L&I IT Security Vulnerability Management - Journey
Role details
Job location
Tech stack
Job description
In this highly specialized position, you'll lead the configuration, implementation, and optimization of advanced security solutions that protect our systems, networks, and data. Your expertise will directly support a robust IT security program focused on maintaining the confidentiality, integrity, and availability of mission-critical resources.
You'll be at the forefront of cybersecurity-proactively planning, analyzing, and enhancing security policies, tools, and procedures that empower staff and strengthen our defenses. This role goes beyond maintenance; you'll continuously assess and monitor complex environments to uncover vulnerabilities and drive meaningful corrective action before risks become threats.
As a trusted Security Engineer, you'll take ownership of identifying and prioritizing vulnerabilities across a diverse technology landscape, including on-premise, hosted, and cloud-based systems. Your work will be essential in mitigating risks that could otherwise lead to system breaches or data compromise.
You'll also serve as a key advisor, partnering with IT leadership, technical teams, vendors, and contractors to provide expert guidance on security risks and solutions, ensuring that security is embedded into every layer of our operations.
If you're passionate about cybersecurity, thrive in a dynamic environment, and want to make a tangible impact, this is your opportunity to step into a role where your skills truly matter.
Duties
Some of what you will be doing * Vulnerability Management, including:
-
Configure the vulnerability assessment tools to match L&I standards and Center for Internet Security ( CIS)
-
Create, implement, and follow procedures for vulnerability scanning
-
Perform on demand scans for newly implemented systems
-
Create Key Performance Indicator (KPI) reports and recommend enterprise mitigation strategies
-
Analyze vulnerabilities to determine impact to our environment, eliminate false positives, research and articulate business impact to the agency.
-
Develop vulnerability tests. risk analysis and security assessments
-
Prioritize vulnerabilities and risks
-
Identify trends and enterprise problem areas
-
Test new L&I systems and applications for vulnerabilities before they go live.
- Security Consulting, including:
- Security consultant to L&l business areas and L&I IT staff and IT leadership
- Translate technical security concepts for customers and audiences with differing levels of technical understanding.
- Security Monitoring/ Response, including:
-
Analyze, research and assess agency risk using ITSS security defenses and services and determine appropriate response
-
Develop, design, implement and provide requirements to Tier 1 and Tier 2 personnel
-
Coordinate threat containment and remediation activities with the system owner(s).
- Manage Security Awareness training program, including:
- PhishFirewall - Act as the administrator
- Analyze requests for new Access Control Lists
- Propose Security Awareness training curriculum
- Research and propose security training content
- Project Management & New Solution implementation, including:
- Managing work breakdown structures and coordinating work efforts with other teams
- Develop, design, and implement new processes and technology to keep the risks to our systems and vulnerabilities low, * For positions requiring travel, you must have a valid unrestricted driver's license and have insurance if driving a privately owned vehicle on state business.
- This position is represented by the Washington Federation of State Employees (WFSE).
- Candidates who are offered a job with L&I must possess work authorization that does not require sponsorship by the employer for a visa now or in the future.
- The Department of Labor & Industries complies with the employment eligibility verification requirements of the federal employment eligibility verification form, I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
- Please note: L&I may use this announcement to fill multiple permanent and/or non-permanent positions.
Requirements
Do you have experience in Research?, Do you have a Associate's degree?, Required
- Six years of IT experience with at least two years of IT Security experience
OR
- A bachelor's degree in information technology, Information Assurance, Computer Science and two (2) years of IT experience with at least one (1) year of IT Security experience.
OR
- An associate's degree in information technology, Information Assurance, Computer Science and four (4) years of IT experience with at least one (1) year of IT Security experience.
**For this role, IT Security Experience must include experience in two or more of the following security technologies:
- Digital Forensics * User Management
- General Cybersecurity * Network Security
- Security Assessments * Desktop Security
- Identity & Access Management * Access Control
- Security Gateway Management * Vulnerability or Threat Management
Desired Formal security training or certifications, such as:
- Certified Information Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- IT Security or Information Assurance College Courses., To learn more about our hiring process timeline at L&I please visit our L&I recruiting page at Hiring Process at L&I. If you would like to read our website in a language other than English, scroll up to the top of the page to select your language of choice from the banner.
Benefits & conditions
3.43.4 out of 5 stars Tumwater, WA Hybrid work $84,120 - $113,148 a year - Full-time, Pulled from the full job description
- Flexible schedule