Information Technology Specialist 5 - Endpoint Detection and Response (EDR) Specialist

Full Job Description

Only applicants who meet the Minimum Qualification Requirements and meet all selective requirements (listed below) will be placed on the eligible list.

The Department of Management (DOM), Division of Information Technology (DoIT) is seeking an Information Technology Specialist 5 - Endpoint Detection and Response (EDR) Specialist to join our team!

This role will be crucial in implementing, managing, and monitoring the EDR system across all State of Iowa agencies, counties, and school districts.

The EDR Specialist will conduct technical assessments, ensure endpoint protection, collaborate with stakeholders, and engage with customers to maintain compliance and system efficiency.

This position will also support the Security Operation Center (SOC) in incident response and provide backup for other security operation systems.

What You Will Do

• Lead the EDR team, host team standup meetings, and manage EDR workflow.
• Implement, manage, and monitor the EDR system for the Information Security Bureau (ISB).
• Conduct technical assessments of information systems using provided tools and services.
• Ensure endpoint protection from malware, indicators of compromises, and attacks.
• Collaborate with the DOM DoIT governance, risk, and compliance group for incident response.
• Review organizational vulnerabilities and provide guidance for stakeholders.
• Develop and implement best practices for enhanced service effectiveness.
• Provide regular reports on system effectiveness and non-compliance.
• Support the SOC in incident response and provide backup for other security operation systems.

What We Are Seeking

• Extensive knowledge of managing the CrowdStrike Falcon platform.
• Experience leading technical teams and managing cybersecurity workflows.
• Strong knowledge of EDR systems and endpoint protection strategies.
• Familiarity with incident response and SOC operations.
• Ability to analyze vulnerabilities and implement security best practices.
• Excellent communication skills for working with diverse stakeholders.
• Note: to ensure your application passes initial candidate screening, your application materials should clearly reflect how you meet the listed Minimum Qualifications.

What We Offer

• Flexible work environment
• Iowa Public Employees' Retirement System (IPERS)
• Health, dental, and vision insurance
• Generous vacation, sick leave, and paid holidays
• Life and disability insurance
• Retirement savings options (RIC)
• Flexible Spending Accounts

Why Work with Us?

At the Iowa Department of Management (DOM), we help government agencies across the state perform at their best by managing financial resources, technology, and information.

Our mission is rooted in service—we provide efficient, innovative, and strategic solutions that empower agencies to fulfill their goals.

We’re guided by four core values:

• Integrity?– We act with honesty and accountability.
• Teamwork?– We collaborate to achieve shared success.
• Service?– We are committed to excellence in public service.
• Partnership?– We build strong relationships to drive results.

Working Arrangement

This position requires onsite work in Des Moines, IA each week.?Employees meeting all expectations of their work responsibilities may request remote work and develop a hybrid/remote schedule collaboratively with their manager.

Please note, candidates for this position must reside in the state of Iowa at the time of starting the role.

Background Check Requirements

• After a conditional offer of employment has been made, and as the final step in the hiring process, candidates for this position will be subject to a background investigation, which may include but may not be limited to a verification of a candidate’s education, previous employment/work history, contact of personal references, motor vehicle records, and a criminal history check (including through Federal, State, or Local criminal justice agencies).
• Information gathered as part of such background investigation will be treated as confidential to the extent permitted by Iowa Code section 22.7, 8B.4A, and other applicable laws, rules, and regulations; provided that, to the extent permitted by applicable law, such information shall be available to candidates upon request.

E-Verify and Right to Work

The State of Iowa participates in E-Verify, a federal program that helps employers confirm the employment eligibility of all newly hired employees.

Within the required timeframe, new hires will be verified through the E-Verify system to ensure authorization to work in the United States.

The State of Iowa also complies with the Federal Right to Work laws, which protect employees’ rights to work without being required to join a labor organization.

For more information, please visit www.e-verify.gov.

Requirements

990 Cyber Security Planning:
A minimum of 18 months of full-time work experience in cyber security planning at a professional level that included the following major functions: participating in and leading a company-/agency-wide cyber security planning program including the identification of cyber security risks, development of prevention and response plans to minimize cyber-attack damages including mass care and consequences management, and the development of continuation of business operation plans; participating in national cyber security planning initiatives and exercises; responding to and participating in the recovery work from cyber security incidents; and working across governments, private sectors, and non-profit organizations collaboratively on cyber security planning activities and plans for response.

AND

714 Vulnerability Testing:
6 months experience, 12 semester hours, or a combination of both in assessing and analyzing information technology systems for weaknesses and misconfigurations. Product knowledge may be in the following:

• Nessus
• ISS
• SATAN
• SAINT
• Whisker
• Nmap
• Etheral
• tcpdump

AND

717 Security Administration:
6 months experience, 12 semester hours, or a combination of both in building and maintaining skillset and knowledge base for security issues that impact information technology systems. Applicants may refer to themselves as Security Administrator. System Administrator is not the same.

Qualifications

Applicants must meet at least one of the following minimum requirements to qualify for positions in this job classification:

**Note: To pass the initial screening, applicants must demonstrate the technical skills listed below:

1) Graduation from an accredited four-year college or university with a degree in any field, and experience equal to three years of full-time work in: operating a multi-job computer; installing, operating, and coordinating computer-based networks; installing/maintaining database management systems; developing business application processes; developing/operating system programs; installing/maintaining personal computers, Local Area Networks, and/or servers; managing operating systems; developing/delivering information management training; providing Information Technology (IT) customer service; designing/administering websites; or executing technology projects (e.g., systems analysis, requirements, design, development, and testing).

2) All of the following (a and b):

a.

Three years of full-time work experience in: operating a multi-job computer; installing, operating, and coordinating computer-based networks; installing/maintaining database management systems; developing business application processes; developing/operating system programs; installing/maintaining personal computers, Local Area Networks, and/or servers; managing operating systems; developing/delivering information management training; providing Information Technology (IT) customer service; designing/administering websites; or executing technology projects (e.g., systems analysis, requirements, design, development, and testing); and

b. A total of four years of education and/or full-time experience (as described in part a), where thirty semester hours of accredited college or university coursework in any field equals one year of full-time experience.

3) All of the following (a and b):

a.

Three years of full-time work experience in: operating a multi-job computer; installing, operating, and coordinating computer-based networks; installing/maintaining database management systems; developing business application processes; developing/operating system programs; installing/maintaining personal computers, Local Area Networks, and/or servers; managing operating systems; developing/delivering information management training; providing Information Technology (IT) customer service; designing/administering websites; or executing technology projects (e.g., systems analysis, requirements, design, development, and testing); and

b. Certification by an authorized educational institution/major computer or software producer in an area directly related to one of the computer specialty fields described in part a.

4) All of the following (a and b):

a.

Three years of full-time work experience in: operating a multi-job computer; installing, operating, and coordinating computer-based networks; installing/maintaining database management systems; developing business application processes; developing/operating system programs; installing/maintaining personal computers, Local Area Networks, and/or servers; managing operating systems; developing/delivering information management training; providing Information Technology (IT) customer service; designing/administering websites; or executing technology projects (e.g., systems analysis, requirements, design, development, and testing); and

b. Eighteen semester hours of accredited post-high-school coursework in one of the specialty fields described in part a.

5) Current, continuous experience in the state executive branch that includes six months of fulltime work as an Information Technology Specialist 4.

For additional information, please click on this link to view the job description.