{width="639" height="96"}*Our Mission: *Keep Washington Safe and Working! *Our Values: *Customer Focus, One L&I, Respect, Diversity, Equity and Inclusion, Learning and Growth, Reliability

Are you an IT security specialist who enjoys designing, developing, testing, implementing, and integrating identity and access management frameworks, systems, and protocols within IT security programs? If so, this may be just the position for you!   This position ensures the confidentially, integrity and availability of L&I systems, networks, and data through planning, analysis, development, implementation, and enhancement of the IT security program, policies, procedures, and tools provided to L&I staff. This position also monitors L&I systems and environments to identify and resolve potential access control risk issues and ensure compliance with all relevant policy and governance.   The incumbent works with the Security Services team to design authorization flows and create processes and procedures to ensure that accesses are granted, monitored, and removed in a secure and timely fashion.  This position will develop and drive the creation of standardized user profiles. The incumbent will also be in charge of development of role-based training related to these processes. This position will identify, define/approve and implement continuous process enhancements/improvements utilizing various tools and methodologies.   Working with the Senior Security Analyst, this position will also help to participate and manage internal and external audits. This includes communicating with auditors, finding artifacts, and participating in closure of corrective audit plans (CAPs) through the creation and implementation of standards and guidelines.   This position will also help to process risk acceptance requests specific to information technology systems and user accesses.  

Duties

Some of what you will be doing:

Identity and Access Management (IAM) Implementation and Improvement, including:

• Design authorization flows 
• Develop processes and procedures to ensure that accesses are granted, documented, and monitored, and removed in a secure fashion.
• Review accesses and help business areas create roles that follow the principals of least privilege and separation of duties.
• Lead agency-wide annual access review effort.  
• Evaluate and determine risk on Special Use IDs and Service Accounts. 
• Create and maintain standards and guidelines for authorization and administration of user accounts 
• Develops security training materials 

Audit and Compliance, including:

• Participate in audit support activities around external and internal audits
• Develop plans to address access or identity related Correct Action Plans (CAPs) from audits. 
• Do compliance checks on IAM processes implemented to ensure that they are being followed according to relevant policy. 
• Define and implement new access control standards and procedures to address areas of non-compliance.

Risk Management, including:

• Analyze, research and assess agency systems and user risk acceptance requests submitted from programs.
• Follow up on risks and ensure they are signed off by the appropriate people within an allotted time frame.
• Develop mitigations to lower agency risk.