Employment Opportunity


IT Security - Senior/Specialist

Washington State Patrol, Olympia, Washington

Salary: $7,123.00 - $9,348.00 Monthly

Final Filing Date: Continuous

Duties and Requirements Click to read more

Duties:

This is what you will do:
  • As a senior security analyst in the Security Unit, this position serves as an agency technical expert for information security, cyber security, and information security risk management with an emphasis on servers and infrastructure.
  • Under strategic guidance from the Chief Information Security Officer, this position will independently perform, advise, and may lead and direct information security efforts to deliver on any and all aspects of the agency’s IT Security Program including policies, procedures, awareness training, assessments, Cyber investigations, coordinating audits, and security controls. This position, while part of ITD’s Security section, will be located with the Infrastructure and Operations (IO) section to provide security advice and assistance as a partner in their team.
Conduct security assessments and design reviews
  • Risk assessments are performed including design reviews for all software, hardware, new systems/applications, and changes to existing systems/applications to ensure the agency is not allowing unacceptable risk. This also includes coordination of Office of Cybersecurity Security Design as appropriate to ensure that state is not allowing unacceptable risks. All work results are documented and retained for follow up assessments.
Maintain security solutions and tools A
  • s the technical owner of assigned security solutions and tools, this position will use their deep understanding and knowledge of their assigned security tools to ensure they are working and meeting security requirements. Such measures/solutions and tools can include, but not limited to: static and dynamic application test tools, firewalls, vulnerability scanners, Security Incident and Event Management (SIEM), Cloud Access Security Broker (CASB), and data encryption programs.
Develop agency–wide policy, security standards, specifications, and controls
  • Development of agency-wide standards, specifications and security controls that are in compliance with laws and standards the agency is under. These become the foundation for developing best practices, policies, procedures and contract requirements. Security solutions are well fitted to the agency’s processes.
Evaluate technical security controls
  • Individually, leads or works with a team to evaluate current and new security controls for systems to validate effectiveness of technical and administrative as designed. As a result, the testing will identify, document and remediate risks
Detects threats and intrusions
  • Activities in logs are being reviewed and analyzed so that intrusions and threat are identified and mitigations enacted to secure the WSP computing environment. Once discovered these issues are addressed.
Conducts response to cyber security incidents including forensic analysis
  • Security issues are resolved and communicated in a consistent and reliable manner providing a secure application development environment that produces functional and secure software that improves user efficiency.
Communication:
  • This position is issued a cellular phone and email device and is expected to monitor it Monday through Friday, 8:00 a.m. to 5:00 p.m., and periodically when off duty and respond to notices and/or calls within two hours. Occasional off-shift or weekend work may be necessary.
Travel:
  • You may be required to travel as part of your work to access various work settings including data centers and remote communications sites. Travel includes typical rural and urban environments and may require 4 wheel drive utilization. You may travel on unimproved roads and this travel may result in overnight stays.

Requirements:

Required Qualifications:
  • Master’s Degree with focus on computer science, cybersecurity, information technology, software engineering, information systems, computer engineering AND a minimum of two (2) years of recent IT professional experience regardless of certifications,
  • Or
  • Bachelor’s degree in Computer science, cybersecurity, information technology, software engineering, information systems, computer engineering or related field and six (6) years of recent IT professional experience,
  • Or
  • Associates degree in focus on Information Technology or Computer Security and eight (8) years of recent IT professional experience, and at least one professional IT security certification that is current such as those listed below,
  • Or
  • Ten (10) years’ recent experience as an IT professional and at least one professional IT security certification that is current such as those listed below,

  • Most recent IT professional work experience must include at least two (2) years of full time Journey-level work experience.
  • Acceptable professional IT certifications that are currently held and not lapsed can be substituted for up to three (3) years of experience with each certification equivalent to one year of experience.
  • Examples of acceptable certifications include:
    • (ISC)2 (CISSP, CCSP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP)
    • ISACA (CISM, CSX-P)
    • CompTIA (Security+ CE, CySA+, CASP+, PenTest+)
    • SANS (GIAC advanced certifications)
    • Microsoft MCSE
    • Professional experience maintaining Windows servers.
    • Project Management Professional (PMP) certification or experience leading moderate to large complex technology projects.
Desired Qualifications:
  • Two (2) years’ experience effectively delivering complex and technical communication within a business context to executive management, managers, staff, and customers.
  • Professional experience maintaining server environments including Linux (Red Hat), Windows, VMware servers.
  • 3 years of managing technology teams
  • Professional IT security certification(s) such as
    • (ISC)2 (CISSP, CCSP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP)
    • ISACA (CISM, CSX-P)
    • CompTIA (Security+ CE, CySA+, CASP+, PenTest+)
    • SANS (GIAC advanced certifications)
    • Microsoft MCSE
  • Demonstrated skill in the support and use of the following technologies/software:
    • Kali
    • Linux operating systems
    • Wireshark
    • JSON
    • PHP
    • Powershell
    • Usage of Security Incident and Event management software

Do you have the Education Required? See available on-line and campus-based degree programs now!



How to apply: Apply online

″As I have found a job (through this newsletter!) working in the field of forensics, I no longer need a job newsletter. Thank you!” — Amber Click to receive job posting alerts

Posted: September 14, 2021

Search for Jobs


NOTE: The crime-scene-investigator.net is not responsible for typographical errors or omissions in employment notices on this web site. Often, employers change final filing dates, change duties and/or requirements, or close employment openings without notice. If you are interested in a job posted on this site be sure to contact the employer to see if changes in the filing date or job announcement have been made. Employers can also provide more information about open positions that does not appear in the announcements on these pages.