IT Security – Journey

US Government, Dept. of Transportation

About WSDOT
Washington State Department of Transportation (WSDOT) is the steward of an integrated, multimodal transportation system that helps to ensure people and goods move safely and efficiently throughout the state. In addition to building, maintaining, and operating the state highway system, WSDOT operates the largest ferry system in the nation, manages the world’s longest floating bridge, and recently completed the world’s widest tunneling project.
 
The Opportunity
WSDOT Infrastructure Services is currently seeking an IT Security Journey level professional in Tumwater, WA. Infrastructure Services functions as the enterprise support organization for all server, storage, active directory, Azure cloud administration, infrastructure-as-a-service, data networking, telecommunications, fiber optic, perimeter security, penetration testing, and mainframe related equipment and technology for all WSDOT employees. Infrastructure Services provides technical expertise, management and strategic leadership for these technologies and support assistance to dependent technologies statewide. Infrastructure Services customer and partner relationships span the agency and extend to many inter-agency and vendor affiliates.  The security group inside Infrastructure Services focuses on:
 
• Defining Infrastructure Services strategic security architecture for on-premises and cloud environments.
• Researching, designing, implementing, and administering security solutions protecting WSDOT’s IT infrastructure.
• Monitoring for security anomalies, alerts, and threat intelligence affecting infrastructure systems.
• Coordinating incident response by Infrastructure Services staff during security events.
• Performing penetration tests on agency systems, applications, and networks to measure systemic security risk.

The security engineer is the primary administrator for the agency’s security event collection and alerting solutions.  The position implements, manages, and troubleshoots event collection and security alerting for both on-premises and cloud environments.  These systems are essential to the agency’s Payment Card Industry (PCI) compliance. This position is also primary point of contact for on-premises and cloud infrastructure security configuration, monitoring, and troubleshooting by both internal stakeholders and partner organizations. This position defines security and network address translation (NAT) rules on infrastructure security devices to allow WSDOT and its partner organizations to accomplish all necessary business functions. This position also refines infrastructure security systems to increase threat detection effectiveness and defend against changing attack techniques being leveraged by malicious actors. As a penetration (pen) tester, this position stays informed of new security technologies and the latest adversarial hacking techniques and behaviors in order to continually test and secure the WSDOT on-premises and cloud infrastructure.
 
What to Expect
Among the varied range of responsibilities held within this role, the IT Security – Journey will:

  • Maintain and configure infrastructure security solutions to uphold robust security for the agency’s internal, cloud, credit card processing, and public-facing networks. Infrastructure security systems include firewalls, intrusion prevention systems, web filtering, remote access VPNs, DNS sinkholes, and others as required. Implement and document security rules on these systems to allow the access required for business operations while maintaining a strong security posture.
  • Administer and maintain infrastructure security systems including installation, configuration, security patching, system upgrades, system health monitoring, and troubleshooting.
  • Analyze traffic flows using firewall logs, inspect network packet captures, and seek application developer input to create both security and network address translation (NAT) rules allowing necessary access to approved IT services.
  • Design and implement access rules and signatures to monitor and block emerging threats.
  • Provide guidance and oversight to the security monitoring team on effectively monitoring logs and correlating threat intelligence.
  • Implement and maintain security event collection and alerting solutions on-premises and in the cloud. As the primary administrator of these systems, ensure they are configured and functioning properly as business and technical requirements evolve.
  • Meet with stakeholders to gather information, ensure compliance requirements are met, and perform research to select appropriate event collection and alerting products or tools to implement in agency on-premises and cloud environments.
  • Perform penetration testing on WSDOT environments throughout the agency to discover vulnerabilities in cloud technologies, network segmentation, wireless networking, applications/web apps, databases, system administration, and IoT devices.
  • Employ forensic tools, network packet analysis, threat intelligence software, and custom developed tools to resolve unknowns about these events.

 
Qualifications
To be considered for this opportunity, the following are required:

  • Bachelor’s Degree and four (4) years of experience in Information Technology, Cybersecurity, Computer Science, or related field.

OR 

  • Associate degree and six (6) years of experience in Information Technology, Cybersecurity, Computer Science, or related field.

OR 

  • Eight (8) years of experience in Information Technology, Cybersecurity, Computer Science, or related field.

It is preferred that qualified candidates also have:

  • Two (2) years of experience in cybersecurity within two or more of the following cybersecurity technologies: 
    • Vulnerability management
    • Intrusion detection and prevention
    • Application security
    • Network security
    • Incident response and handling
    • Anti-virus/malware management
    • Security assessments
  • One (1) year of experience conducting penetration tests, technical security audits, or technical security assessments on large enterprise networks.
  • One (1) year of experience with Palo Alto Networks security solutions.
  • GIAC Network Penetration Testing and Ethical Hacking Certification (GPEN) or comparable penetration testing certification.
  • Experience designing and programming security tools using Python, Bash, or comparable languages. 
  • Working knowledge of the Linux operating system and mature skill set working in the Bash shell or comparable alternative.

 
Important Notes 

  • This recruitment may also be used to fill additional positions per business needs.
  • This position offers flexible/hybrid remote work options.
  • This position may need to travel infrequently for meetings or on-site work.
  • When needed, will be required to work late nights for maintenance, resolving outages, or working security incidents.
  • By issuance of proclamation, the Governor of Washington State mandates that all employees who work for executive cabinet agencies (which includes the Department of Transportation) must be fully vaccinated against COVID-19. Compliance with this mandate is a condition of employment with WSDOT. Exemption may be granted for religious or medical purposes; however, accommodations will be subject to approval based on the essential functions required of the position.  
  • WSDOT does not use the E-Verify system. For more information, please visit www.uscis.gov 

 
Why WSDOT  

  • Work-Life Balance – We offer flexible work schedules that allow you time for your life outside of this excellent opportunity.
  • Paid Leave – In addition to 11 paid holidays, full-time employees earn a minimum 14 paid vacation days per year!
  • Tuition Assistance – Permanent employees have several options for assistance with education expenses, including tuition reimbursement programs, government discounts at participating colleges throughout the state, and eligibility for federal student loan forgiveness.  
  • Plan For Your Future – WSDOT offers a comprehensive benefits package that includes a variety of healthcare options. Employees also have their choice of state retirement programs, and much more. Go to State Benefits for more information. 

 
Check out this video to learn more: Why WSDOT? 

How to Apply
Applications for this recruitment will be accepted electronically. Your relevant experience may be evaluated to determine salary. Therefore, it is very important that the “Work Experience” portion of the application be completed in as much detail as possible.
In order to be considered for this opportunity, please include the following with your online application: 

  • An attached Resume outlining (in reverse chronological order) your experience to date.
  • An attached Cover Letter that further explains your qualifications and indicates why you believe you are a viable candidate for this role.
  • Contact details for a minimum three (3) individuals who can attest to your work performance, technical skills, and job-related competencies. This information can be entered in the “References” section of the online application; does not require an additional attachment. 

 
Please click the “APPLY” button to proceed. Note that you will be prompted to either sign in, or create an account. This step is required in order to submit an application to this opportunity.
 
WSDOT is an equal opportunity employer. We value the importance of creating an environment in which all employees can feel respected, included and empowered to bring unique ideas to the agency. Our diversity and inclusion efforts include embracing different cultures, backgrounds and viewpoints while fostering growth and advancement in the workplace. Women, racial and ethnic minorities, persons of disability, persons over 40 years of age, disabled and Vietnam era veterans, as well as people of all sexual orientations and gender identities are encouraged to apply. Persons with disabilities needing assistance in the application process, or those needing this job announcement in an alternative format may contact the listed Recruiter.
 
WSDOT does not use the E-Verify system. For more information, please visit www.uscis.gov 
 
Contact us
For inquiries about this posting, you may contact the assigned Recruiter, D. Jordan (pronouns she, her, hers), at jordand@wsdot.wa.gov . Please be sure to reference IT Security – Journey #00914e in the subject line.

Job Overview