Current jobs related to IT Security - Olympia, Washington - The Evergreen State College

Special Note This is a full-time, overtime eligible, project position on the Olympia Campus of The Evergreen State College. This project position is funded through June 30, 2025. Position Purpose This position participates in coordinating the maintenance of the cybersecurity program for the college. This includes monitoring the college's security posture and complex multi-system issues, auditing advanced technical configurations, and ensuring alignment with industry best practice and state and federal requirements for cybersecurity.

This position has working security knowledge and is familiar with multiple IT disciplines, including IT Architecture, Network and Telecom, Business Analysis, and System Administration in order to analyze various security data, identify potential security threats, and discuss mitigation strategies.

This position is a member of the Security & Technology Support team in the Office of Information Technology within the Finance and Operations division. The position reports to the IT System Administration – Senior/Specialist (working title: Security and Technology Support Manager). Nature and Scope Essential Functions Perform triage, analysis, and response of security alerts, logs, and error messages to determine and initiate appropriate courses of action. Analyze system and security logs; communicate anomalies and suspicious activity i.e., compromised accounts. Communicate and collaborate with the Security & Tech Support Manager, Technology Support Center staff and other work areas regarding issues and anomalies to gather additional information. Configure and use the security incident and event management system (SIEM) to maintain awareness of the computing environment. Work with external partners on daily monitoring and review of the computing environment. Identify, analyze, and interpret threat actors and malicious activity in college computing environments. Differentiate between potential intrusion attempts and pinpoint false alarms. Install, configure, and operate appropriate monitoring tools and recommend appropriate countermeasures. Support incident response team to contain, investigate, and prevent future information security breaches. Assists with investigations of information security violations and computer crime. Maintain up-to-date knowledge of the IT security industry including security solutions, processes and the emergence of new attacks and threat vectors. Maintain accurate knowledge of current system status including upgrade and patching state, OS end of life dates, and potential mitigations of security vulnerabilities. Work with OIT and other system managers to keep systems as current as possible. Participate in the IT Security Team to help build and guide the team agenda on relevant and emergent security topics. Create and maintain documentation of discovered flaws, issues, and their remediation status. Track and communicate status of security projects and tasks. As an IT Security subject matter expert, provide security advice for IT projects. Participates in short- and long-term planning regarding security audits and strategic objectives. Anticipate security alerts, incidents, and disasters and reduce their likelihood by leveraging intelligence threat feeds and services. Apply knowledge and expertise in networking, applications, operating systems, and IT architecture technologies to help secure core functions and college business solutions. Review network and intrusion detection and prevention systems logs. Assist with the detection and remediation of security flaws and weaknesses discovered in penetration testing and other security assessments. Perform on demand security assessment. Analyze security threats, vulnerability assessments, and audit results to recommend security solutions that enable business objectives. Assist with security audits and evaluate IT internal controls to be in alignment with the college's security program. Maintain current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information security technologies to ensure organizational adaptation and compliance. Perform other related duties as assigned in support of the college's security efforts and computing environments. Additional Duties Knowledge Skills and Abilities Skill and ability to monitor, analyze, and triage security events to discern events that qualify as legitimate security incidents as opposed to non-incidents accurately and efficiently, including security event triage, incident investigation, implementing countermeasures, and conducting incident response. Extensive knowledge of a Security Information and Event Monitoring (SIEM) platform, content filtering/ firewall technology, and/or log management systems that perform log collection, analysis, correlation, and alerting. Strong analytical and technical skills in computer network defense operations, including incident handling (detection, analysis, and triage), hunting (anomalous pattern detection and content management), and malware analysis. Strong logical/critical thinking abilities, especially analyzing security events, such as windows event logs, network traffic, IDS events for malicious intent, etc. Excellent organizational skills and ability to pay close attention to details in tracking activities. Knowledge in incident response, log analysis, and packet capture analysis. Knowledge in network fundamentals, for example, OSI Stack, TCP/IP, DNS, HTTP, SMTP. Understanding in the approach threat actors take to attacking a network, phishing, port scanning, web application attacks, DDoS, and lateral movement. Knowledge of Windows, OS X, and Linux operating systems and how to investigate them for signs of compromise. Foundational understanding of file analysis, including extracting indicators, providing a report, and implementing mitigations. Basic understanding of Cloud architecture and how an attacker can utilize these platforms. Basic scripting knowledge. Ability to select the right approach to investigating alerts and/or indicators and document findings in a manner that both peer and executive level colleagues can understand. Passion to learn and to contribute to the ongoing development of the team. Ability to work independently and collaboratively in a diverse community with other systems administrators, business analysts, project managers, software developers, network engineers, technology support staff, organizational leadership, and college stakeholders. Ability to work in a fast-paced, high-risk environment. Ability to document standards, procedures, instructions, and manuals. Ability to use specialized computer tools and procedures, such as file transfers, batch files, remote desktop, VPN, standardized procedures, or customized software tools as required. Ability and motivation to become familiar with rapidly changing or new technologies and be able to apply these technologies to existing and new business needs. Minimum Qualifications Desired Qualifications Coursework or training in information technology, cybersecurity, computer science, or related field. Two years of professional experience working directly in an IT Security capacity. Formal security training or certifications, such as: GIAC Security Operations Certified (GSOC)Security+Certified Ethical Hacker (CEH)Offensive Security Certified Professional (OSCP)EC-Council Certified Security Analyst (ECSA)College level IT Security or Information Assurance courses. Conditions of Employment Must provide proof of identity and employment eligibility within three days of beginning work. This position is part of a bargaining unit and covered by a collective bargaining agreement. Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position. Prior to an official offer of employment, a Declaration Regarding Sexual Misconduct form must be submitted to the college per RCW 28B The college will contact current and past employers to verify this information. Applicants who provide inaccurate information in their declaration will be disqualified and, if the inaccuracies are discovered after the applicant has been hired, it shall be grounds for termination.

---