State of Washington
Information Security Analyst
State of Washington, Olympia, Washington, United States, 98502
Salary:
$81,672.00 - $109,848.00 Annually
Location :
Thurston County - Olympia, WA
Job Type:
Full Time - Permanent
Remote Employment:
Flexible/Hybrid
Job Number:
2024-WaTech-7214-10214
Department:
Washington Technology Solutions
Division:
OCS
Opening Date:
09/05/2024
Closing Date:
9/22/2024 11:59 PM Pacific
Salary Information:
The high end of the salary range, Step M is typically a longevity step
Description
Information Security Analyst(IT Security - Journey)
WaTech: Leading the way in technology!Washington Technology Solutions (WaTech) operates the state's core technology services and helps government function more efficiently, safely, and securely. WaTech is a national leader in adopting new, innovative technologies that transform the way Washingtonians receive state services. As a member of WaTech's team, you will help other state agencies deliver critical services to millions of Washingtonians every day.
About this position:The Information Security Analyst is a member of the WaTech Agency Security Services team within the Office of Cybersecurity (OCS) and serves a key organizational role, providing information security guidance to a wide variety of technical and business units across the agency and the small agencies we serve.
As an
Information Security Analyst,
you will be relied on to
ensure the technology solutions used to deliver enterprise services are implemented securely and remain clear of cyber threats and vulnerabilities which can impact their availability.
Duties
Some of what you can expect:
Analyze security intelligence artifacts received from our internal and external security partners and from our enterprise security solutions to quickly remediate or respond to cyber threats and trends.Use various security enterprise platforms to monitor agency assets, vulnerabilities, and cyber threats.Analyze security alert trends and perform evaluations of statewide security systems, system users, operational processes and services and makes recommendations for improvements to the appropriate process and/or system owner.Monitor and report on remediation activities.Evaluate technology solutions (such as cloud-based applications, computer peripherals, mobile applications) and provide our customers security risk-based recommendations related to the use of the evaluated technology solution.Develop and test security controls with the assistance of senior staff to ensure corrective actions taken have been addressed.Assess and quantify cyber security risks and take appropriate actions, including analyzing, interpreting, and applying cyber security processes, procedures, and policies for efficiency, accuracy, and compliance with regulatory requirements.
Here is what we are looking for:
Seven or more years (full-time equivalent) of combined experience in two or more of the following focus areas:
Information Security.Vulnerability Management.Conducting Risk/Security Assessments.Systems Administration.Developing and Maintaining Technology Systems.Network Infrastructure Design.Server System Administration.Application Management.
Within the required experience, must include:
Two or more years (full-time equivalent) experience in administrating security platforms and analyzing/interpreting the risk/vulnerability data these tools provide (such as MS Defender, Azure SENTINEL and Avanti Neurons or others.)One or more years (full-time equivalent) experience in evaluating Common Vulnerabilities and Exposures (CVEs) to determine level of risk to information assets and potential remediation actions.
**A bachelor's degree or completion of an accredited training program may substitute for up to four years of experience. **
Preference shall be given to those who possess the following certification(s):
Two or more years of work experience supporting information security for a government or heavily regulated organization.Two or more years (full-time equivalent) experience in using an organizational ticketing system.Two or more years' experience in a programming language, writing computer scripts, or computer forensics.A professional security certification, such as CISSP, CISA, or CEH, from a non-vendor specific industry recognized organization such as ISC2, ISACA, or the SANS institute.
We value diversity and different perspectives:WaTech is committed to providing equal access and opportunities to all qualified applicants and employees. We seek to attract and retain a diverse staff and welcome your experiences, perspectives, and unique identity.
What WaTech Offers:As an employee of WaTech, you'll have access to an outstanding that includes medical and dental plan options for you and your family, paid leave and holidays, retirement plan options and more.
While WaTech is headquartered in Olympia, Washington, which is near some of the country's most , we are able to offer many of our positions telework and flexible schedule options to help support a healthy work life balance.
To learn more about WaTech, and what our employees enjoy about working here, please .
How to apply:Applications for this recruitment will be accepted electronically. Please select the large "apply button" at the top of this announcement. You may need to create a profile and account in Washington state's automated application system. We invite you to include your name and pronouns in your material to ensure we address you correctly throughout the application process.
To be considered for this position you will need to:
Submit your online application.Answer all required
Supplemental Questions .Attach a
Letter of Interest
that addresses how your experience qualifies you for this role.Attach a
Resume
that clearly documents the work history, training, and education that makes you a viable and competitive candidate for this position.Include
Three professional references
and their contact information.Applicants wishing to claim Veterans Preference should attach a copy of their DD-214 (Member 4 copy), NGB 22, or signed verification of service letter from the United States Department of Veterans Affairs to their application. (Please redact any personally identifiable data such as social security number prior to submittal.)
Note:
Applications without the requested attachments identified above or containing supplemental question responses with comments such as "see resume" may lead to your application being disqualified from consideration.
Conditions of employment:This position requires a background check. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position and is a continued condition of employment.
Recruitment process:First round of application assessments will be conducted seven days after the initial job posting date. The hiring authority reserves the right to offer the position at any time after the initial seven-day job posting date during the recruitment process. It is to the applicant's advantage to apply as early as possible. This recruitment may be used to fill multiple positions.
Contact us:
For inquiries about this position, please contact
Rebekah Wilkes
at
(360) 407-8646
or email to
Persons requiring accommodation in the application process or for an alternative format may contact Human Resources at (360) 407-8242 or . Persons of disability or those who are deaf or hard of hearing can call the Washington Relay Service by dialing 7-1-1 or 1-800-833-6388. WaTech complies with the employment eligibility verification requirements of the federal Form I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
Supplemental Information
More than Just a Paycheck!Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.
We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. That's why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.
Read about our benefits:The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.
Note:
If the position offers benefits which differ from the following, the job posting should include the specific benefits.
Insurance BenefitsEmployees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.
Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.
To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.
Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.
Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.
The Washington State Employee Assistance Program promotes the health and well-being of employees.
Retirement and Deferred CompensationState Employees are members of the Washington Public Employees' Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems' web site.
Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.
Social SecurityAll state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.
Public Service Loan ForgivenessIf you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.
HolidaysFull-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.
Note:
Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.
Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.
Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.
Sick LeaveFull-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.
Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.
Vacation (Annual Leave)Full-time employees accrue vacation leave at the rates specified in (1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.
Part-time employees accrue vacation leave hours in accordance with (1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.
Pay status includes hours worked, time on paid leave and paid holiday.
As provided in , an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.
Note:
Most agencies follow the civil service rules covering leave and holidays for
exempt
employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.
Military LeaveWashington State supports members of the armed forces with 21 days paid military leave per year.
Bereavement LeaveMost employees whose family member or household member dies, are entitled to three (3) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.
Additional LeaveLeave Sharing
Family and Medical Leave Act (FMLA)Leave Without Pay
Please visit the State HR Website for more detailed information regarding benefits.
Updated 12-31-2022
01
Please select the option that best describes how you meet the required qualifications:
I have a bachelor's degree or have completed an accredited training program AND at least three years of experience in TWO or more of the following focus areas.Information Security. Vulnerability Management. Conducting Risk/Security Assessments. Systems Administration. Developing and Maintaining Technology Systems. Network Infrastructure Design. Server System Administration. Application Management.I have seven years of experience in TWO or more of the following focus areasnformation Security. Vulnerability Management. Conducting Risk/Security Assessments. Systems Administration. Developing and Maintaining Technology Systems. Network Infrastructure Design. Server System Administration. Application Management.I do not have the required education and/or experience, but I am willing to learn.
02
Please select which following areas you have experience with (Check all that apply).
Information Security.Vulnerability Management.Conducting Risk/Security Assessments.Systems Administration.Developing and Maintaining Technology Systems.Network Infrastructure Design.Server System Administration.Application Management.I do not have experience in any of these areas, but I am willing to learn.
03
Please explain how you gained the experience in question # 2. If this does not apply, use "N/A"
04
Do you have two or more years (full-time equivalent) experience in administrating security platforms and analyzing/interpreting the risk/vulnerability data these tools provide (such as MS Defender, Azure SENTINEL and Avanti Neurons or others.)
YesNo
05
Please explain how you gained the experience in question #4. If this does not apply, use "N/A"
06
Do you have one or more years (full-time equivalent) experience in evaluating Common Vulnerabilities and Exposures (CVEs) to determine level of risk to information assets and potential remediation actions.
YesNo
07
Please explain how you gained the experience in question #6. If this does not apply, use "N/A"
08
Will you now or in the future require sponsorship for employment visa status (e.g. H-1B visa status or F1 OPT etc.)?
YesNo
Required Question
$81,672.00 - $109,848.00 Annually
Location :
Thurston County - Olympia, WA
Job Type:
Full Time - Permanent
Remote Employment:
Flexible/Hybrid
Job Number:
2024-WaTech-7214-10214
Department:
Washington Technology Solutions
Division:
OCS
Opening Date:
09/05/2024
Closing Date:
9/22/2024 11:59 PM Pacific
Salary Information:
The high end of the salary range, Step M is typically a longevity step
Description
Information Security Analyst(IT Security - Journey)
WaTech: Leading the way in technology!Washington Technology Solutions (WaTech) operates the state's core technology services and helps government function more efficiently, safely, and securely. WaTech is a national leader in adopting new, innovative technologies that transform the way Washingtonians receive state services. As a member of WaTech's team, you will help other state agencies deliver critical services to millions of Washingtonians every day.
About this position:The Information Security Analyst is a member of the WaTech Agency Security Services team within the Office of Cybersecurity (OCS) and serves a key organizational role, providing information security guidance to a wide variety of technical and business units across the agency and the small agencies we serve.
As an
Information Security Analyst,
you will be relied on to
ensure the technology solutions used to deliver enterprise services are implemented securely and remain clear of cyber threats and vulnerabilities which can impact their availability.
Duties
Some of what you can expect:
Analyze security intelligence artifacts received from our internal and external security partners and from our enterprise security solutions to quickly remediate or respond to cyber threats and trends.Use various security enterprise platforms to monitor agency assets, vulnerabilities, and cyber threats.Analyze security alert trends and perform evaluations of statewide security systems, system users, operational processes and services and makes recommendations for improvements to the appropriate process and/or system owner.Monitor and report on remediation activities.Evaluate technology solutions (such as cloud-based applications, computer peripherals, mobile applications) and provide our customers security risk-based recommendations related to the use of the evaluated technology solution.Develop and test security controls with the assistance of senior staff to ensure corrective actions taken have been addressed.Assess and quantify cyber security risks and take appropriate actions, including analyzing, interpreting, and applying cyber security processes, procedures, and policies for efficiency, accuracy, and compliance with regulatory requirements.
Here is what we are looking for:
Seven or more years (full-time equivalent) of combined experience in two or more of the following focus areas:
Information Security.Vulnerability Management.Conducting Risk/Security Assessments.Systems Administration.Developing and Maintaining Technology Systems.Network Infrastructure Design.Server System Administration.Application Management.
Within the required experience, must include:
Two or more years (full-time equivalent) experience in administrating security platforms and analyzing/interpreting the risk/vulnerability data these tools provide (such as MS Defender, Azure SENTINEL and Avanti Neurons or others.)One or more years (full-time equivalent) experience in evaluating Common Vulnerabilities and Exposures (CVEs) to determine level of risk to information assets and potential remediation actions.
**A bachelor's degree or completion of an accredited training program may substitute for up to four years of experience. **
Preference shall be given to those who possess the following certification(s):
Two or more years of work experience supporting information security for a government or heavily regulated organization.Two or more years (full-time equivalent) experience in using an organizational ticketing system.Two or more years' experience in a programming language, writing computer scripts, or computer forensics.A professional security certification, such as CISSP, CISA, or CEH, from a non-vendor specific industry recognized organization such as ISC2, ISACA, or the SANS institute.
We value diversity and different perspectives:WaTech is committed to providing equal access and opportunities to all qualified applicants and employees. We seek to attract and retain a diverse staff and welcome your experiences, perspectives, and unique identity.
What WaTech Offers:As an employee of WaTech, you'll have access to an outstanding that includes medical and dental plan options for you and your family, paid leave and holidays, retirement plan options and more.
While WaTech is headquartered in Olympia, Washington, which is near some of the country's most , we are able to offer many of our positions telework and flexible schedule options to help support a healthy work life balance.
To learn more about WaTech, and what our employees enjoy about working here, please .
How to apply:Applications for this recruitment will be accepted electronically. Please select the large "apply button" at the top of this announcement. You may need to create a profile and account in Washington state's automated application system. We invite you to include your name and pronouns in your material to ensure we address you correctly throughout the application process.
To be considered for this position you will need to:
Submit your online application.Answer all required
Supplemental Questions .Attach a
Letter of Interest
that addresses how your experience qualifies you for this role.Attach a
Resume
that clearly documents the work history, training, and education that makes you a viable and competitive candidate for this position.Include
Three professional references
and their contact information.Applicants wishing to claim Veterans Preference should attach a copy of their DD-214 (Member 4 copy), NGB 22, or signed verification of service letter from the United States Department of Veterans Affairs to their application. (Please redact any personally identifiable data such as social security number prior to submittal.)
Note:
Applications without the requested attachments identified above or containing supplemental question responses with comments such as "see resume" may lead to your application being disqualified from consideration.
Conditions of employment:This position requires a background check. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position and is a continued condition of employment.
Recruitment process:First round of application assessments will be conducted seven days after the initial job posting date. The hiring authority reserves the right to offer the position at any time after the initial seven-day job posting date during the recruitment process. It is to the applicant's advantage to apply as early as possible. This recruitment may be used to fill multiple positions.
Contact us:
For inquiries about this position, please contact
Rebekah Wilkes
at
(360) 407-8646
or email to
Persons requiring accommodation in the application process or for an alternative format may contact Human Resources at (360) 407-8242 or . Persons of disability or those who are deaf or hard of hearing can call the Washington Relay Service by dialing 7-1-1 or 1-800-833-6388. WaTech complies with the employment eligibility verification requirements of the federal Form I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
Supplemental Information
More than Just a Paycheck!Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.
We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. That's why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.
Read about our benefits:The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.
Note:
If the position offers benefits which differ from the following, the job posting should include the specific benefits.
Insurance BenefitsEmployees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.
Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.
To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.
Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.
Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.
The Washington State Employee Assistance Program promotes the health and well-being of employees.
Retirement and Deferred CompensationState Employees are members of the Washington Public Employees' Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems' web site.
Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.
Social SecurityAll state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.
Public Service Loan ForgivenessIf you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.
HolidaysFull-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.
Note:
Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.
Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.
Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.
Sick LeaveFull-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.
Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.
Vacation (Annual Leave)Full-time employees accrue vacation leave at the rates specified in (1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.
Part-time employees accrue vacation leave hours in accordance with (1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.
Pay status includes hours worked, time on paid leave and paid holiday.
As provided in , an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.
Note:
Most agencies follow the civil service rules covering leave and holidays for
exempt
employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.
Military LeaveWashington State supports members of the armed forces with 21 days paid military leave per year.
Bereavement LeaveMost employees whose family member or household member dies, are entitled to three (3) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.
Additional LeaveLeave Sharing
Family and Medical Leave Act (FMLA)Leave Without Pay
Please visit the State HR Website for more detailed information regarding benefits.
Updated 12-31-2022
01
Please select the option that best describes how you meet the required qualifications:
I have a bachelor's degree or have completed an accredited training program AND at least three years of experience in TWO or more of the following focus areas.Information Security. Vulnerability Management. Conducting Risk/Security Assessments. Systems Administration. Developing and Maintaining Technology Systems. Network Infrastructure Design. Server System Administration. Application Management.I have seven years of experience in TWO or more of the following focus areasnformation Security. Vulnerability Management. Conducting Risk/Security Assessments. Systems Administration. Developing and Maintaining Technology Systems. Network Infrastructure Design. Server System Administration. Application Management.I do not have the required education and/or experience, but I am willing to learn.
02
Please select which following areas you have experience with (Check all that apply).
Information Security.Vulnerability Management.Conducting Risk/Security Assessments.Systems Administration.Developing and Maintaining Technology Systems.Network Infrastructure Design.Server System Administration.Application Management.I do not have experience in any of these areas, but I am willing to learn.
03
Please explain how you gained the experience in question # 2. If this does not apply, use "N/A"
04
Do you have two or more years (full-time equivalent) experience in administrating security platforms and analyzing/interpreting the risk/vulnerability data these tools provide (such as MS Defender, Azure SENTINEL and Avanti Neurons or others.)
YesNo
05
Please explain how you gained the experience in question #4. If this does not apply, use "N/A"
06
Do you have one or more years (full-time equivalent) experience in evaluating Common Vulnerabilities and Exposures (CVEs) to determine level of risk to information assets and potential remediation actions.
YesNo
07
Please explain how you gained the experience in question #6. If this does not apply, use "N/A"
08
Will you now or in the future require sponsorship for employment visa status (e.g. H-1B visa status or F1 OPT etc.)?
YesNo
Required Question