SCOPE OF WORK
The resource(s) shall be responsible for the following:
1. The purpose of this position is to serve at the primary technical support lead that actively participates
in the planning and design, installation, administration, operations, and day-to-day daily activities of
multiple SAAS platforms as noted in the offeror & resource qualifications section. This position will
ensure stable, scalable, redundant, and secure information security technical operations. This person
will serve as the systems matter expert and be the primary support contact for the Information
Security Team. This position will open support calls as needed to troubleshoot and resolve issues as
needed.
2. This position will engage directly with Information Security and Judiciary Information Systems staff
members to oversee and provide daily support activity functions in support of Information Security
business processes, to provide configuration and operational support across platforms, and to
enhance our operational activity with the administration of technical activities on these platforms.
3. Primary job duties and responsibilities include working with Information Security platforms to, test
and deploy services, build out functionality and automation to improve business operations and
streamline workflow processes. This position will be responsible for system performance
monitoring, troubleshooting, and creating process and procedure documentation in support of JIS'
statewide security operations.
4. Additional job functions may include light project management, audit support and reporting.
5. This position will lead, schedule, coordinate and provide guidance in the activities with the
Information Security Team, other JIS teams, and vendors to support information security operations,
business process development, risk management framework, identity and access management, user
attestations, disaster recovery planning, business continuity planning, audit response, and governance
in a timely and accurate fashion.
6. Ability to deploy, configure, administer, and create customizations and improvements of the SAAS
software to meet the business needs of the Information Security department.
7. To develop new process, procedures, and workflows to improve security operations.
8. To provide problem determination and resolution through the analysis and diagnostics of a wide
variety of problems, failures, software configuration problems, security issues, performance
problems, and unsolved problems reported internally or by other groups.
9. Generate regular status reports, and generate technical and procedural documents upon request, that
may include project progress reporting, meeting key milestones, and showcasing tasks accomplished,
etc. Host weekly status meetings/calls with team or on as needed basis.
10. This position will provide Information Security staff training on all areas of the platforms supported.
SKILLS, EXPERIENCE, & CAPABILITIES
The resource(s) possessing the following mid to expert level preferred skills,
experience, and capabilities:
a. Ten (10) years of relevant IT work experience with at least five (5) years of experience in
the information security and SaaS management and administration field.
b. Two (years) experience with hands on design, implementation, application customization
and support experience with SaaS platforms.
c. Proficient with information security platforms in an enterprise environment.
d. Experience with SailPoint, CyberArk, Microsoft Purview and Archer with the ability to learn
other platforms as required.
e. Specific proficiency with the following:
(1) SailPoint
i Build application specific user attestations.
ii Provide role-based access to individual system attestations.
iii Ability to work with System Owners to build custom user attestation
requirements.
iv Provide training to the users of the system.
(2) CyberArk
i Privileged Cloud
ii Remote Access
iii User Account Management
(3) Microsoft Purview (Security & Compliance)
i Data Loss Protection
ii Information Protection
• Labeling and Encryption
• Data Categorization and Classification
iii Insider Risk Management
iv Defender XDR
(4) Archer
i Risk Assessments
ii Risk Mapping to NIST and Security Policies
iii Risk Acceptance
iv Risk Register
v Risk Tracker
vi Risk Task Automation
vii Business Continuity
viii Security Incident Reporting
f. Excellent communication, interpersonal and team skills.
g. Ability to present technical information for knowledge transfer and training purposes.
h. Ability to establish and maintain effective working relationships with peers, end users and
vendor development staff, as well as all levels of management and judicial personnel as
necessary.
i. Ability to troubleshoot application specific problems and open support tickets as needed to
address systems functionality issues.