IT Security Analyst (IT Security - Senior/Specialist)

Full Job Description

WSLCB Vision
Safe communities for Washington State.

Mission
Promote public safety, public health, and trust through fair administration, education, and enforcement of liquor, cannabis, tobacco, and vapor laws.

This position is currently eligible to telework. This position is expected to work in the office up to 2 days a week, there is some flexibility with this requirement.

Who we are

The mission of the Washington State Liquor and Cannabis Board (WSLCB) is to promote public safety, public health, and trust through fair administration, education and enforcement of liquor, cannabis, tobacco, and vapor laws.

We search for people who demonstrate a strong work ethic, excellence in customer service, partnering and teamwork, and quality performance.

We want to create a culture that fosters excellence in customer service, open and honest communication, transparency and accountability, data driven decisions, and business-initiated process improvement.

Our commitment to DEIB

The WSLCB strives to promote Diversity, Equity, Inclusion, and Belonging (DEIB) in all aspects of our work. This includes a commitment to our workforce and external stakeholders.

It is our mission to build, educate, and inspire an inclusive environment that recognizes, respects, and celebrates diversity in the workplace and in the community we serve.

We are committed to maintaining a thriving culture where employees and those we serve feel safe and accepted regardless of education, background, or beliefs.

As a WSLCB team member, you will have opportunity to join statewide business resource groups (BRGs) such as, Rainbow Alliance and Inclusion Network, Veteran Employee Resource Group, Latino Leadership Network, Blacks United in Leadership and Diversity, Disability Inclusion Network, Washington Immigrant Network and Hawaiians, Asians, and Pacific Islanders Promoting an Empowerment Network; Supporting our Voices, Empowering Rights, and Engaging Indigenous Governance; and Interagency Committee of State Employed Women.

WSLCB provides a modern work environment and excellent benefits including:

• A comprehensive benefits package (but not limited to Medical/Dental/Vision, Long Term Disability, Life Insurance etc.)
• Paid Vacation, Leave, and Holidays
• Tuition Waiver (in courses at state universities/colleges on a space availability basis - all or a portion of the tuition/fees may be waived for state employees)
• Tuition reimbursement (courses taken with prior approval in order to further employee’s career development with the WSLCB)
• Training and career development programs (including online courses and LinkedIn Learning)
• A healthy work/life balance (this may include flexible/alternative work schedules and telework/remote work opportunities, when possible)
• Employee Assistance Program- confidential program created to promote the health, safety and well-being of public service employees
• Generous wellness program (we offer reimbursements for certain fitness related activities)
• Onsite exercise facility (for employees working at WSLCB Headquarter Building in Olympia)

Infants at Work Program to promote parent and infant bonding, parental well-being and healthy infant development.

Depending on your job duties, work location and supervisor approval, eligible employees who are new mothers, fathers or legal guardians can bring their infant (six weeks to six months) when they return to work

• Free parking

Your opportunity at a glance

The WSLCB Information Technology Services Division is announcing an exciting opportunity for an IT Security Analyst (IT Security - Senior/Specialist) position in Olympia, WA.

This position reports directly to the Chief Information Security Officer (CISO) in the WSLCB's Information Technology Services Division.

The position serves and complements the WSLCB's mission and goals by managing a security program that establishes standards and practices impacting statewide staff, a dynamic regulatory structure, and applications that collect and disperse revenue for the state.

You will serve as the highest-level authority in IT security, data privacy, continuity of operations (COOP) and disaster recovery (DR) for the WSLCB.

If you have an interest in efficiently and effectively building, securing, testing, maintaining, and improving security and DR/COOP solutions within infrastructure, applications, and databases that support the agency’s mission, goals, and purpose as well as collaborating with cross-agency, cross-divisional, and cross-disciplinary teams to identify and implement improvements to our security architecture and drive accountability for secure technical standards down to every level within the agency and division, we encourage you to apply to be a part of the WSLCB team!

Requirements

Some of the duties you will perform are:

• Lead Vulnerability and Threat Management strategic planning and roadmap development for agency-wide cybersecurity initiatives.
• Conduct comprehensive vulnerability assessments across enterprise applications, hardware, network infrastructure, cloud services, and critical systems to ensure compliance with agency security policies, Washington State standards, and applicable regulatory frameworks.
• Lead vulnerability remediation and risk mitigation efforts by collaborating with infrastructure teams, application development groups, cloud operations, and business unit stakeholders to implement effective and sustainable corrective actions.
• Lead threat management efforts by correlating security telemetry, threat intelligence, and environmental context to identify emerging attack patterns, assess risk exposure, and prioritize response actions.
• Detect and respond to advanced cybersecurity threats through real-time monitoring, behavioral analysis, and automated alerting to rapidly contain incidents and minimize operational impact.
• Conduct proactive threat hunting and in-depth log analysis using available tools to identify indicators of compromise, anomalous behavior, lateral movement attempts, and potential vulnerabilities within the agency's environment prior to incident escalation.
• Serve as a senior incident responder, performing forensic investigation, evidence preservation, root cause analysis, comprehensive documentation, and coordination of remediation efforts with impacted teams.
• Lead comprehensive internal security risk assessments to identify, evaluate, and mitigate technology-related risks affecting agency systems, data, and operations.
• Conduct quantitative and qualitative risk analyses to support data-driven decision-making by IT leadership and executive management.
• Lead formal Security Design Reviews in collaboration with enterprise architects, development teams, and cybersecurity staff to ensure new systems, applications, and infrastructure align with Agency and WaTech enterprise security architecture standards, policy requirements, and secure design principles throughout planning, development, and implementation phases.
• Manage the tracking, coordination, and remediation of security audit findings resulting from external assessments, compliance reviews, and regulatory examinations.
• Lead agency-wide Governance, Risk, and Compliance (GRC) initiatives, providing senior-level technical expertise to strengthen cybersecurity oversight, accountability, and risk management practices across the organization.
• Drive the development and refinement of cybersecurity policies, procedures, and standards, ensuring they remain aligned with Washington State requirements, evolving threat landscapes, and operational realities.

Qualifications

Required Qualifications:

Experience for required qualifications can be gained through various combinations of formal professional employment and educational experience. See below for how you may qualify.

Option 1:

Seven (7) years of professional experience in one or more of the following IT disciplines: IT security, firewall administration, vulnerability management, penetration testing, server administration, network administration, or systems analysis.

AND

At least 1 year experience in at least two of the following: Security Assessments, Vulnerability Scanning, Firewall Management, Intrusion Detection/Prevention, Security Reviews, Threat hunting, or IT Project Management.

AND

At least 2 years of working knowledge of MS Sentinel(SEIM), BlueVoyant (MDR), Microsoft Defender for endpoint, Securin ASM and Risksense, CISSP, CISM, CEH, GIAC, CompTIA Security+, CC or similar.

AND

Familiarity with Washington State Security Policies, NIST Framework, CJIS, and other regulatory frameworks relevant to Cybersecurity within the agency.

Option 2:

An Associate’s degree in an IT program or closely related field.

AND

Five (5) years of professional experience in one or more of the following IT disciplines: IT security, firewall administration, vulnerability management, penetration testing, server administration, network administration, or systems analysis.

AND

At least 1 year experience in at least two of the following: Security Assessments, Vulnerability Scanning, Firewall Management, Intrusion Detection/Prevention, Security Reviews, Threat hunting, or IT Project Management.

AND

At least 2 years of working knowledge of MS Sentinel(SEIM), BlueVoyant (MDR), Microsoft Defender for endpoint, Securin ASM and Risksense, CISSP, CISM, CEH, GIAC, CompTIA Security+, CC or similar.

AND

Familiarity with Washington State Security Policies, NIST Framework, CJIS, and other regulatory frameworks relevant to Cybersecurity within the agency.

Option 3:

A Bachelor’s degree or above in an IT program or closely related field.

AND

Three (3) years of professional experience in one or more of the following IT disciplines: IT security, firewall administration, vulnerability management, penetration testing, server administration, network administration, or systems analysis.

AND

At least 1 year experience in at least two of the following: Security Assessments, Vulnerability Scanning, Firewall Management, Intrusion Detection/Prevention, Security Reviews, Threat hunting, or IT Project Management.

AND

At least 2 years of working knowledge of MS Sentinel(SEIM), BlueVoyant (MDR), Microsoft Defender for endpoint, Securin ASM and Risksense, CISSP, CISM, CEH, GIAC, CompTIA Security+, CC or similar.

AND

Familiarity with Washington State Security Policies, NIST Framework, CJIS, and other regulatory frameworks relevant to Cybersecurity within the agency.

ALSO

The following professional IT certifications can substitute 1 year of experience for each certificate:
CISSP, CISM, CEH, GIAC, CompTIA Security+, CC or similar.

Preferred/Desired Qualifications:

• CISSP - Certified Information Systems Security Professional Certification.
• Working level knowledge of Cloud, MS Azure, and Google.
• Experience with Security Tools not listed above (e.g., Splunk, CrowdStrike, Tenable, Qualys, Palo Alto, Fortinet)

If you are excited about this role but not sure if your experience aligns perfectly with every qualification in the job description, we encourage you to apply.

At the Washington State Liquor and Cannabis Board, we are dedicated to building a diverse and authentic workplace centered in belonging. You may just be the needed candidate for this or other roles.

Additional Information

1. Completed online application.
2. Current Resume.
3. Letter of Interest describing how you meet the specific qualifications for the position.
4. Three professional references to include a current or recent supervisor with email addresses and phone numbers.

**A resume will not substitute for completing the "work experience" section of the application.

The information provided in your application and supplemental questionnaire must support your selected answers in the supplemental questions. Responses not supported in your application will disqualify you for consideration of employment from this recruitment.

Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.

Other
Applicants for employment with the Washington State Liquor and Cannabis Board should also be aware of RCW 66.08.080, which states in part: "No employee of the board shall have any interest, directly or indirectly, in the manufacture of liquor sold under this title, or derive any profit or remuneration from the sale of liquor, other than the salary or wages payable to him in respect of his office or position, and shall receive no gratuity from any person in connection with such business.

RCW 69.50.351, no member of the state liquor and cannabis board and no employee of the state liquor and cannabis board shall have any interest, directly or indirectly, in the producing, processing, or sale of cannabis, useable cannabis, or cannabis-infused products, or derive any profit or remuneration from the sale of cannabis, useable cannabis, or cannabis-infused products other than the salary or wages payable to him or her in respect of his or her office or position, and shall receive no gratuity from any person in connection with the business.

The Washington State Liquor and Cannabis Board is an equal opportunity employer and encourages applications from job seekers with diverse backgrounds. Honoring diversity, equity and inclusion means that as an agency, and as individuals, we are committed to ensuring that all employees enjoy a respectful, safe, and supportive working environment.

All qualified applicants will receive consideration for employment without discrimination based on sex, race, creed, religion, color, national origin, age, honorably discharged veteran or military status, sexual orientation including gender expression or identity, the presence of any sensory, mental, or physical disability, or the use of a trained dog guide or service animal by a person with a disability. You are welcome to include your name and gender pronouns in your application, to ensure we address you appropriately throughout the application process.

For questions about this recruitment, or to request reasonable accommodation in the application process, please email hrjobs@lcb.wa.gov or call (360) 664.1720For TTY service, please call the Washington Relay Service at 7-1-1 or 1-800-833-6384.