IT Security - Journey

IT Security - Journey

• Establish security routines and practices to ensure the confidentiality, integrity, and accessibility of agency resources and data
• Conduct security evaluations, audits and reviews, including penetration testing exercises and implement corrective actions
• Act as the agency’s expert for security architecture
• Conduct yearly audits in accordance with the Washington State Office of the Chief Information Officer (OCIO) policy
• Evaluate current and potential software and hardware to maintain security baselines from National Institute of Standards and Technology, Center for Internet Security, and Washington State Office of CyberSecurity
• Perform risk and vulnerability assessments of current and potential information systems to identify vulnerabilities, risks, and suitability for the agency infrastructure
• Apply advanced technical security knowledge in network and systems design to ensure implementation of appropriate systems security policies, plans and procedures
• Operate and manage daily aspects of the agency’s Information Systems Security Program
• Develops innovative solutions for a defensive posture against known and unknown threats
• Utilize complex processes to detect network and computer anomalies related to malicious behavior
• Analyze complex data generated by the security logging systems to detect intrusion, contamination, exploitation, unauthorized behavior and other malicious indicators of compromise against agency’s information systems
• Perform network forensic analysis of compromised systems to determine scale and scope of exploitation
• Conducts vulnerability analysis of information systems and interpret results using industry accepted tools and practices to ensure information systems are maintained in a high-state of security and hardened again common exploits
• Audit active directory user, group and computer objects for accuracy
• Audit endpoint security policies, tasks and all related processes to ensure they are utilizing industry best practices
• Act as the agency’s expert for security operations and IT related incidents
• Responds to initial and emergent incidents identified internally and externally
• Act as the point of contact for and coordinates with governing agencies such as OCIO, WaTech and SAO to respond to statewide incidents
• Act as a subject matter expert with other technical staff and incident stakeholders (internal and external), the CIO and operations manager to provide expert security intelligence
• Create documentation for Disaster Recovery and Backup/Recovery systems
• Administrate backup and recovery solution for systems data backup, data retention and systems recovery
• Coordinate and document process and procedures for Disaster Recovery

• Bachelor’s degree in computer science
• Five (5) years professional experience and/or training related to the Information Security Technology field
• Equivalent combination of education and professional experience related to the Information Security Technology field
• Five (5) years' experience in Information Technology with a minimum of one (1) year continuous, dedicated, and professional computer security work experience
• The ability to demonstrate experience and proficiency in network log analysis, network forensics, security incident management, and/or security device administration
• The ability to demonstrate experience with enterprise security analysis
• Network Security Certifications - CompTIA Security+, CEH-Certified Ethical Hacker, GSEC-SANS GIAC Security Essentials, CISSP, or CISM

• Flexible/Hybrid schedule
• Paid holidays and leave
• Employee Recognition Leave
• Tuition Waiver
• Deferred Compensation
• Public Service Loan Forgiveness
• Dependent Care Assistance
• Flexible Spending Accounts
• Health insurance
• 401k matching

State of Washington Job Opportunities | Work that Matters