OlympiaRecruiter Since 2001
the smart solution for Olympia jobs

IT Security Risk and Disaster Recovery

Company: State of Washington
Location: Olympia
Posted on: June 8, 2021

Job Description:

Note: This recruitment will remain open until the position is filled. The hiring authority reserves the right to make a hiring decision at any time. It is in the applicant's best interest to submit materials as soon as possible. Next application review will be May 10, 2021, and will continue weekly until filled.

This position has been allocated as IT Security - Senior Specialist.

The Opportunity

In this position you will provide technical expertise in conducting risk and security assessments, evaluating existing security controls, recommending risk mitigation, and supporting the agency's security assessment plan and risk assessment plan. You will contribute to the mission of the organization as the agency's information services security auditor, risk manager, and disaster recovery specialist by ensuring information systems used by agency staff and external customers meet regulatory requirements. You will also provide analysis, direction, and oversight to the agency's information services incident response plan, disaster recovery plan, business continuity plan, continuity of operations planning(COOP), and information systems backup and recovery plan.

About OFM

OFM is a great place to work! Our mission is to support and improve government on behalf of all Washingtonians. As an employee of OFM, you will be part of a team of dedicated professionals who work every day to fulfill this mission by providing vital information, fiscal services, policy support and technology services that the governor, Legislature and state agencies need to serve the people of Washington.

We are a dynamic and high-performing agency that is responsible for a wide range of activities that are critical to the efficient operation of the state government enterprise.We are committed to supporting the growth and development of our employees and support the following values:

* Fostering an environment of diversity, equity and inclusion. We strive to hire, cultivate and retain a competitive workforce that reflects the communities we serve. * Encouraging a healthy life/work balance by offering flexible/alternative work schedules, wellness activities, mobile arrangements and teleworking opportunities. * Making strides in modernizing our work environment by thinking outside the cubicle and providing workspaces that promote creative collaboration, drive efficiency, and best suit the important work we do. * Offering an Infants at Work Program to promote parent and infant bonding, parental well-being and healthy infant development. Depending upon job duties, work location and supervisor approval, eligible employees who are new mothers, fathers or legal guardians can bring their infant (six weeks to six months) when returning to work.

What will you be doing?

* Performing security audits on the enterprise applications to ensure they meet OCIO and agency standards and comply with service level agreements. * Managing audit findings from both internal and external audits. Maintaining and updating plan documentation. * Developing, coordinating and conducting periodic disaster recovery tests. * Researching, analyzing, consulting and recommending disaster recovery solutions to the agency and stakeholders as needed. * Maintaining and updating the incident response plan documentation. * Conducting internal security control audits and recommending remediation for specific security framework and control gaps. * Identifying security control gaps and monitoring remediation efforts for critical business functions. * Developing, coordinating and conducting periodic incident response tests. * Researching and recommending incident response and business continuity solutions. * Maintaining and updating business continuity plan documentation. * Developing, coordinating, and conducting periodic business continuity exercises.


* Bachelor's degree or higher in information security or related field from an accredited institution whose accreditation is recognized by the U.S. Department of Education or the Council for Higher Education Accreditation (CHEA), or a foreign equivalent.


* A professional security certification, such as CISSP, CISA, or CEH, from a non-vendor specific industry recognized organization such as ISC2, ISACA, or the SANS institute.


* Seven years of professional experience performing detailed risk assessments and business impact analysis to identify technology interdependencies and security control gaps and developing technical reports to identify gaps and providing a mitigation plan, whileworking with required internal and external teams. * Seven years of experience in analyzing and finalizing technology disaster recovery requirements with a technical understanding of the 5 R's of recovery planning: response, recovery, resumption, reconstruction, and relocation with a strategic alignment with agency critical IT systems/application in a hosted hybrid virtual and on-premise physical environment. * Knowledge of OCIO, CIS, NIST, FERPA, HIPAA, FISMA and FedRAMP frameworks.


* A professional certification, such as a Disaster Recovery Certified Specialist or a certified Business Resilience Manager. * Master's degree or higher in information systems, IT project management or related field from an accredited institution whose accreditation is recognized by the U.S. Department of Education or the Council for Higher Education Accreditation (CHEA), or a foreign equivalent.

Application Process

The top candidates will be contacted directly to interview for this position. Because the selection will be based on information you provide, it is in your best interest to identify the knowledge, skills and abilities that address the required and desirable qualifications described above.

Interested? We would love to hear from you! Click "Apply" to submit your application and include the following:

* A letter of interest describing specific qualifications. * A current resume detailing applicable experience and education. * A list of at least three professional references with current telephone numbers (either in the online application or as an attachment). * You must be eligible to work in the United States without sponsorship from this agency.

The Office of Financial Management is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all applicants and employees. We are committed to building a team that represents a variety of backgrounds, perspectives and skills. The more inclusive we are, the better our work will be. Women, racial and ethnic minorities, persons of disability, persons over 40 years of age, and veterans are encouraged to apply. Persons needing accommodation in the application process, or who wish to receive this job announcement in an alternative format, may call 360-725-0158 or the Telecommunications Device for the Deaf: 711 Relay. For TTY service, please call the Washington Relay Service at 711 or 1-800-833-6388.

For questions about this recruitment or to request a reasonable accommodation in the application process, please emailjill.thompson@ofm.wa.gov or call us at 360-688-4098.

Keywords: State of Washington, Olympia , IT Security Risk and Disaster Recovery, Other , Olympia, Washington

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Washington jobs by following @recnetWA on Twitter!

Olympia RSS job feeds