State of Washington
Receive alerts when this company posts new jobs.
Information Security Analyst (2 positions)
at State of Washington
Job Status: Full Time
Job Reference #: 2607688
Overall Job Objective
This recruitment will be used to fill two positions. You will have the opportunity to select your desired position in the Supplemental Questionnaire section of the application. This recruitment will remain open until filled. First review of applications will be November 12 and will continue weekly.
These positions have been allocated as IT Security - Senior/Specialist.The Office of Financial Management's (OFM) mission is to support and improve government on behalf of all Washingtonians. As an employee of OFM, you will be part of a team of dedicated professionals that works every day to fulfill this mission by providing vital information, fiscal services, policy support and technology services that the Governor, Legislature and state agencies need to serve the people of Washington.
What you will be doing
As an Information Security Analyst with the Office of Financial Management, you will provide technical expertise for security access management, regulatory compliance, security policy, and application-level security compliance. You will be responsible for providing consultation in analyzing, assessing, and designing applications. You will also be tasked with conducting risk and security assessments and evaluating existing controls to recommend mitigation to associated risks.
Who we are looking for
If you are an enthusiastic team player who is interested in developing new ways to protect OFM systems for the present and future, all while remaining collaborative, flexible and adapting to change as part of the everyday routine, then we encourage you to apply!
Why Work for OFM?
- Dynamic, high-performing agency
- Opportunities to make a positive, statewide impact
- Support for employee growth and development
- Modern work environment
- Mobile and flexible work opportunities
- Infants at Work program
- A commitment to organizational health and wellness
- Work/life balance
What will you be doing? – Duties Include:
Position #1 Specific Duties
- Create, implement and administer a comprehensive risk analysis plan to analyze vulnerabilities, threats and impacts on the department's information systems.
- Analyze risk analysis results. Produce reports with recommended administrative and technical solutions to mitigate risk.
- Collaborate with the CISO and Incident Manager to communicate, troubleshoot and resolve security vulnerabilities, risk and incidents.
- Create, implement and administer a comprehensive security assessment plan to analyze the current state of compliance on the department's information systems.
Position #2 Specific Duties
- Analyze access management policies, procedures and methods for compliance with regulatory requirements and best practices.
- Consult with business data owners and external partners to design secure access management methods, processes, policies and procedures.
- Investigate access management violations regarding unauthorized or inappropriate access.
- Design methods and processes in the form of a plan, and act as administrator of the plan, to review and validate privileges and permissions for all agency staff access to information systems owned and supported by OFM/Governor's office.
Duties that pertain to both positions
- Use complex security tools and appliances to probe department information systems to validate compliance on system architecture, application configuration, patch management, access management, and other essential processes.
- Oversee implementation of vulnerability analysis mitigation solutions and provide technical expertise and consultation for stakeholders
- Research current and emerging threats, vulnerabilities and architect risk analysis methods to expose and mitigate the threats.
- Research state and federal information system regulations and architect methods and processes to validate department information system compliance.
- Bachelor's degree in information security or related field; OR a professional security certification, such as CISSP, CISA, or CEH, from a non-vendor specific industry recognized organization such as ISC2, ISACA or the SANS institute.
- Seven years of experience and expert proficiency in access management, risk analysis, security assessments and vulnerability analysis.
- Master's degree in computer science, information management or information security.
- Knowledge of OCIO, CIS, NIST, FERPA, HIPAA, FISMA and FedRAMP frameworks.
- Experience and proficiency in a programming language, writing computer scripts or computer forensics.
The top candidates will be contacted directly to interview for this position. Because the selection will be based on information provided by you, it is in your best interest to identify the knowledge, skills and abilities that address the required and desirable qualifications described above.
Interested applicants are required to submit the following:
- A letter of interest describing specific qualifications.
- A current resume detailing applicable experience and education.
- A list of at least three professional references with current telephone numbers.
NOTE: Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.
The Office of Financial Management is an equal opportunity employer. We strive to create a working environment that includes and respects cultural, racial, and ethnic, sexual orientation and gender identity diversity. Women, racial and ethnic minorities, persons of disability, persons over 40 years of age, and disabled and Vietnam-era veterans are encouraged to apply. Persons needing accommodation in the application process, or who wish to receive this job announcement in an alternative format may call 360-725-0158 or the Telecommunications Device for the Deaf: 711 Relay.
For questions about this recruitment or to request reasonable accommodation in the application process, please email email@example.com or call us at (360) 902-0461. For TTY service, please call the Washington Relay Service at 7-1-1 or 1-800-833-6388.