IT Security Analyst

Pro Innovation Inc. is an IT service provider and direct vendor for State of Washington agencies. We are locally based company working with state agencies for last 10 years. We are looking for a IT Security Analyst for one of our government clients located in Olympia, WA Threat Management Implements, maintains and enhances IT security systems that include Network Access Control, Firewall, Intrusion Detection SystemsIntrusion Prevention Systems (IDSIPS), Security Information and Event Management (SIEM), Application Proxy, etc. Operates and manages all aspects of the Threat Management Solutions Tasks include Installs, configures, maintains, and patches the threat management tools in the technology environments. Configure the threat management tools to address threat environment. Configure the threat management tools to inventory devices on the network. Configure the threat management tools to isolate non-compliant or infected systems for remediation. Consult with IT technicians and external vendors to discuss failed controls on network devices, research vulnerabilities, mitigate risk, recommend other options, and process any deviations. Leverage threat management tools to identify rogue machines, or as part of security incident response. Facilitate resolution of complex technical vulnerabilities with competing stakeholders from IT and the business divisions. Create Key Performance Indicator (KPI) reports for management based on threat management tools. Identify trends, root causes for categories of vulnerabilities, and recommend enterprise mitigation strategies. Produce technical reports and formal papers on threat management for IT management. Analyze threats to determine impact to our environment, eliminate false positives, research and articulate business impact to the agency. Develops vulnerability tests, risk analyses and security assessments. Plan, configure, and schedule vulnerability scans of IT systems including on premises, Software as a Service (SaaS) and Cloud solutions. Identify trends and enterprise problem areas, partner with IT Division system administrators, supervisors and managers to apply resources to the largest impact risks. Security Monitoring Analyze, research and assess agency risk using ITSS security defenses and services (e.g. IDSIPS, SIEM, NAC, OCS Security Operations Center) Internet security gateways, virus prevention, spam prevention, etc.) Determine appropriate response including removing the system from the network. Provide guidance and requirements to IT system owners to ensure infected systems are cleaned. This position provides expert level troubleshooting and analysis and is responsible for handling the most difficult or advanced problems within the Agency for IT security incidents. The incumbent will develop, design, implement and provide requirements to Tier 1 and Tier 2 personnel and develop solutions to new or unknown issues. The incumbent will determine appropriate response and coordinate threat containment and remediation activates with the system owner(s). Manage security tools Infrastructure Firewall – Act as the primary firewall administrator. Analyze requests for new Access Control Lists (ACLs) to verify they meet security requirements. Where necessary, propose alternative firewall changes that meet the business requirements. Implement firewall ACLs and configuration changes. Diagnose and resolve firewall related network problems through log or packet capture analysis. Implement configuration changes to the firewall in order to resolve system outages. Set requirements for other firewall technologies including virtual (NSX), workstations and servers (ENS), Linux, (iptables), cloud solutions, etc. Configure the Intrusion Detection System (IDS)Intrusion Prevention System (IPS) to ensure IT is alerted to attacks against our network and systems. Configure the Security Information and Event Management (SIEM) to ensure IT is alerted to attacks against our network and systems. Assist with configuring the Secure Web Gateway Proxy to block attacks and malicious websites so that agency IT systems are protected. Security Consulting Security consultant to business areas and IT staff and IT leadership to implement the security architecture, technologies and solutions. Leverages a high level of familiarity with a wide range of technical systems and IT solutions and explains complex technical concepts to a wide range of people. Translate technical security concepts for customers and audiences with differing levels of technical understanding. Analyze business area and technical group proposals in varying levels of development to understand risks, laws, regulations and privacy issues. Use the results to identify and document appropriate security requirements. Implement additional security controls or configurations needed. Perform hands on work to remediate threats to the agency or to increase security posture. PM new solution implementation Serves as IT Security expert and represents ITSS for projects in any of the IT Security service areas within the IT division. This includes managing work breakdown structures and coordinating work efforts with other teams. Develop, design, and implement new processes and technology to keep the risks to our systems and vulnerabilities low. This may include technologies such as Identity and Access Management, firewall, vulnerability management, secure file transfer system, IDSIPS systems and others. Develop and update the IT Security Policies, Standards, and Procedures related to threat management to client staff.