IT Security Analyst (IT Security SeniorSpecialist)

WSLCB Vision
Safe communities for Washington State.

Mission
Promote public safety public health and trust through fair administration education and enforcement of liquor cannabis tobacco and vapor laws.

This position is currently eligible to telework.This position is expected to work in the office up to 2 days a week there is some flexibility with this requirement.

Who we are

The mission of theWashington State Liquor and Cannabis Board(WSLCB) is to promote public safety and trust through fair administration education and enforcement of liquor cannabis tobacco and vapor laws. At the WSLCB we pride ourselves on creating the wow factor in everything we do. We search for people who demonstrate a strong work ethic excellence in customer service partnering and teamwork and quality performance. We strive to be a great place to work by fostering a safe open inclusive and healthy work environment. We want to ensure that our organization is as diverse and inclusive as our great State of Washington.

We want to create a culture that fosters excellence in customer service open and honest communication transparency and accountability data driven decisions and business initiated process improvement.

The WSLCB Information Technology Services Division is announcing an exciting opportunity for an IT Security Analyst (IT Security - Senior/Specialist)position inOlympia WA.This position reports directly to the Chief Information Security Officer (CISO) in the WSLCBs Information Technology Services Division. The position serves and complements the WSLCBs mission and goals by managing a security program that establishes standards and practices impacting statewide staff a dynamic regulatory structure and applications that collect and disperse revenue for the state. You will serve as the highest-level authority in IT security data privacy continuity of operations (COOP) and disaster recovery (DR) for the WSLCB.

WSLCB provides a modern work environment and excellent benefits including:

• A comprehensive benefitspackage (butnot limited to Medical/Dental/Vision Long Term Disability Life Insurance etc.)
• Paid Vacation Leave and Holidays
• TuitionWaiver (in courses at state universities/colleges on a space availability basis - all or a portion of the tuition/fees may be waived for state employees)
• Tuition reimbursement (courses taken with prior approval in order to further employees career development with the WSLCB)
• Training and career development programs (including online courses and LinkedIn Learning)
• A healthy work/life balance (this may include flexible/alternative work schedules and telework/remote work opportunities when possible)
• Employee Assistance Program- confidential program created to promote the health safety and well-being of public service employees
• Generous wellness program (we offer reimbursements for certain fitness related activities)
• Onsite exercise facility (for employees working at WSLCB Headquarter Building in Olympia)
• Infants at Work Program to promote parent and infant bonding parental well-being and healthy infant development. Depending on your job duties work location and supervisor approval eligible employees who are new mothers fathers or legal guardians can bring their infant (six weeks to six months) when they return to work
• Free parking

Some of the duties you will perform are:

• Lead Vulnerability and Threat Management strategic planning and roadmap development for agency-wide cybersecurity initiatives.
• Conduct comprehensive vulnerability assessments across enterprise applications hardware network infrastructure cloud services and critical systems to ensure compliance with agency security policies Washington State standards and applicable regulatory frameworks.
• Lead vulnerability remediation and risk mitigation efforts by collaborating with infrastructure teams application development groups cloud operations and business unit stakeholders to implement effective and sustainable corrective actions.
• Lead threat management efforts by correlating security telemetry threat intelligence and environmental context to identify emerging attack patterns assess risk exposure and prioritize response actions.
• Detect and respond to advanced cybersecurity threats through real-time monitoring behavioral analysis and automated alerting to rapidly contain incidents and minimize operational impact.
• Conduct proactive threat hunting and in-depth log analysis using available tools to identify indicators of compromise anomalous behavior lateral movement attempts and potential vulnerabilities within the agencys environment prior to incident escalation.
• Serve as a senior incident responder performing forensic investigation evidence preservation root cause analysis comprehensive documentation and coordination of remediation efforts with impacted teams.
• Lead comprehensive internal security risk assessments to identify evaluate and mitigate technology-related risks affecting agency systems data and operations.
• Conduct quantitative and qualitative risk analyses to support data-driven decision-making by IT leadership and executive management.
• Lead formal Security Design Reviews in collaboration with enterprise architects development teams and cybersecurity staff to ensure new systems applications and infrastructure align with Agency and WaTech enterprise security architecture standards policy requirements and secure design principles throughout planning development and implementation phases.
• Manage the tracking coordination and remediation of security audit findings resulting from external assessments compliance reviews and regulatory examinations.
• Lead agency-wide Governance Risk and Compliance (GRC) initiatives providing senior-level technical expertise to strengthen cybersecurity oversight accountability and risk management practices across the organization.
• Drive the development and refinement of cybersecurity policies procedures and standards ensuring they remain aligned with Washington State requirements evolving threat landscapes and operational realities.

Required Qualifications:

Experience for required qualifications can be gained through various combinations of formal professional employment and educational experience. See below for how you may qualify.

Option 1:

AND

AND

AND

Option 2:

An Associates degree in an IT program or closely related field.

AND

Five (5) years of professional experience in one or more of the following IT disciplines: IT security firewall administration vulnerability management penetration testing server administration network administration or systems analysis.

AND

AND

AND

Option 3:

A Bachelors degree or above in an IT program or closely related field.

AND

Three (3) years of professional experience in one or more of the following IT disciplines: IT security firewall administration vulnerability management penetration testing server administration network administration or systems analysis.

AND

AND

AND

ALSO

Preferred/Desired Qualifications:

• CISSP - Certified Information Systems Security Professional Certification.
• Working level knowledge of Cloud MS Azure and Google.
• Experience with Security Tools not listed above (e.g. Splunk CrowdStrike Tenable Qualys Palo Alto Fortinet)

If you are excited about this role but not sure if your experience aligns perfectly with every qualification in the job descriptionwe encourage you to apply.At the Washington State Liquor and Cannabis Board we are dedicated to building a diverse and authentic workplace centered in belonging. You may just be the needed candidate for this or other roles.

1. Completed online application.
2. Current Resume.
3. Letter of Interest describing how you meet the specific qualifications for the position.
4. Three professional references to include a current or recent supervisor with email addresses and phone numbers.