IT Security - Senior/Specialist

The duty station for this position is in King County therefore the incumbent will receive 5% premium pay in addition to the salary listed above.

The Opportunity:

The Washington State Criminal Justice Training Commission (WSCJTC) is seeking an experienced and highly skilled IT professional to lead and manage the agencys cybersecurity program. As the IT Security Senior Specialist you will be responsible for developing and implementing security strategies ensuring compliance with state and federal standards and supporting the agencys mission of training public safety professionals across Washington State.

If you meet the requirements listed below and are driven by a mission to protect critical information assets enjoy solving complex security challenges and are ready to make a difference we want to hear from you. Come put your IT skills to work in support of public safety training across Washington State!

WSCJTC offers outstanding benefits choice of state retirement programs including a defined benefit pension plan advancement opportunities and flexible/compressed work schedules.

At the WSCJTC we value the importance of creating an environment in which all employees feel respected included and empowered to bring unique ideas to the agency. Our diversity and inclusion efforts include embracing different cultures backgrounds and perspectives while fostering growth and advancement in the workplace.

Primary Responsibilities Include (but are not limited to):

Create Manage and Monitor Security Program
Conduct a comprehensive risk assessment identifying potential vulnerabilities and prioritizing them based on risk level.
Independently design and implement enterprise-wide security infrastructure including strategic goals analysis risk management and policy development.
Develop implementation plans including timelines resource allocation and testing strategies.

Implement Security Infrastructure and Technology Systems
Establish a multi-layered security architecture integrating firewalls IDS/IPS encryption and access control mechanisms.
Lead cross-functional security design discussions and serve as primary on SaaS and application Security Design Reviews (SDRs)
Configure and maintain security infrastructure such as firewalls VPNs and encryption technologies.

Ensure Access and Control and Compliance
Leverage a centralized Identity and Access Management (IAM) system that supports SSO and MFA.
Create and update access management policies and a formalized review procedure.
Develop and enforce formal access review procedures and policies ensuring compliance with OCS policies and industry standards specifically ISO NIST and CGIS standards and protocols.

Analyze Threats and Lead Incident Response
Identify assess and mitigate security threats and vulnerabilities.
Investigate and respond to security breaches or incidents and lead incident response and recovery efforts.
Develop a comprehensive incident response plan (IRP) and disaster recovery plan outlining specific roles communication channels and escalation procedures.
Conduct regular cybersecurity IT technical audits and risk assessments.

Lead Information Security Audits
Develop an IT Security audit checklist for internal and external audits ensuring alignment with WA OCS policies and industry standards.
Serve as the primary liaison for information security auditors.
Lead the WA OCS 3-year mandated cybersecurity audit and internal IT access management audits.

Provide documentation and Reports
Create and update cybersecurity and technical security instructions policies procedures and guidelines.
Create incident after-action reports that identify remediation and root cause(s).
Prepare reports on security incidents vulnerabilities and mitigation strategies.

Required Qualifications/Experience:

• At least seven (7) years dedicated continuous work in information technology.
• Bachelors degree or higher in computer science or field related to information security information security or related field from an accredited institution whose accreditation is recognized by the US Department of Education or the Council for Higher Education Accreditation (CHEA) or a foreign equivalent.
• A professional security certification such as CISSP CISM CISA or Security from a non-vendor specific industry recognized organization such as ISC2 ISACA or the SANS institute.
• At least two (2) years of experience and proficiency in risk analysis security assessments vulnerability analysis and incident response and remediation.
• Experience in information security and network design implementation and support.

Preferred/Desired Qualifications:

• Demonstrated experience in configuring conducting and analyzing vulnerability scans or computer forensics.
• Demonstrated experience analyzing system access and use in compliance with security frameworks including but not limited to NIST and CJIS.
• Knowledge of OCIO WA OCS and NIST frameworks.
• Familiarity with security tools such as intrusion detection systems security information and event management systems and firewalls.

Supplemental Information:

How to Apply:
Applications for this recruitment will be acceptedelectronically through NeoGov. Simply click the green Apply button in the upper right-hand corner to get started.

Please attach the following to your online application:

• A chronological Resume outlining your experience to date.
• A Letter of Interestdetailing your qualifications and why you believe you are the best person for this role and
• A minimum of three (3) professional references who can attest to your work performance technical skills knowledge base and job-related competencies.

We are looking for evidence in your application materials that you have the experience skills and abilities indicated in this job posting. Qualified applicants whose responses most closely match the requirements of this position may be invited to an interview. Carefully review your application before submitting. All information may be verified and documentation may be required.

The initial screening will be solely based on the contents and completeness of the application materials submitted.

Applications from this posting may be used for up to 60 days to fill additional vacancies.

Veterans Preference
Applicants who meet the required qualifications for the position and wish to claim Veterans Preference MUSTattach a copy of their DD214 or other verification of military service. Pleaseblackout any personally identifiable data such as social security numbers. For additional information on Veterans Preference and guidance on how to determine if you are eligibleclickhere.

We thank you and are grateful for your service!

Contact Us:
If you have questions contact Human Resources at

WSCJTC is an equal opportunity employer. Women racial and ethnic minorities persons of disability persons over 40 years of age disabled and Vietnam era veterans and people of all sexual orientations and gender identities are encouraged to apply. Persons with disabilities needing assistance in the application process or those needing this job announcement in an alternative format may contact the listed recruiter. WSCJTC does not use the E-Verify system. For more information please visit Experience:

Senior IC