IT Security - Journey

Full Job Description

The Office of Secretary of State (OSOS) offers some of the most unique and diverse job opportunities in state government. Its critical responsibilities include: ensuring a fair and accurate elections process; connecting Washingtonians through the power of libraries; protecting our important government records; and registering corporations and charities. The Secretary of State also administers vital community programs that inspire giving, document our history, and assist crime survivors in avoiding further abuse. This independent office under the state Constitution operates from facilities in the Olympia area and statewide.

The OSOS is looking for top-performing employees who embody its core values of integrity, service excellence, visionary leadership, collaboration and teamwork. It is committed to both employee growth and work-life balance. The benefits of working in state government also include potential eligibility for the federal Public Service Loan Forgiveness program.

The Information Security & Response (ISR) Division protects against cybersecurity threats and provides strategic elections messaging that enhances the security of and improves public confidence in the Office of the Secretary of State. The ISR Division has 17 employees who report to the ISR Director. These employees are based at our Olympia-area Secretary of State facility and at the Digital Archives in Cheney. The information security (IS) section consists of the Chief Information Security Officer (CISO), IS Project Manager, VoteWA Development Manager, Risk, Compliance and Quality Control (RCQC) team and the IS Operations (Ops) team. The Ops team is comprised of six members on the east and west side of Washington state. The Ops team supports and manages cybersecurity operations and projects, and reports to the CISO.

This position provides systems administration and cybersecurity capabilities in support of the agency’s security goals and objectives.

The primary security objective is to detect, respond to, and mitigate cybersecurity incidents.

The incumbent supports this objective by implementing, administering, and maintaining OSOS systems and software used in cybersecurity operations.

The ISR System Administrator performs technical work independently and collaboratively as part of a team of cybersecurity and other IT professionals.

Requirements

Duty: Complete routine tasks using security appliances and cloud applications.
Tasks include:

• Performs routine systems administration and security tasks across security appliances, cloud platforms, and enterprise systems.
• Configures, supports, and audits user access to security appliances, cloud applications, and system resources.
• Maintains identity proofing and access controls to ensure appropriate authentication, authorization and accounting of system access.
• Implements and follows best practices for secure system and application development, including the use of static and dynamic analysis tools for frameworks, custom code libraries, and security tools.
• Monitors and manages scheduled backup jobs to ensure successful completion, data integrity, and recoverability.
• Collaborates with development teams, IT support, and management to optimize server/network performance, minimize downtime, and strengthen security posture.
• Assesses, plans, tests, and implements configuration changes that impact application functionality and system integrations.

Duty: Triage security events for further analysis and investigation.
Tasks include:

• Monitors security and systems administration tools for notable alerts and events and escalates issues to the appropriate system administrator or supervisor for further analysis.
• Performs initial triage of security and system events, collecting relevant information to support investigation and troubleshooting activities.
• Conducts incident investigations, reports findings to stakeholders, and recommends corrective actions.
• Proactively identifies and implements data quality assurance procedures to ensure the integrity and reliability of system and security information.

Duty: Daily security operations and incident response.
Tasks include:

• Conducts security audits and risk assessments, applying internal best practices to evaluate system and network security.
• Utilizes foundational knowledge of digital forensics to identify, detect, and remediate misconfigurations.
• Assists in incident response activities, including threat hunting and playbook development, to support incident containment and mitigation.
• Coordinates and schedules necessary maintenance with OSOS service teams or through pre-approved security and systems administration tools.
• Monitors and supports on-premises and cloud-based security applications and platforms to ensure continuous protection and operational state.
• Assesses the effectiveness of system security controls using approved security testing techniques.
• Identifies and recommends updates to security policies, standards, and processes to align with agency requirements and industry best practices.

Duty: Maintain technical and communication skills.
Tasks include:

• Actively seeks out and participates in IT security-related professional conferences and training, including both agency-directed and self-directed professional development.
• Reads and leads discussions on technical publications and periodicals.
• Conducts research and appropriate experimentation.
• Obtains and maintains relevant security certifications.

Duty: Other

• Other duties as assigned.

Qualifications

Required Qualifications:

• Four years of information technology experience, which may include designing, installing, configuring, and maintaining security systems such as network firewalls; advanced intrusion detection and prevention hardware and related software; server hardware; robotic tape backup systems; and network infrastructure equipment,
  • OR an Associate of Arts (AA) degree and three years of relevant information technology experience,
  • OR a Bachelor of Science (BS) degree and two years of relevant information technology experience.
• Ability to efficiently use a personal computer and applicable software to successfully perform the essential job functions of the position.
• Ability to read and write English Language.

Desired Qualifications:

• CompTIA Security+ or equivalent certification.
• Familiarity with scripting and programming languages such as PowerShell, Python and JavaScript.
• Familiarity with querying databases using specific parameters to retrieve desired information.
• Current Washington State driver’s license.

PLEASE READ: If you have gotten this far and are thinking you do not qualify, consider again. Studies have shown that members of historically marginalized and underrepresented communities, specifically women and people of color, are less likely to apply to jobs unless they clearly meet every single qualification.

At the Office of the Secretary of State, we are dedicated to building a diverse and authentic work force with a foundation of belonging. If you are excited about this role and have relevant experience and skills, but question whether your experience aligns perfectly with every qualification in the job description, we encourage you to apply regardless. You may just be the ideal candidate this office needs.

Additional Information

Working Conditions In this position, the incumbent works primarily in an office setting, which will require the ability to sit and/or stand for extended periods of time. The standard work hours are Monday-Friday 8am - 5pm; however, work can be required outside of standard hours to include evenings, weekends, and holidays. May travel interstate to attend meetings and training. The incumbent in this position must be able to represent the Office of the Secretary of State in a competent, confident, and professional manner, including professional dress, and be able to clearly and effectively communicate ideas and information both verbally and in writing, and work successfully with a wide variety of people in a team environment. The incumbent in this position must have the ability to work under pressure, meet deadlines, and coordinate with other operational areas to execute security response.

This position is in a bargaining unit represented by the Washington Federation of State Employees (WFSE) and is subject to the terms of the Collective Bargaining Agreement between the State of Washington, The Office of the Secretary of State, and the WFSE.

Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant’s suitability and competence to perform in the position.

How to Apply

• To be considered for this position you must attach the following:
  • Current Resume
  • Letter of Interest
  • Three Professional references. Personal references will not be considered.

You must complete the supplemental questions at the end of this application. Incomplete responses such as "see resume" will not be considered.

In addition, if the employer you identify in the additional information section is not included on your resume or work experience profile and/or you do not identify an employer, you will not receive credit.

• All veterans must include a copy of your DD214 to receive preference in the hiring process. You must black out your social security number before attaching it to your application.

The Office of the Secretary of State is an equal opportunity employer (EOE). We do not
discriminate on the basis of religion, age, sex, marital status, color, creed, national origin, political affiliation, military status, sexual orientation, or any real or perceived sensory, mental or physical ability. All interested candidates are encouraged to apply. Persons of disability needing assistance in the application process, or those needing the announcement in alternative format, should call (360) 999-9483.