowledge such as PowerShell, Python, or Bash.
• Relevant certifications such as AZ-500, SC-200, SC-300, AZ-900, Security+, CISSP, or equivalent preferred.
  
  

The City's guiding principles are as follows: Placing Clevelanders at the Center, EmpoweringEmployees to Do Purposeful Work, Defining Clear and Pragmatic Objectives, Leading with Trust and Transparency, Striving for Equity in All We Do, and Embracing Change. All City employees are responsible for embracing and carrying out these principles in all that they do.