IT Security Analyst - Journey (Lacey)

Washington State Parks and Recreation Commission

___________________________

Job Title:IT Security Analyst – Journey

Location:Lacey, WA

Closes:May 25th, 2026, at 11:55pm PDT

Position: after onboarding and training this positionis available for remote/partial telework/flexible schedule, some travel may occasionally be required. The default assigned work location of all Parks positions – both on-site and telework eligible positions – is within the State of Washington. Frequency of onsite work will vary based on business and operational needs

Washington State Parksis looking for a full timeIT Security Analyst- Journey (ISA)to join our team and play a critical role to help protect the systems, data, and technology services that support WA Parks mission, staff, and residents across the State.

This position is part of PARKS Information Security Office (ISO) within IT Services Department and reports to the Chief Information Security Officer (CISO). The role supports enterprise cybersecurity operations with a focus on vulnerability management, disaster recovery, secure system configuration, incident response support, and security-driven technical administration. This is a hands-on technical security position.

The position acts as the point of contact for both technical and process related security design, implementation, configuration, and support to other IT professionals and engineers in relation to systems and network defense. The ISA works closely with the Senior Specialist to implement, design, and maintain solutions and systems that meet the needs and requirements of the Parks overall IT Security Posture. Leveraging guidance from the Senior Analyst and IT Architect this position will ensure policy and procedural compliance with both State level and Parks organizational IT security policy.

The successful candidate will work closely with IT operations, network infrastructure, compliance, and agency staff to identify risks, improve security posture, and support reliable technology services across Parks Enterprise. Join us and be part of an exciting, fast-paced team dedicated to protecting vital systems that make a difference in Washington!

Duties include but are not limited to:

• Monitors, maintains, and configures systems related to risk, threat, and vulnerability management.
• Uses threat & vulnerability management tools to identify and remediate vulnerability from Parks infrastructure, often working with other teams and technical staff to develop plans of action to remediate the concerns in a timely fashion.
• Monitors Security Information and Event Management (SIEM) solutions, creating custom queries and alerts.
• Conducts assessments on agency systems ensuring compliance with overall IT security policy and identifies configuration changes that will improve security posture. Providing recommendations for remediation of findings.
• Provides technical resources and knowledge to internal and external Security Design Review (SDR) processes for systems, applications, IOT devices, and IT business solutions. Working under the guidance of the Senior Analyst to complete the required documentation and approval gates by using established SDR processes and tools established by OCS and Parks IT security Policy.
• Maintains ongoing and updated knowledge of current and emerging IT & Cyber Security policy and standards that have or will have a potential to impact Parks systems and business practices.
• Acts a subject matter expert and key resource for efforts to create baseline security standards and baselines for IT hardware & software, IOT devices, network & mobile devices, and cloud-based solutions.
• Attends and actively participate in WaTech Security Operations Center (SOC), Office of Cyber Security (OCS), WaTech Risk and Policy Office team meetings, representing Parks interests.
• Provides technical review during intake, assessment and review of mobile applications for security concerns and viability of use in compliance with current policies and standards.
• Regularly participates in security exercises that evaluate the effectiveness of the Agency’s Disaster Recover Plan (DR), Business Continuity Plan(BCP), Continuity of Operations Plan (COOP), and Incident Response plan (IR).

REQUIRED QUALIFICATIONS:
Option #1
Six (6) years of consultative, administrative, or supervisory experience in information technology security analusis, information security system implementations, and security application configuration and maintenance.

OR

Option #2

Bachelor’s degree in computer science, management information systems, or closely related field AND (2) two years of experience in consultative, administrative, or supervisory experience in information technology security.

DESIREDQUALIFICATIONS:

• At least one of the following professional certifications: CISSP, CCSP, CRISC, GSEC, CEH, or Security+.
• At least (3) three years' experience developing, implementing, and enforcing agency information systems security policy, operating procedures, and technical standards.
• (3) three years' experience in designing and applying security controls and processes for securing the organization/agency.
• At least (2) two years' experience in identifying and resolving information security risks and incidents that may adversely impact agency operations or projects.
• At least (2) two years' project management experience with an emphasis in information technology or IT security.
• Additionally, the candidate will be measured against the following experience and ability (experience in at least half):.
  • Systems / Network security.
  • Web Application & development security.
  • Risk Management
  • Network discovery and vulnerability assessments.
  • Malware analysis.
  • Compliance audits.
  • Log management.
  • Ability to identify and document security vulnerabilities and their potential business impact.
  • Implementing and monitoring security controls
• Ability to identify and document security vulnerabilities and their potential business impact.
• Implementing and monitoring security controls.
• Experience managing IT security in 3rd party cloud environments.
• Experience with Compliance management, specifically NIST, CJIS, PCI, and OCIO 141.10.
• Experience managing and maintaining security controls in Azure.

Core Competencies:

Communication Skills:Clearly and effectively conveys and/or presents information verbally; summarizes what was heard to mitigate miscommunication; Shares ideas and perspectives, and encourages others to do the same; Informs others involved in a project of new developments; Disseminates information to other employees, as appropriate; Effectively uses multiple channels to communicate important messages; Keeps supervisor well informed about progress and/or problems in a timely manner; Writes in a clear, concise, organized, and convincing way for a variety of target audiences.

Customer Focus: Prioritizes customers (internal and external) and their needs as primary, and is dedicated to meeting their expectations; Develops and maintains customer relationships; builds credibility and trust; Quickly and effectively solves customer problems; Provides prompt, attentive service in a cheerful manner; adapts to changing information, conditions, or challenges with a positive attitude; Incorporates customer feedback into delivery of service to provide the best experience possible for the customer.

Interpersonal Skills:Relates well with others; Treats others with respect; Shares views in a tactful way; Demonstrates diplomacy by approachingothersaboutsensitiveissues innon-threateningways;Considersandrespondsappropriatelytotheneeds, feelings, and capabilities of others; Fosters an environment conducive to open, transparent communication among all levels and positions; Takes the initiative to get to know internal and external customers.

Problem Solving:Uses rigorous logic and methods to solve difficult problems with effective solutions; Probes all available sources for answers; Can see hidden problems; Is excellent at honest analysis; Looks beyond the obvious and doesn't stop at the first answers.

Organizing:Uses his/her time effectively and efficiently; Concentrates his/her efforts on the more important priorities; Can attend to a broader range of activities as a result of organizing time efficiently; Can gather resources (people, funding, material, support) to get things done; Can orchestrate multiple activities at once to accomplish a goal; Arranges information and files in a useful manner.

Learning and Growth- Adapts to change and applies new approaches, learns to navigate systems, processes, tools, and technology, and increases and develops knowledge, skills, and abilities.

Takes Action to Meet the Needs of Others- Collaborates with others to overcome challenges and find solutions, increases access, opportunities, and positive outcomes for others, and helps and supports people and communities from all backgrounds.HOW TO APPLY:
To ensure consideration, please complete the online job application and profile atwww.careers.wa.gov.

You must attach in your application package the following:

• Letter of Interest specifically addressing the qualifications listed in this announcement.
• Three professional references contact information(if not listed on the application).

**All requested materials must be submitted. Incomplete or late application materials will not be accepted. Failure to follow application process may disqualify you from further consideration.**

Please read the supplemental questions carefully and answer completely. Incomplete responses, including "please see resume" may disqualify you from further consideration.

The information provided in your application must support your selected answers in the application questions. Answers will be verified, and documentation may be required. Responses not supported in your application will disqualify you for consideration of employment from this recruitment.

This position is included in the non-supervisory bargaining unit represented by the Washington Federation of State Employees (WFSE). For more information: https://wfse.org/

Want to join a great organization?The Washington State Parks and Recreation Commission manages one of the largest, most diverse and beautiful parks systems in the country. With more than 138,000 acres, the system includes 124 developed parks, including 19 marine parks, 11 historical parks, 35 heritage sites, 13 interpretive centers and approximately 500 miles of long-distance recreation trails. And the agency is staffed with nearly 1000 employees (summers), who are some of the most passionate employees you'll find anywhere We love what we manage and what we do. For more information on Washington State Parks, click here.

Diversity Policy Statement:

The Washington State Parks and Recreation Commission is an equal opportunity employer. We strive to build a workplace culture that is welcoming and inclusive in which all employees feel respected and empowered to bring their unique ideas to the agency. At State Parks, we believe that embracing diverse backgrounds and experiences is essential to growing a strong workforce. We encourage applicants underrepresented in natural resources and outdoor recreation fields to apply, including but not limited to women, Black, Indigenous and people of color (BIPOC), individuals with disabilities, neurodivergent individuals, disabled and Vietnam era veterans, persons over 40 years of age, and individuals who identify as a part of the 2SLGBTQ+ community.

Persons desiring any accommodations in the application process or this job announcement in an alternative format may contact the human resources office at (360) 902-8565. Applicants who are deaf or hearing impaired may call through the Washington Relay Service by dialing 7-1-1 or 1-800-833-6388.

For information about this position and job duties, please contact James Minkler atJames.Minkler@parks.wa.govor (360) 902-8589.

For information about the hiring process, please contact Wendy Vandel at Wendy.Vandel@parks.wa.gov or (360) 902-8688.

All applicants with a legal right to workin the United States are encouraged to apply.

Job Alerts to receive a list of new job postings at Parks.