Demo
Salary Resume Critique Job Openings

Senior IT Security Analyst

Redmond Technology Partners
Tacoma, WA Full Time
POSTED ON 1/14/2025
AVAILABLE BEFORE 3/21/2025

Job Description

Redtech is helping our client with a Direct Hire search for a Senior IT Security Analyst.

Location - Tacoma, WA Local candidates only, no 3rd parties.

Schedule - Flexible / Hybrid - 2 days per week onsite. Tuesday & Wednesdays (potential for additional days pending project specifics and deadlines)

Full time hours - 40 / week - Must be available to work any combination of days and hours as needed, including weekends and holidays, and availability for 24-hour on-call status when required. Must be willing to travel to attend trade shows or training classes on an infrequent basis; may be required to work outside of regular business hours on an infrequent basis.

Estimated Start Date ASAP

Anticipated Starting Salary range - target salary is approx. $140,000 target. Full range is $107K-$170K depending on qualification

Benefits - (all are based on eligibility)

Our CLIENT is proud to offer an excellent benefits package. This includes medical, prescription, vision and dental with no out-of-pocket premiums and full coverage for employee, spouse, and all eligible dependents. In addition, CLIENT offers vacation, paid holidays, sick leave, bereavement leave, paid parental leave, participation in the Washington State Public Employees' Retirement System (PERS) and a Company-funded Voluntary Employee Beneficiary Association (VEBA) account for out-of-pocket health related expenses for employees and their eligible dependents. The benefits package is valued between 45%-55% of base salary.

The successful candidate must possess (or obtain within 30 days of employment) a valid driver's license. Candidate must also be able to obtain / maintain a Transportation Worker Identification Credential (TWIC), which is a program managed by the Department of Homeland Security (DHS).

Job Description :

The Senior IT Security Analyst is focused on safeguarding the organization's technology from risks and attacks. They play a crucial role in protecting the technology from unauthorized access, threats, and vulnerabilities. This role involves monitoring, detecting, investigating, analyzing, and responding to security events. Additionally, they will implement and maintain defensive measures using cybersecurity systems, tools and best practices.

ESSENTIAL FUNCTIONS

What are the primary functions or essential duties of this position?

1. Securing the CLIENT's Technology :

  • Oversee access, identify suspicious activity, and recommend solutions to reduce risk and prevent cyberattacks
  • Partner with other IT team members to secure networks, systems, applications, and sensitive information by ensuring that best practices are followed.
  • Continuous development and use of modern security controls to protect the CLIENT's endpoints
  • Timely communication regarding security issues to peers and management
  • Validate security software and firmware updates are installed and current on all networks and systems

2. Performing Security Assessments :

  • Identify, assess and prioritize system vulnerabilities for timely remediation
  • Assess and prioritize potential risks and their impacts on organizational assets
  • Conduct or lead third parties through simulated attacks to identify and address security weaknesses
  • Assess regulations and standards through regular audits and corrective actions
  • Provide input on security policies from assessments to address current threats and recommendations for organizational alignment

    • 3. Cybersecurity Incident Response and Disaster Recovery Planning :

  • Respond to security incidents, including containment, eradication, and recovery efforts
  • Timely communications and activation of Incident Response Team
  • Conduct post-incident analysis to determine root cause and preventative measures
  • Maintain and update incident response documentation and tools
  • Plan annual Cybersecurity Incident Response and Disaster Recovery Tabletop exercises
  • Evaluate and update disaster recovery plans based on lessons learned and actual incidents

    • 4. Education, Audit and Compliance :

  • Maintain and advance security awareness, phish testing and specialized training for employees
  • Contribute to Informing staff about new security threats, policies, and procedures through regular updates and educational materials
  • Conduct internal security audits, support external auditors, and ensure audit findings are addressed
  • Track and maintain all audit recommendations and report on remediation progress
  • Stay current with relevant laws, regulations, and industry standards, and assist in the development of policies to ensure compliance
  • Consult on security policies and procedures and alignment with compliance requirements

    • 5. Managing Business and Vendor Partnerships :

  • Establish and sustain effective working relationships with internal IT teams and business partners
  • Collaborate with partner organizations
  • Supervise and maintain relationships with the CLIENT's Cybersecurity vendors, specifically for :
  • Managed Services
  • Annual penetration testing
  • Annual security performance audits
  • Annual incident response (IR) and disaster recovery (DR) tabletop exercises
  • Various annual government and military assessments and audits

    • 6. Governance and Risk Management :

  • Develop, update, evaluate, and help implement security policies, standards, and procedures to ensure they are in line with organizational objectives and regulatory mandates.
  • Partner with stake holders to assist in the implementation and maintenance of a governance framework to oversee security initiatives, ensuring they are effectively managed and integrated across the organization
  • Partner with the Cybersecurity Oversight Committee to discuss risk, remediation and oversight (monthly)
  • Conduct regular risk assessments and analyses to identify, evaluate, and prioritize potential security threats and vulnerabilities
  • Develop and implement risk mitigation strategies and controls, and continuously monitor and report on the effectiveness of these measures

    • Knowledge

  • Demonstrated knowledge of security protocols, incident response, threat analysis, vulnerability assessment, and security technologies.
  • Knowledge and familiarity in NIST CSF 1.1 and related cybersecurity standards, protocols, and regulations.
  • Familiarity with security technologies, firewalls, IDS / IPS, antivirus, encryption, and vulnerability management tools.
  • Knowledge of incident response processes, disaster recovery planning, and post-incident analysis
  • Understanding of GRC frameworks to ensure the organization meets regulatory requirements and industry best practices.
  • Awareness of how to develop, evaluate, and implement security policies and procedures in alignment with organizational goals and regulatory mandates.
  • Knowledge of managing relationships with cybersecurity vendors and collaborating with external partners like government agencies and other relevant organizations.

    • Skills

  • Skill in conducting risk assessments, identifying vulnerabilities, prioritizing remediation efforts to mitigate security risks.
  • Advanced ability to perform technical security assessments, including vulnerability scanning, penetration testing, and threat analysis.
  • Strong communication skills, both written and verbal, to effectively convey security issues, policies, and procedures to various stakeholders, including non-technical audiences.
  • Proficiency in coordinating and executing incident response plans, including containment, eradication, and recovery, as well as conducting root cause analysis.
  • Expertise in conducting internal security audits, supporting external audits, and ensuring compliance with laws, regulations, and industry standards.
  • Skill in staying updated with the latest cybersecurity threats, technologies, and best practices, and applying this knowledge to the organization's security posture.

    • Abilities

  • Ability to analyze complex security incidents, assess the impact, and develop effective solutions to address vulnerabilities.
  • Ability to work with cross-functional teams, including management, and external partners, to achieve security objectives.
  • Capability to lead security initiatives, mentor, and influence stakeholders to adopt best practices in cybersecurity.
  • Ability to monitor systems, detect suspicious activities, and ensure all security measures are implemented and maintained accurately.
  • Ability to make timely, informed decisions in high-pressure situations, particularly during security incidents or breaches.
  • Skill in managing cybersecurity projects, planning, and execution, to ensure they are completed on time and within scope.

    • EDUCATION & EXPERIENCE REQUIREMENTS

    Bachelor's degree in cybersecurity, computer science or information technology or related field and a minimum five (5) years progressively responsible Cybersecurity experience in risk management, governance, audit and compliance. An additional four (4) years' experience in Cybersecurity can substitute for a bachelor's degree.

    Experience working with the NIST CSF 1.1 or greater preferred.

    Professional Certifications Preferred :

  • CCSP : Certified Cloud Security Professional (or related industry security certs)
  • CEH : Certified Ethical Hacker
  • CISM : Certified Information Security Manager
  • CISSP : Certified Information

    • DECISION MAKING AND SUPERVISION

    The position may coordinate the activities of internal and external technical resources during technical troubleshooting and support activities, making tactical and operational support decisions. Manages the activities of outsourced technical initiatives or support activities.

    This position is a high-level contributor to technical decision-making as it pertains to Cybersecurity, IT Infrastructure components, shortlists, and presents alternative technical solutions to departmental management for decisions of a significant scale.

    This individual must demonstrate a caring customer service attitude, a strong commitment to operational excellence, and dedication to the organization's core values : Integrity & Transparency; Excellence; Adaptability; Stewardship; Teamwork & Partnerships; Health & Safety; and Diversity, Equity & Inclusion. The CLIENT seeks candidates who will embrace and model these values both internally and externally, and who understand what it means to carry out these values in their everyday work. We value individuals who also bring an impeccable work ethic, honesty, and integrity, and who consistently exhibit enthusiasm, energy, and a drive to succeed.

    Salary : $107,000 - $170,000

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Senior IT Security Analyst?

    Sign up to receive alerts about other jobs on the Senior IT Security Analyst career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $70,462 - $84,818
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Not the job you're looking for? Here are some other Senior IT Security Analyst jobs in the Tacoma, WA area that may be a better fit.

    Sr. IT Security Analyst

    Port of Tacoma, Tacoma, WA

    Sr. IT Security Analyst

    widenet, Tacoma, WA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!