The Office of Secretary of State (OSOS) offers some of the most unique and diverse job opportunities in state government. Its critical responsibilities include: ensuring a fair and accurate elections process; connecting Washingtonians through the power of libraries; protecting our important government records; and registering corporations and charities. The Secretary of State also administers vital community programs that inspire giving, document our history, and assist crime survivors in avoiding further abuse. This independent office under the state Constitution operates from facilities in the Olympia area and statewide.

The OSOS is looking for top-performing employees who embody its core values of integrity, service excellence, visionary leadership, collaboration and teamwork. It is committed to both employee growth and work-life balance. The benefits of working in state government also include potential eligibility for the federal Public Service Loan Forgiveness program.

The Information Security & Response (ISR) Division provides cybersecurity, information technology, and a messaging capability to support the integrity of the election process within Washington. The ISR Division has 12 employees who report to the ISR Director. These employees are based in either an Olympia-area facility, a Secretary of State facility within the State of Washington, or a remote work environment due to market circumstances and space limitations. The Information Security unit consists of the Chief Information Security Officer, InfoSec Project Manager, Two InfoSec Team Supervisors and Four InfoSec Systems Administrators.

Duty: Risk Analysis and Vulnerability Management
Tasks include:

• 
  Utilizes SIEM technology to analyze disparate data sources to detect, analyze, and respond to security events and investigations
• Identifies security issues and risks, develop mitigation recommendations
• Maps networks to discover connected assets and maintain visibility and awareness of targets in scope for protection and remediation
• Conducts vulnerability scans and report results to relevant stakeholders, retest and report to provide remediation quality assurance
• Performs assessments of the network, applications, and devices to determine if security vulnerabilities exist and/or if security and access control policies have been violated
• Monitors threat intelligence sources and news of emerging vulnerabilities or exploits to assess potential impacts and identify actions needed for response

• Supervises and leads security team to complete security operations and project tasks
• Supervises, and leads security team in performing incident response actions appropriate to the nature of the incident (identify, locate, quarantine, remediate, recover)
• Leads assigned resources for periodic internal assessments and audit exercises
• Serves as the point of escalation for staff and customers to resolve technical problems
• Ensures that supervised staff have the information, resources, and authority to complete assignments and meet documented expectations
• Recognizes staff accomplishments that meet division goals
• Communicates division and agency direction and priorities to staff, seeking input and feedback

• Advocates security and secures practices through promotion of education and awareness
• Collaborates and partners with IT peers and customers to reduce risk and improve security
• Works closely with the CISO and CIRT partners in prevention, detection, and response activities
• Identifies logging requirements and implement feeds to ensure scope of data reporting to collectors is appropriate for needed visibility
• Tunes SIEM feeds and filters to provide actionable information on incidents that pose the most risk.
• Provides requirements for design, configuration, and implementation of security focused tools and solutions
• Conducts and participates in design review processes to provide requirements and champion changes to maintain or enhance security
• Advises and consults on risk assessments, threat modeling, and vulnerability remediation
• Partners in implementation of security initiatives for change

• Aligns agency framework to federal and industry-wide best practices and requirements
• Provides input to develop and refine existing security policies and procedures
• Identifies gaps and pain points
• Develops options and solutions for policy or procedure improvements
• Assesses stakeholder and business impacts for change
• Communicates recommendations

• Reading and leading discussions on technical books and periodicals
• Mentors and trains other OSOS employees in the importance of security while staying current in technology
• Seeks out and consumes IT Security related training, both agency-directed and other
• Develops and delivers IT Security related training and presentations, to diverse audiences both within and outside state government
• Conducts research and appropriate experimentation
• Obtains and maintains relevant security certifications

Required Qualifications:

• Eight years of experience as an Information Technology Applications/Systems Specialist including experience working as a Senior Information Technology (IT) Security Specialist with Information Security Operations responsibilities and expert level knowledge of security technologies such as Web Proxies, Intrusion Detection, Vulnerability Management, Endpoint Defense systems, and Investigation and Forensics tools. A combination of relevant education and IT Security experience totaling eight years.

• Bachelor's degree including 9 semester or 15 quarter hours of computer science courses AND four years' experience working as a Senior Information Technology (IT) Information Security Specialist with expert level knowledge of security technologies such as Web Proxies, Data Loss Prevention (DLP), Security Information Event Management (SIEM) implementation, Intrusion Detection, Incident Response & Investigation, Vulnerability Management and Endpoint Defense systems.

• Master's Degree in computer science or related degree AND two years of the experience listed above.

• Experience with Programming or Scripting Languages
• Experience developing and implementing information security operations controls, guidelines and procedures
• Understanding of advanced protocols and standards, including a demonstrated ability to perform complex analysis and metrics.
• Knowledge of information security frameworks and industry regulations (NIST, PCI, HIPAA, CSC)
• Information security certifications like CISSP, GIAC's GCED, GPEN, GWAPT, GCIH

There are two openings for this full-time position with the division of Information Security and Response, and they are available in both Thurston and Spokane counties.

When applying for this position, please be sure to annotate your desired/preferred location via the supplemental questions.

Working Conditions
In this position, the incumbent works primarily in an office setting, which will require the ability to sit and/or stand for extended periods of time. The standard work hours are Monday-Friday 8am - 5pm; however, work can be required outside of standard hours to include evenings, weekends, and holidays. Regular travel to local offices is required and occasional travel to county offices is required. The incumbent in this position must be able to represent the Office of the Secretary of State in a competent, confident, and professional manner, including professional dress, and be able to clearly and effectively communicate ideas and information both verbally and in writing, and work successfully with a wide variety of people in a team environment. The incumbent in this position must have the ability to work under pressure, meet deadlines, and coordinate with other operational areas to execute security response.

All employees of the Office of the Secretary of State are required to be fully vaccinated and show proof against COVID-19. Your vaccine status will be verified by Human Resources (HR) prior to your first day of employment. Please contact the HR Consultant overseeing this recruitment if you need information on medical or religious accommodation at (360) 480-4871.

How to Apply

• 
  To be considered for this position you must attach the following:
  • Current Resume
  • Three Professional references. Personal references will not be considered.
• You must complete the supplemental questions at the end of this application. Incomplete responses such as "see resume" will not be considered. In addition, if the employer you identify in the additional information section is not included on your resume or work experience profile and/or you do not identify an employer, you will not receive credit.
• All veterans must include a copy of your DD214 to receive preference in the hiring process. You must black out your social security number before attaching it to your application.
• Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.
• Must have current Washington state driver's license or have requested and obtained an appropriate accommodation.