Employer: Washington State Department of Transportation
Washington State Department of Transportation (WSDOT) is the steward of an integrated, multimodal transportation system that helps to ensure people and goods move safely and efficiently throughout the state. In addition to building, maintaining, and operating the state highway system, WSDOT operates the largest ferry system in the nation, manages the world's longest floating bridge, and recently completed the world's widest tunneling project.
WSDOT Information Technology Operations Team at Washington State Ferries (WSF) is currently seeking an IT Security Analyst in Seattle, WA. This is a project (limited duration) position expected to last until June 20, 2025.This position is the Ferries Division senior technical expert that provides cybersecurity guidance to improve our applications, systems, and infrastructure security in alignment with the WSDOT Cybersecurity Office. This position applies advanced technical knowledge on a wide range of principles to develop and manage the cybersecurity program to evaluate risks and vulnerabilities, and to develop, implement, and manage strategies to address risk and vulnerabilities. The IT Security Analyst will be involved in hands-on security assessments, developing, and providing guidance and standards, leading remediation, and mitigating efforts, devising methods and processes to analyze problems, and advocating security best practices for assets including computers, networks, programs, cloud resources and data. This position will work with the WSDOT Cybersecurity Office to help interpret the Office of the Chief Information Officer (OCIO) Security Standards, Payment Card Industry Data Security Standards (PCI-DSS), and any mandated compliance security standards set forth by federal and state regulatory requirements to define how they impact the Ferries Division. The analyst will work with the Ferries IT team to communicate cybersecurity related information, including educating staff on best practices by developing and implementing cybersecurity training programs.
What to Expect
The IT Security Analyst will take an active technical role in performing necessary tasks to protect various applications, systems, and infrastructure from risks, threats, and vulnerabilities, working with the other technical leads throughout the state who specialize in those areas. The analyst will play a key role in securing information systems by monitoring, detecting, investigating, analyzing, and responding to security events.
Among the varied range of responsibilities held within this role, the IT Security Analyst will:
Maintain, monitor, troubleshoot, and manage the cybersecurity of all WSF IT environments (including Cloud, Corporate and Payment Card Industry (PCI) environments), ensuring compliance and performing required daily, weekly, and annual related and required tasks
Ensure the integrity, confidentiality, and protection of WSF networks and data for Corporate and CDE networks with a focus on reporting and accountability.
Use advanced diagnostic tools and methods such as cybersecurity reports, vulnerability scan data, discovery software, testing software and hardware, packet capture software, performance and resource monitors, and security information and event management tools to conduct security audits.
Monitor IT systems performance to identify irregular activity.
Perform IT security assessments to identify potential risks, develop remediation plans and takes immediate action where needed.
Individually lead or work with a team to evaluate current and new security controls for systems to validate effectiveness.
Assist in the analysis of and response to cyber security incidents including forensic analysis.
Assist the WSDOT Cybersecurity Office and vendor QSAs with the collection of evidence and proof of compliance with relevant policies and standards.
Plan and organize cybersecurity aspects and responsibilities for newly commissioned projects towards their successful completion.
Development of project charters, schedules, cost analysis and other project management documentation.
To be considered for this opportunity, the following are required:
Bachelor’s Degree and four (4) years of experience in Information Technology, Cybersecurity, Computer Science, or related field – OR – Associate degree and six (6) years of experience in Information Technology, Cybersecurity, Computer Science, or related field.
Strong advanced troubleshooting skills and problem solving with an ability to make independent decisions and judgements about workflows and work priorities.
Three (3) years of experience in cybersecurity within two or more of the following cybersecurity technologies:
Intrusion detection and prevention
Incident response and handling
It is preferred that qualified candidates also have:
Experience with project management principles and best practices for successfully leading efforts related to cybersecurity implementations.
Working knowledge of cybersecurity requirements such as WA State OCIO Security Standards, Payment Card Industry Data Security Standards, CIS Critical Security Controls, and NIST Cybersecurity Framework.
Advanced cybersecurity certifications in one or more of the following:
GIAC Security Essentials Certification (GSEC)
Systems Security Certified Practitioner (SSCP)
Certified Information System Security Professional (CISSP)
Global, Information, Assurance, Certification (GIAC)
*To review the full Position Description, please contact the recruiter listed in the Contact Us section of this posting.
This recruitment may also be used to fill additional positions per business needs.
In addition to base salary, employees may be entitled to other forms of compensation depending on the type, duties, or location of the position. For union-represented positions, more information on other forms of compensation can be found in the applicable Collective Bargaining Agreements. Information on other compensation types for non-represented positions can be found in Chapter 357-28 of the Washington Administrative Code.
This position offers flexible/hybrid remote work options.
This is a project (limited duration) opportunity, expected to last until June 20, 2025.
The salary listed for this position includes a legislative approved 5% premium for workers in King County.
Washington Administrative Code (WAC) 357-16-197 mandates that all employees who work for executive cabinet agencies (which includes the Department of Transportation) must be fully vaccinated against COVID-19. Compliance with this mandate is a condition of employment with WSDOT. Exemption may be granted for religious or medical purposes; however, accommodations will be subject to approval based on the essential functions required of the position.
WSDOT does not use the E-Verify system. For more information, please visit www.uscis.gov
Work-Life Balance – We are committed to ensure that our staff experience the reward of public service, while also sustaining a routine that suits each individuals’ lifestyle. As such, there are a number of flexible schedule options available, including occasional telework for eligible positions.
Paid Leave – In addition to 12 paid holidays, full-time employees may earn up to 25 paid vacation days per year!
Tuition Assistance – Permanent employees have several options for assistance with education expenses, including tuition reimbursement programs, government discounts at participating colleges throughout the state, and eligibility for federal student loan forgiveness.
Plan For Your Future – WSDOT offers a comprehensive benefits package that includes a variety of healthcare options. Employees also have their choice of state retirement programs, and much more. Go to State Benefits for more information.
How to Apply
Applications for this recruitment will be accepted electronically. Your relevant experience may be evaluated to determine salary. Therefore, it is very important that the “Work Experience” portion of the application be completed in as much detail as possible.
In order to be considered for this opportunity, please include the following with your online application:
An attached Resume outlining (in reverse chronological order) your experience to date.
An attached Cover Letter that further explains your qualifications and indicates why you believe you are a viable candidate for this role.
Contact details for a minimum three (3) individuals who can attest to your work performance, technical skills, and job-related competencies. NOTE: This information may be entered in the “References” section of the online application; does not require an additional attachment.
WSDOT is an equal opportunity employer. We value the importance of creating an environment in which all employees can feel respected, included and empowered to bring unique ideas to the agency. Our diversity and inclusion efforts include embracing different cultures, backgrounds and viewpoints while fostering growth and advancement in the workplace. Women, racial and ethnic minorities, persons of disability, persons over 40 years of age, disabled and Vietnam era veterans, as well as people of all sexual orientations and gender identities are encouraged to apply. Persons with disabilities needing assistance in the application process, or those needing this job announcement in an alternative format may contact the listed Recruiter.
For inquiries about this posting, you may contact the assigned Recruiter, Robyn Lovely at LovelyR@wsdot.wa.gov. Please be sure to reference 23DOT-HQ-0P393 in the subject line.
Contact Person: Robin Lovely
Location: King County - Seattle - Downtown Business, WA
Application Method: Apply online https://www.governmentjobs.com/careers/washington/wsdot/jobs/3938860/it-security-analyst
Base Pay: $92,660 - $124,651 annually
2011 W. Washington Ave
Yakima, WA 98903