• Cybersecurity Specialist 2 (Gets)

    State of Georgia (Fulton County, GA)


    Cybersecurity Specialist 2 (GETS)

    Georgia - Fulton - Atlanta (https://ga.referrals.selectminds.com/jobs/72996/other-jobs-matching/location-only)

     

    New Hot

     

     

    Cyber Security

     

     

    Technology Authority, Georgia - GTA

     

      

    6 hours ago Post Date

     

    Apply for Job Share this Job Sign Up for Job Alerts

     

    Start your career in public service – JOIN OUR TEAM

     

    Georgia Technology Authority (GTA) a Great Place to Work® certified!

     

    The Georgia Technology Authority (GTA) is currently seeking a Cybersecurity Specialist 2 – in the Office of Information Security.

     

    The Georgia Technology Authority (GTA) currently manages the delivery of IT infrastructure services to 89 Executive Branch agencies and managed network services to more than 1,200 state and local government entities. IT infrastructure services encompass mainframes, servers, service desk, end user computing, disaster recovery and security. Managed network services include the state’s wide and local area networks, voice, cable and wiring, and conferencing services.

     

    Want to know more about our AWARD-WINNING Authority visit: https://gta.georgia.gov/

    JOB SUMMARY:

    The GETS Cybersecurity Specialist 2 serves within the Georgia Enterprise Technology Services (GETS) Program, reporting to the Office of Information Security (OIS) and working under the direction of the GETS Security Program Office Director. This role is responsible for supporting statewide security, risk, and compliance initiatives across the GETS environment in close collaboration with service tower providers, agencies, and the Multi-Sourcing Service Integrator (MSI).

     

    The specialist will assist in coordinating and implementing cybersecurity policies, procedures, and risk management standards, ensuring alignment with operational service delivery. This includes supporting governance functions and cross-functional security efforts related to system operations within the GETS framework.

     

    This position will report directly to the GETS Security Program Office Director.

    RESPONSIBILITIES:

    Assists with overseeing the security, risk, and compliance services with Service Tower Providers in the development and implementation of programs, initiatives, security standards and practices to meet strategic risk management and security goals and objectives

    Assists with the management of all enterprise security related projects/issues of high complexity that requires in-depth knowledge across multiple technical areas and business functions

    Assists with the ensuring efficient service delivery of security services of GTA and GTA Customers technical environments, including assistance with oversight responsibility for the managed services being delivered by service providers and to ensure efficient execution of all IT processes and meeting of service level requirements for the technical environment

    Assists with evaluation and recommendation of risk and security mitigation strategies, techniques, and practices

    Assist with the development of work methods and procedures to strengthen security measures and improve effectiveness and increase efficiency of the overall processes

    Assist with ensuring that our Service Tower Providers serves as a security subject matter expert in the areas of strategic risk management, cybersecurity, and risk mitigation. Responsibilities include, managing, providing direction and oversight of Service Tower Providers and the Multi Services Integrator.

    + Assist with continuous monitoring, assessing, and reviews of the environment to safeguard resources and information assets across the GETS security program

    + Advises GETS security management on technology, information system policy matters, and maintains continuous lines of communication by keeping the GETS Security program Director, Office of Information Security leadership, and agency ISOs informed of all critical information security issues.

    + Serves as the Enterprise Security Expert in the areas of strategic risk management, Cyber security, and risk mitigation. Responsibilities include, building relationships across the service tower providers and providing direction and oversight of Service Tower Providers

    + Responsible for privilege access management process and activities regarding PAM for the GETS security program.

    + Serve as the main point of contact for all Firewall governance reviews and tasks.

     

    Responsible for review of monthly security reports provided to GETS Security Director by the Service tower providers.

    The expected attainments through the Oversight, Integrator, Service Tower Provider, and GTA Customers dynamic includes:

    + Assists with the EGRC functionality and process improvement around risk management for the GETS Security program

    + Assists in the development and adoption of the principles, policies, standards and procedures of an enterprise information security governance and compliance strategy for GETS

    + Assist the GETS Security Office Director in the oversight activities of vendor security management for GETS vendors according to prescribed GTA standards

    + Monitors and maintains GETS Security Messaging queues for the necessary security approvals

    + Provide updates and/or escalations to GETS Security Director regarding audit performance and findings

    Assists with driving remediation efforts with the Service Tower Providers risk mitigation efforts

    Assess Service Tower Providers and agencies to help measure and monitor compliance with policies and procedures

    Assists in internal and external client audits as it relates to IT security and compliance

    Assists with third-party IT assessments

    Assists in the development and implementation of information security programs relating to risk mitigation, security awareness and education, incident response, network and computer forensics, policy development, risk assessment, vulnerability scanning, trend analysis, certification and accreditation

    Reviews and provides improvements to existing processes, standards, risk, and security strategies related to information security management for GETS

    Provides guidance to project teams to help them comply with enterprise and IT security policies, industry regulations and best practices

    Identifies risk areas and implements methods for auditing and resolving non-compliance to information security standards

    Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks

    Assists in the management of complex security issues, techniques, and implications across multiple environments

    Supports GETS Security Program Director in all activities related to the planning of information security management strategies, goals, and objectives

    Analyzes current trends and developments in the statewide environment to recommend strategies, actions and technologies to maintain a competitive advantage for an effective, efficient security posture

    Assists the GETS Security Office Director in the planning and implementation of security management initiatives for the GETS security program

    Acts as point of contact to agency customers to provide guidance on information security management issues

    Maintains relationships with agency information security and IT personnel, communicates office goals and objectives to internal and external stakeholders, and solicits feedback

    Performs other duties as assigned.

    CORE Competencies

    Ability to identify and drive decisions by appropriately escalating security issues

    Ability to assist others to achieve results

    Ability to adapt and be flexible in a dynamic and complex environment

    Ability to troubleshoot issues and problems, determining the root cause and identifying a resolution quickly

    Ability to use situational thinking – utilizing analytical, creative, implicative, strategic and tactical thinking techniques based on the scenario

    Proficiency in establishing project management processes

    Strong, oral and written communication skills with ability to understand technology sufficiently to clearly communicate the complexity in simple terms for key stakeholders

    AGENCY SPECIFIC QUALIFICATIONS:

    Minimum Qualifications:

    Bachelor’s degree in Information Security, Information Assurance, Computer Science, Information Systems, Information Technology, or a related field AND Three (3) years’ experience in information/cybersecurity, cybersecurity regulatory compliance, risk management which includes third party risk management, and cybersecurity program management AND Currently holds an entry level cyber certification per state guidelines or achieves within 12 months of start date: ((ISC)² Certified in Cybersecurity (CC), Security+, Network+, Microsoft SC-900 (Security, Compliance, and Identity Fundamentals), GISF*) Any GIAC certified entry level certification accepted.

     

    Note: An equivalent combination of education and job-specific experience that provided the knowledge, experience, and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis.

    Preferred Qualifications:

    (Preference will be given to candidates who demonstrate some or all the following skills/experience):

    Understanding of vulnerability management, incident response, Security Operations Center ( SOC) operations, Security Information and Event Management (SIEM) systems, and automation tools.

    Proficiency with Enterprise GRC platforms (e.g., ServiceNow) and ability to adapt risk methodologies and frameworks to business needs.

    Knowledge with various cybersecurity best practices, frameworks, and regulations such as: NIST Special Publications documents (SP 800-30, 800-37, 800-50, 800-53A, 800-53, 800-60, 800-61, 800-63, 800-64, 800-88, and 800-171), NIST FIPS (FIPS-199, 200, 140-2, 140-3), FedRAMP, IT Security frameworks - (NIST Special Pubs 800 Series, NIST Cybersecurity Framework, ISO 27000 Series), CIS CSC, and regulations (FISMA, HIPAA, CJIS, SSA, PCI-DSS, and FTI).

    Understanding of Governance, Risk, and Compliance (GRC); Security Operations Center (SOC); Security Information and Event Management (SIEM) systems and automation platforms

    Experience in project management a plus

    Knowledge of identity management platforms (Okta, MSAAD, SailPoint, etc.)

    Working knowledge of cloud platforms (i.e. AWS, Azure, Google) and enterprise network solutions, delivery technologies, and engineered network security solutions

    Familiarity with Identity and Privileged Access Management (IAM/PAM), and security practices for AI technologies.

    Professional Certification in one or more: CISSP, CISM, GSEC, CISA, CRISC, CGEIT, CAP, CASP+. A master’s degree in Information Security, Information Assurance, Computer Science, Information Systems, or Information Technology will substitute for one certification.

    COMPENSATION/WORKER TYPE/ADDITIONAL DETAILS:

    Hiring Salary: *$82,761.00

    Worker Type: Hybrid – State of Georgia Remote Work Option

    *Current Georgia state government employees will be subject to SPB rule provisions.

     

    EARN MORE THAN A SALARY! In addition to a competitive salary, the Georgia Technology Authority offers a generous benefits package, which includes employee retirement plan; paid holidays annually; vacation and sick leave; health, dental, vision, legal, disability, accidental death and dismemberment, health and childcare spending account; in addition to telework opportunities depending upon position. More information on Benefits: https://team.georgia.gov/my-benefits/

     

    Due to the volume of applications received, we are unable to provide information on application status by phone or e-mail. All qualified applicants will be considered but may not necessarily receive an interview. Selected applicants will be contacted by the hiring agency for next steps in the selection process. Applicants who are not selected will not receive notification.

     

    Georgia Technology Authority does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.

     

    Bachelor's degree in Computer Science/Information Technology/Information Security or related field or equivalent experience and three (3) years of proven experience and demonstrated success in technology leadership with emphasis on information security and data governance and currently holds an intermediate cyber certification per state guidelines or achieves within 12 months of start date: (CCNA, CCNA-S, C)ISRM, CISM, CASP, GCIH, GCED, CEH) and Must hold or be able to qualify for a US Department of Homeland Security (DHS) clearance.

     

    Additional Information

     

    + Agency Logo:

    + Requisition ID: CYB000Y

    + Number of Openings: 1

    + Advertised Salary: $82,761

    + Shift: Day Job

    + Posting End Date: Oct 21, 2025