IT Security - Journey

The Office of Secretary of State (OSOS) offers some of the most unique and diverse job opportunities in state government. Its critical responsibilities include: ensuring a fair and accurate elections process; connecting Washingtonians through the power of libraries; protecting our important government records; and registering corporations and charities. The Secretary of State also administers vital community programs that inspire giving, document our history, and assist crime survivors in avoiding further abuse.

This independent office under the state Constitution operates from facilities in the Olympia area and statewide.

The OSOS is looking for top-performing employees who embody its core values of integrity, service excellence, visionary leadership, collaboration and teamwork. It is committed to both employee growth and work-life balance. The benefits of working in state government also include potential eligibility for the federal Public Service Loan Forgiveness program.

The Information Security & Response (ISR) Division protects against cybersecurity threats and provides strategic elections messaging that enhances the security of and improves public confidence in the Office of the Secretary of State. The ISR Division has 17 employees who report to the ISR Director. These employees are based at our Olympia-area Secretary of State facility and at the Digital Archives in Cheney.

The information security (IS) section consists of the Chief Information Security Officer (CISO), IS Project Manager, VoteWA Development Manager, Risk, Compliance and Quality Control (RCQC) team and the IS Operations (Ops) team. The Ops team is comprised of six members on the east and west side of Washington state. The Ops team supports and manages cybersecurity operations and projects, and reports to the CISO.

Permanent, Full Time

This position provides systems administration and cybersecurity capabilities in support of the agency’s security goals and objectives. The primary security objective is to detect, respond to, and mitigate cybersecurity incidents. The incumbent supports this objective by implementing, administering, and maintaining OSOS systems and software used in cybersecurity operations. The ISR System Administrator performs technical work independently and collaboratively as part of a team of cybersecurity and other IT professionals.

• Performs routine systems administration and security tasks across security appliances, cloud platforms, and enterprise systems.
• Configures, supports, and audits user access to security appliances, cloud applications, and system resources.
• Maintains identity proofing and access controls to ensure appropriate authentication, authorization and accounting of system access.
• Implements and follows best practices for secure system and application development, including the use of static and dynamic analysis tools for frameworks, custom code libraries, and security tools.
• Monitors and manages scheduled backup jobs to ensure successful completion, data integrity, and recoverability.
• Collaborates with development teams, IT support, and management to optimize server/network performance, minimize downtime, and strengthen security posture.
• Assesses, plans, tests, and implements configuration changes that impact application functionality and system integrations.

• Monitors security and systems administration tools for notable alerts and events and escalates issues to the appropriate system administrator or supervisor for further analysis.
• Performs initial triage of security and system events, collecting relevant information to support investigation and troubleshooting activities.
• Conducts incident investigations, reports findings to stakeholders, and recommends corrective actions.
• Proactively identifies and implements data quality assurance procedures to ensure the integrity and reliability of system and security information.

• Conducts security audits and risk assessments, applying…