IT Security Analyst

Overview

Hybrid
$79,296 - $106,644
Full Time
No Travel Required

Skills

IT Security
CISSP
Certified Ethical Hacker
Identity and Access Management
Authorization Flows
Solution Implementation
Threat Management
Security Assessments

Job Details

Our Mission: Keep Washington Safe and Working!
Our Values: Customer Focus, One L&I, Respect, Diversity, Equity and Inclusion, Learning and Growth, Reliability


Are you an IT security specialist who enjoys designing, developing, testing, implementing, and integrating identity and access management frameworks, systems, and protocols within IT security programs? If so, this may be just the position for you!

This position ensures the confidentially, integrity and availability of L&I systems, networks, and data through planning, analysis, development, implementation, and enhancement of the IT security program, policies, procedures, and tools provided to L&I staff. This position also monitors L&I systems and environments to identify and resolve potential access control risk issues and ensure compliance with all relevant policy and governance.

The incumbent works with the Security Services team to design authorization flows and create processes and procedures to ensure that accesses are granted, monitored, and removed in a secure and timely fashion. This position will develop and drive the creation of standardized user profiles. The incumbent will also be in charge of development of role-based training related to these processes. This position will identify, define/approve and implement continuous process enhancements/improvements utilizing various tools and methodologies.

Working with the Senior Security Analyst, this position will also help to participate and manage internal and external audits. This includes communicating with auditors, finding artifacts, and participating in closure of corrective audit plans (CAPs) through the creation and implementation of standards and guidelines. This position will also help to process risk acceptance requests specific to information technology systems and user accesses.

Duties

Some of what you will be doing:

  • Identity and Access Management (IAM) Implementation and Improvement, including:
    • Design authorization flows
    • Develop processes and procedures to ensure that accesses are granted, documented, and monitored, and removed in a secure fashion.
    • Review accesses and help business areas create roles that follow the principals of least privilege and separation of duties.
    • Lead agency-wide annual access review effort.
    • Evaluate and determine risk on Special Use IDs and Service Accounts.
    • Create and maintain standards and guidelines for authorization and administration of user accounts
    • Develops security training materials
  • Audit and Compliance, including:
    • Participate in audit support activities around external and internal audits
    • Develop plans to address access or identity related Correct Action Plans (CAPs) from audits.
    • Do compliance checks on IAM processes implemented to ensure that they are being followed according to relevant policy.
    • Define and implement new access control standards and procedures to address areas of non-compliance.
  • Risk Management, including:
    • Analyze, research and assess agency systems and user risk acceptance requests submitted from programs.
    • Follow up on risks and ensure they are signed off by the appropriate people within an allotted time frame.
    • Develop mitigations to lower agency risk.
  • Key Stakeholder for IAM Technology and Solution Implementation, including:
    • Participate as a key stakeholder to implementation and upgrades to IAM technical solutions.
    • Determine appropriate approval processes based off of risk and compliance needs
    • Managing work breakdown structures and coordinating work efforts with other teams.
    • Develop, design, and implement new processes and technology
  • Security Consulting, including:
    • Security consultant to L&I business areas and L&I IT staff and IT leadership
    • Translate technical security concepts .
    • Analyze business area and technical group proposals
    • Identify and document appropriate security requirements. Implement additional security controls or configurations needed.

Qualifications

Required:

  • A bachelor s degree in Information Technology, Information Assurance, Computer Science

AND

  • Two years of IT experience with at least one year of IT Security experience.


* (IT Security Experience includes but is not limited to any of the following security technologies:

  • User management, identity and access management, vulnerability or threat management, access control, digital forensics, network security, desktop security, security assessments, security gateway management, or other general cybersecurity.)

OR

  • An associate s degree in Information Technology, Information Assurance, Computer Science


AND

  • Four years of IT experience with at least one year of IT Security experience.


OR

  • Six years of IT experience with at least one year of IT Security experience.

Desired:

  • Formal security training or certifications such as:
    • Certified Information Security Professional (CISSP)
    • Certified Ethical Hacker (CEH)
    • Offensive Security Certified Professional (OSCP)
    • College level IT Security or Information Assurance courses
  • Professional experience in an IAM role.

Supplemental Information

Things You Need to Know

To help you maintain a proper work-life balance, teleworking is one of the work schedule options for this position. L&I also offers flexible custom work schedules.

State employee who meet the qualifications will become eligible for a generous retirement package at the end of the employee s career. Click on the Benefits tab to learn more.
At L&I, your voice matters. In addition, L&I is a diverse state agency dedicated to the safety and health and security of Washington's 3.3 million workers. Take a look at this and learn more about why L&I is an employer of choice.

We offer hybrid and remote work options. Remote work from a state outside of WA, requires approval.
Application process

We will contact the top candidates directly to interview for this position. Because we base the selection on information provided by you, it is in your best interest to identify the knowledge, skills, and abilities that address the mandatory and desirable qualifications described in the announcement.

Please include the following documents with your application AND please pay special attention to the wording in #1:

  1. A cover letter listing each required qualification with supporting detail on how each requirement is met through your experience and/or training.
  2. A current resume detailing applicable experience and education.
  3. A list of at least three professional references with current telephone numbers. (please place these within your application). Failure to do so will result in an incomplete application. *Please note: we will never call any reference without your written authorization


Please do not attach or place any information about your vaccination status, including disclosure of leaving employment due to a vaccination requirement for COVID -19, within the application, resume, or cover letter. If you do, we will have to reject your application to safeguard others from receiving your confidential information. You will have to remove the confidential information before you can apply again.

Background Check Notice

Prior to a placement in this position, a background check, including criminal history record will be conducted. Information from your background check will not necessarily preclude employment but will be considered in determining your eligibility to perform the requirements of the position.

Other information

  • A job offer is contingent upon completion of a background check that includes a criminal record review.
  • For positions requiring travel, you must have a valid unrestricted driver's license and have insurance if driving a privately owned vehicle on state business.
  • This position is represented by the Washington Federation of State Employees (WFSE).
  • Candidates who are offered a job with L&I must possess work authorization that does not require sponsorship by the employer for a visa now or in the future.
  • The Department of Labor & Industries complies with the employment eligibility verification requirements of the federal employment eligibility verification form, I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
  • Please note: L&I may use this announcement to fill multiple permanent and/or non-permanent positions.
  • IT position applicants selected to move forward in this hiring process will receive an email skills assessment invitation within 3 weeks of your application being accepted. An applicant may complete the assessment when ready, but the invitation to complete the assessment will expire 5 days after the invitation was sent. Once you start the assessment, you will be required to complete it. You cannot start your assessment and then come back to it later. Please look in your email inbox or spam as these invitations are sent by CodeSignal.

Did You Know?
Washington is to live, play, and work, according to U.S. News (2021). Join the L&I team and enjoy all the Evergreen State has to offer.

In addition to offering a positive balance between life and work, L&I provides one of the most competitive benefits packages in the nation. We also believe your voice matters. We value our employees and their work-life balance by encouraging flexible schedules. L&I is a diverse state agency dedicated to the safety and health and security of Washington's 3 million workers.


Veterans Preference
Applicants wishing to claim Veterans Preference should attach to their application a copy of their DD-214 (Member 4 copy), NGB 22, or signed verification of service letter from the United States Department of Veterans Affairs. Please blackout any personally identifiable data such as Social Security numbers. For further information, contact L&I s .
Diversity, Equity, and Inclusion Employer
L&I employees come from all walks of life. We strive to hire great people from a wide variety of backgrounds. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

We believe in the importance of recognizing the value each of us contribute to the success of the agency mission. Having a diverse workforce is this agency s greatest resource of strength and knowledge. It is through the combination of talents and abilities that we can pursue finding effective measures to provide the best customer service. We are committed to building a diverse and inclusive workplace for everyone and we strongly mean everyone.

The State of Washington is an equal opportunity employer. Persons with a disability who need accommodation in the application process or testing process, or those needing this announcement in an alternative format, may call . TTY users should first call 711 to access the Washington Relay Service.

You are welcome to include the name and pronoun you would like to be referred to in your materials and we will honor this as you interact with our award-winning diverse and inclusive organization.

For more Information

If you have any questions regarding this announcement, program, or the agency please contact Steve Camerer at