Washington State Department of Labor & Industries
L&I IT Security Senior Analyst
Washington State Department of Labor & Industries, Seattle, Washington, us, 98127
Overview
The Department of Labor & Industries (L&I) is announcing an opportunity for an
IT Security Senior Analyst . The Information Technology Division provides IT products and services to support agency business priorities. IT Security Services (ITSS) protects the confidentiality, integrity and availability of agency-wide IT assets and data, including critical business applications, and conducts enterprise-wide risk analysis to guide risk reduction activities. The IT Security Senior Analyst focuses on the most complex areas of IT Security services including Risk Management, IT Security Governance, Audit and Compliance, Threat and Vulnerability Management and security architecture. You will provide expert technical and organizational leadership to protect L&I mission-critical applications and systems from cybersecurity threats. Base pay range $97,356.00/yr - $130,992.00/yr Note : This range is provided by Washington State Department of Labor & Industries. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Responsibilities
Oversee and develop enterprise IT security reviews, assessments and risk analysis of existing and planned IT systems and software to identify risks and establish security requirements. Manage the organization’s Governance, Risk Management, and Compliance (GRC) program, and act as the primary point of contact for all IT audits. Evaluate proposed security controls with system owners, validate configuration settings, and perform assessments to determine risks. Create KPI reports for management based on threat management tools. Produce technical reports and formal papers on threat management for IT management. Analyze threats to determine impact to the environment, eliminate false positives, research and articulate business impact to the agency. Serve as IT Security expert and represent the unit on projects, including managing work breakdown structures and coordinating with other teams. Set direction, develop and formulate enterprise-wide IT security policies and standards. Create, document, and implement the Security Incident Response process for the IT Division and align security practices with agency business needs. Serve as security consultant to L&I business areas, L&I IT staff, WaTech, IT leadership and vendors to implement security architecture, technologies, and solutions. Qualifications
Required:
Ten (10) years of full-time professional IT work experience across multiple disciplines (IT Security, network engineering, application security, database, risk management, project management, etc.) Education may substitute year-for-year for experience up to four (4) years for a Bachelor’s degree and up to two (2) years for an associate’s degree in Information Technology, Information Assurance, Computer Science or a closely related field Six (6) years or more of experience with at least two of the following: Firewall management; Security Assessments; Vulnerability Management; Security Project Requirements; Digital Forensics; Network Security; Desktop Security; Penetration testing; Application Security; Anti-virus/Malware Management; Intrusion Detection and Prevention Three (3) years of experience in assessing, monitoring and protecting IT systems and environments to identify opportunities for corrective action on systems vulnerable to cybersecurity threats. Two (2) years of experience advising and consulting with technical leadership, staff, vendors or contractors on IT security risks and technical security issues. Desired:
Formal security training or certifications such as CISSP, CEH, OSCP, Security+ or related college-level IT Security/Information Assurance courses Three (3) years of experience advising and consulting with technical leadership, staff, vendors or contractors on IT security risks and technical security issues. Supplemental Information
Teleworking is a work schedule option for this position. L&I offers flexible schedules, hybrid and remote work options. Remote work from outside WA requires approval. State employees who meet qualifications are eligible for a retirement package. Additional benefits and information are available under the Benefits tab. L&I is a diverse state agency dedicated to the safety, health, and security of Washington’s workers. GovDelivery job alerts are available for new openings. Application process
We will contact top candidates for interviews. Please identify knowledge, skills, and abilities addressing the required and desirable qualifications in your application. Include the following documents: a cover letter, a current resume, and a list of at least three professional references with current phone numbers. Do not include medical information in the application materials. Background checks are conducted prior to placement. The department adheres to equal opportunity and provides accommodations where needed. Veterans Preference information and diversity, equity, and inclusion statements apply as described in the posting. For more information, contact Jennifer Nuño at nunk235@lni.wa.gov.
#J-18808-Ljbffr
The Department of Labor & Industries (L&I) is announcing an opportunity for an
IT Security Senior Analyst . The Information Technology Division provides IT products and services to support agency business priorities. IT Security Services (ITSS) protects the confidentiality, integrity and availability of agency-wide IT assets and data, including critical business applications, and conducts enterprise-wide risk analysis to guide risk reduction activities. The IT Security Senior Analyst focuses on the most complex areas of IT Security services including Risk Management, IT Security Governance, Audit and Compliance, Threat and Vulnerability Management and security architecture. You will provide expert technical and organizational leadership to protect L&I mission-critical applications and systems from cybersecurity threats. Base pay range $97,356.00/yr - $130,992.00/yr Note : This range is provided by Washington State Department of Labor & Industries. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Responsibilities
Oversee and develop enterprise IT security reviews, assessments and risk analysis of existing and planned IT systems and software to identify risks and establish security requirements. Manage the organization’s Governance, Risk Management, and Compliance (GRC) program, and act as the primary point of contact for all IT audits. Evaluate proposed security controls with system owners, validate configuration settings, and perform assessments to determine risks. Create KPI reports for management based on threat management tools. Produce technical reports and formal papers on threat management for IT management. Analyze threats to determine impact to the environment, eliminate false positives, research and articulate business impact to the agency. Serve as IT Security expert and represent the unit on projects, including managing work breakdown structures and coordinating with other teams. Set direction, develop and formulate enterprise-wide IT security policies and standards. Create, document, and implement the Security Incident Response process for the IT Division and align security practices with agency business needs. Serve as security consultant to L&I business areas, L&I IT staff, WaTech, IT leadership and vendors to implement security architecture, technologies, and solutions. Qualifications
Required:
Ten (10) years of full-time professional IT work experience across multiple disciplines (IT Security, network engineering, application security, database, risk management, project management, etc.) Education may substitute year-for-year for experience up to four (4) years for a Bachelor’s degree and up to two (2) years for an associate’s degree in Information Technology, Information Assurance, Computer Science or a closely related field Six (6) years or more of experience with at least two of the following: Firewall management; Security Assessments; Vulnerability Management; Security Project Requirements; Digital Forensics; Network Security; Desktop Security; Penetration testing; Application Security; Anti-virus/Malware Management; Intrusion Detection and Prevention Three (3) years of experience in assessing, monitoring and protecting IT systems and environments to identify opportunities for corrective action on systems vulnerable to cybersecurity threats. Two (2) years of experience advising and consulting with technical leadership, staff, vendors or contractors on IT security risks and technical security issues. Desired:
Formal security training or certifications such as CISSP, CEH, OSCP, Security+ or related college-level IT Security/Information Assurance courses Three (3) years of experience advising and consulting with technical leadership, staff, vendors or contractors on IT security risks and technical security issues. Supplemental Information
Teleworking is a work schedule option for this position. L&I offers flexible schedules, hybrid and remote work options. Remote work from outside WA requires approval. State employees who meet qualifications are eligible for a retirement package. Additional benefits and information are available under the Benefits tab. L&I is a diverse state agency dedicated to the safety, health, and security of Washington’s workers. GovDelivery job alerts are available for new openings. Application process
We will contact top candidates for interviews. Please identify knowledge, skills, and abilities addressing the required and desirable qualifications in your application. Include the following documents: a cover letter, a current resume, and a list of at least three professional references with current phone numbers. Do not include medical information in the application materials. Background checks are conducted prior to placement. The department adheres to equal opportunity and provides accommodations where needed. Veterans Preference information and diversity, equity, and inclusion statements apply as described in the posting. For more information, contact Jennifer Nuño at nunk235@lni.wa.gov.
#J-18808-Ljbffr