L&I IT Security Senior Analyst

The IT Security Senior Analyst position reports to the L&I Chief Information Security Officer (CISO) and focuses on the most complex areas of IT Security services including, Risk Management, IT Security Governance, Audit and Compliance, Threat and Vulnerability Management and security architecture.

• Oversee and develop enterprise IT security reviews, assessments and risk analysis of existing and planned IT systems and software to identify risks and to establish security requirements.
• Manage the organization's Governance, Risk Management, and Compliance (GRC) program, and act as the primary point of contact for all IT audits.
• Evaluate proposed security controls with system owners, validate configuration settings, and perform assessments to determine risks.
• Create Key Performance Indicator (KPI) reports for management based on threat management tools.
• Produce technical reports and formal papers on threat management for IT management.
• Analyze threats to determine impact to our environment, eliminate false positives, research and articulate business impact to the agency.
• Serve as IT Security expert and represent for projects in any of the IT Security service areas within the IT division, including managing work breakdown structures and coordinating work efforts with other teams.
• Set direction, develop and formulate enterprise-wide IT security policies and standards.
• Create, document, and implement the Security Incident Response process for the IT Division and align security practices with agency business needs.
• Serve as security consultant to L&I business areas, L&I IT staff, WaTech, IT leadership and vendors to implement the security architecture, technologies, and solutions.

• Ten (10) years of full-time professional IT work experience across multiple disciplines (IT Security, network engineering, application security, database, risk management, project management, etc.).
• Six (6) years or more of experience with at least two (2) of the following: Firewall management, Security Assessments, Vulnerability Management, Security Project Requirements, Digital Forensics, Network Security, Desktop Security, Penetration testing, Application Security, Anti-virus/Malware Management, Intrusion Detection and Prevention.

• Health insurance
• Retirement package
• Flexible schedules
• Teleworking options
• Paid holidays
• Sick leave
• Vacation leave
• Bereavement leave
• Parental leave
• Family and Medical Leave Act (FMLA)

The State of Washington is an equal opportunity employer.