Information Security Platform Administrator

SCOPE OF WORK

The resource(s) shall be responsible for the following :

1. The purpose of this position is to serve at the primary technical support lead that actively participates

in the planning and design, installation, administration, operations, and day-to-day daily activities of

multiple SAAS platforms as noted in the offeror & resource qualifications section. This position will

ensure stable, scalable, redundant, and secure information security technical operations. This person

will serve as the systems matter expert and be the primary support contact for the Information

Security Team. This position will open support calls as needed to troubleshoot and resolve issues as

needed.

2. This position will engage directly with Information Security and Judiciary Information Systems staff

members to oversee and provide daily support activity functions in support of Information Security

business processes, to provide configuration and operational support across platforms, and to

enhance our operational activity with the administration of technical activities on these platforms.

3. Primary job duties and responsibilities include working with Information Security platforms to, test

and deploy services, build out functionality and automation to improve business operations and

streamline workflow processes. This position will be responsible for system performance

monitoring, troubleshooting, and creating process and procedure documentation in support of JIS'

statewide security operations.

4. Additional job functions may include light project management, audit support and reporting.

5. This position will lead, schedule, coordinate and provide guidance in the activities with the

Information Security Team, other JIS teams, and vendors to support information security operations,

business process development, risk management framework, identity and access management, user

attestations, disaster recovery planning, business continuity planning, audit response, and governance

in a timely and accurate fashion.

6. Ability to deploy, configure, administer, and create customizations and improvements of the SAAS

software to meet the business needs of the Information Security department.

7. To develop new process, procedures, and workflows to improve security operations.

8. To provide problem determination and resolution through the analysis and diagnostics of a wide

variety of problems, failures, software configuration problems, security issues, performance

problems, and unsolved problems reported internally or by other groups.

9. Generate regular status reports, and generate technical and procedural documents upon request, that

may include project progress reporting, meeting key milestones, and showcasing tasks accomplished,

etc. Host weekly status meetings / calls with team or on as needed basis.

10. This position will provide Information Security staff training on all areas of the platforms supported.

SKILLS, EXPERIENCE, & CAPABILITIES

The resource(s) possessing the following mid to expert level preferred skills,

experience, and capabilities :

a. Ten (10) years of relevant IT work experience with at least five (5) years of experience in

the information security and SaaS management and administration field.

b. Two (years) experience with hands on design, implementation, application customization

and support experience with SaaS platforms.

c. Proficient with information security platforms in an enterprise environment.

d. Experience with SailPoint, CyberArk, Microsoft Purview and Archer with the ability to learn

other platforms as required.

e. Specific proficiency with the following :

(1) SailPoint

i Build application specific user attestations.

ii Provide role-based access to individual system attestations.

iii Ability to work with System Owners to build custom user attestation

requirements.

iv Provide training to the users of the system.

(2) CyberArk

i Privileged Cloud

ii Remote Access

iii User Account Management

(3) Microsoft Purview (Security & Compliance)

i Data Loss Protection

ii Information Protection

• Labeling and Encryption
• Data Categorization and Classification

iii Insider Risk Management

iv Defender XDR

(4) Archer

i Risk Assessments

ii Risk Mapping to NIST and Security Policies

iii Risk Acceptance

iv Risk Register

v Risk Tracker

vi Risk Task Automation

vii Business Continuity

viii Security Incident Reporting

f. Excellent communication, interpersonal and team skills.

g. Ability to present technical information for knowledge transfer and training purposes.

h. Ability to establish and maintain effective working relationships with peers, end users and

vendor development staff, as well as all levels of management and judicial personnel as

necessary.

i. Ability to troubleshoot application specific problems and open support tickets as needed to

address systems functionality issues.