Cybersecurity Engineer

State of Utah Office of the Governor•Salt Lake City, UT

1d•$55 - $70•Onsite

About The Position

The Office of Legislative Services (LSO) is a non-partisan office that provides internal support to the entire legislative branch. LSO provides support in varying ways, such as human resources, finance, IT services, printing, and more! As an internal support office, we look for individuals who embody a customer service mindset and demonstrate our core values. One of the best parts about working for the Legislative Services IT team is the reach your work will have within state government. We are looking for a seasoned cybersecurity professional with deep expertise across enterprise security, application development security, networks, cloud services, and end-user protection. In this role, you will help design, implement, and continuously improve security tools, processes, reporting, services, and policies relating to our network infrastructure, applications, endpoints, identity systems, and servers. You will serve as a trusted technical advisor, owning and maintaining a multi-year cybersecurity architecture roadmap aligned with organizational priorities and help mature the organization’s overall security posture through sound engineering and secure architecture. This is a full-time, nonpartisan position that requires flexibility to work extended hours between November and March in preparation for, and during, the annual general legislative session. During the session (January through March), employees are required to work on-site. Outside of the session, employees are primarily office-based, with the option to work remotely once a week. Employees must maintain a permanent residence in Utah.

Requirements

5+ years of progressively responsible hands-on experience in cybersecurity engineering, cloud security, application security, infrastructure security, or incident response.
Demonstrated experience designing, implementing, and operating enterprise security controls, detection capabilities, and incident response processes with an emphasis on long-term strategic planning.
Practical experience with SIEM, vulnerability scanning, endpoint security, identity security, and application security testing tools such as SAST/DAST.
Knowledge of the following technologies; hands-on experience is preferred: Windows Server, Active Directory, Entra ID, and Linux administration
DevOps security practices, including containerization and securing CI/CD pipelines
Critical subsystems of Windows, Linux, and Mac
SQL database security, hardening, and access controls
Cloud computing and security, particularly within Microsoft Azure
Web application security with a focus on Java, Spring, and related technologies
Ability to write and utilize scripts for automation, API interaction, and log analysis (PowerShell, Python, Bash, etc.)
Bachelor’s degree in computer science, information science, engineering, or a related field, or relevant work experience that demonstrates strong analytical and problem-solving aptitude

Nice To Haves

One or more of the following professional certifications, or equivalent demonstrated expertise, is preferred: CompTIA Security+, CySA+, CISSP, GIAC, Azure Security Engineer Associate

Responsibilities

Help lead the design and evolution of enterprise cybersecurity architecture that protects the organization’s data, systems, applications, and networks.
Participate in the planning, implementation, management, monitoring, and continuous improvement of security measures that protect the organization’s data, systems, and networks.
Review new and existing technologies, projects, and system changes to identify security risks and recommend practical, risk-based mitigations.
Design and review secure architecture for internally developed applications, infrastructure, identity services, and cloud-based systems.
Monitor for indicators of intrusion or compromise and guide advanced investigation, containment, eradication, recovery, and post-incident remediation activities.
Troubleshoot complex security, system, and network issues and provide risk-informed recommendations to technical and business stakeholders.
Administer and improve security controls across IAM, email security, endpoint security, vulnerability management, logging, and detection platforms.
Participate in change management, security assessments, vulnerability remediation, and application security testing, including SAST/DAST and related secure development practices.
Develop and maintain security standards, procedures, metrics, and reporting to support compliance, operational maturity, and informed decision-making.
Provide technical leadership, and collaborate with internal and external groups on cybersecurity initiatives, training, and incident preparedness.