Sr. Vulnerability Management Engineer (Information Systems Specialist 7)

Initial Posting Date:

07/16/2025

Application Deadline:

07/27/2025

Agency:

Department of Administrative Services

Salary Range:

$6,679 - $10,092

Position Type:

Employee

Position Title:

Sr. Vulnerability Management Engineer (Information Systems Specialist 7)

Job Description:

Opportunity Awaits, Apply Today! Sr Vulnerability Management Engineer (Information Systems Specialist 7)

Cyber Security Services (“CSS”) is an information security management section within Enterprise Information Services (EIS.) It acts as a shared information security resource for the state of Oregon. CSS’s mission: Leading Oregon Government to safeguard the State’s information resources. CSS is comprised of the following units: Governance Risk and Compliance, Enterprise Security Architecture, Network Security, and Security Operations Center (SOC).

During your day-to-day activities within the SOC, you will support and enable state and local government agencies to carry out their missions, benefiting all Oregonians. In this dynamic role you advise the CSS SOC Manager and Director on varying levels of cyber security services which the CSS SOC provides to the State of Oregon Executive Agencies, Boards and Commissions. Through ongoing communications, work with leadership on program development and provide guidance on front line customer support. Through minimizing complexity and focusing on results, this position will assist in maintaining the enterprise cyber security posture by supporting and maintaining current and future SOC Services. Above all you will be responsible for the day-to-day health of the security infrastructure to ensure information, data, system security, integrity and emergency recovery are all functional.

Note:

Business needs may require working irregular hours or shift work (24/7, weekends, evenings, holidays, and travel for job related purposes) in order to do work or make changes or maintenance that are not approved to be done during the hours of 6am – 6pm.

For a full review of the position duties, details, and working conditions, please click here.

What We Are Looking For

Minimum Qualifications:

• Six (6) years of information systems experience in: IT cyber security, vulnerability management, and Center for Internet Security (CIS) Controls  ; OR

• An Associate's degree in Computer Science, Information Technology, or related field, OR completion of a two (2) year accredited vocational training program in information technology or related field; AND four (4) years of information systems experience in: IT cyber security, vulnerability management, and Center for Internet Security (CIS) Controls; OR

• A Bachelor's degree in Information Technology, Computer Science, or related field AND two (2) years of information systems experience in: IT cyber security, vulnerability management, and Center for Internet Security (CIS) Controls; OR

• A Master's degree in Information Technology, Computer Science, or related field may substitute for all of the above.

Desired Attributes:

• Demonstrated knowledge of TCP/IP networking, firewalls, and standard network protocols and architecture.

• Basic understanding of Center for Internet Security (CIS) Controls, NIST Cybersecurity Framework, and ISO 27001.

• Experience with Windows and Linux/Unix operating systems in enterprise environments and knowledge of Microsoft Entra (Azure AD) and Microsoft 365 security and compliance portals.

• Experience working with cloud infrastructure and container technologies (e.g., AWS, Azure, Docker).

• Experience with Active Directory, both on-premises and hybrid/cloud integrations.

• Familiarity with SIEM solutions and integrating vulnerability data into enterprise monitoring systems.

• Understanding of relational and distributed data systems, data retention, and reporting processes.

• Must have the ability to quickly grasp new concepts and techniques and apply them in different scenarios by approaching problems logically and systematically.

• Current knowledge of modern cyber threat detecting and monitoring software.

• Ability to explain complex cyber security issues to non-technical customers.

• Evidence of skill in establishing and maintaining effective working relationships with superiors, subordinates, peers and other agencies and the public.

• Requires strong technical analytical skills demonstrated in a secure data-center environment.

Application Details and Instructions

• Visit the State of Oregon job opportunities webpage to submit your application. Please ensure the work history in your applicant profile is up to date and attach a current copy of your cover letter and resume.  If you are a current State of Oregon employee, you must apply through your employee Workday account.

• This announcement is for 1 (one), full-time, SEIU represented, Sr. Vulnerability Management Engineer (Information Systems Specialist 7) position and may be used to fill future vacancies.

• Please save a copy of this job announcement for reference, as it is not available for you to view after the announcement deadline. If you have questions about the announcement, or need an alternate format to apply or for accommodation requests under the Americans with Disabilities Act (ADA), please contact the Recruiter, Nancy Karnas at: nancy.karnas@das.oregon.gov | 971-719-3083.

Benefits of Joining Our Team

The Department of Administrative Services (DAS) Team strives to create an environment that is supportive and encourages work-life balance and innovation. If you are ready to work with a great group of IT professionals, please consider joining our team of dedicated professionals who are passionate about ensuring that information confidentiality, integrity, scalability, and availability is maintained. 

Additional benefits include:

• Work/life balance, 11 paid holidays a year, and a competitive benefits package.

• Advancement and learning opportunities that will help grow your career with the State of Oregon.

• Get There - Oregon’s easy-to-use carpool matching tool and trip planner.

• Live, work, and play in Salem, Oregon.

• Hybrid work environment supported and encouraged! This position is eligible for hybrid work and in-office work will be required approximately one day per week and may be subject to change based on business needs. Terms of hybrid work and the work schedule will be discussed and agreed upon with the successful candidate and hiring manager.

Additional Details

• Employee is required to possess and maintain a valid driver’s license issued by the state where the employee resides or provide an acceptable alternate mode of transportation.

• Finalists will be subject to a computerized criminal history check. Adverse background data may be grounds for immediate disqualification.

• Employee is required to obtain and maintain CJIS clearance.

• Agency does not offer visa sponsorship. Within three days of hire, applicants will be required to complete I-9 documentation and confirm authorization to work in the United States. If your employment authorization and documentation is contingent on sponsorship now or in the future, you will not meet Agency employment eligibility standards.

• Eligible veterans who meet the qualifications will be given veterans' preference. For more information, please visit Veterans Resources.

• This position is designated as an “Essential Position” (State Policy #60.015.01) in all cases of official State office closures. The incumbent in this position is required to report to work in all cases of official notification of State office closures. Exceptions: previously approved vacation and absences. This position may be assigned tasks outside the normal position duties as needed to respond to the special conditions of the closures. If reporting to the normal work location is deemed too dangerous, then the person in this position must contact their supervisor to be reassigned to an alternate and/or remote location.

Helpful Links & Resources

How to Set Job Alerts | Workday Applicant FAQ | What You Need to Know to Get the Job

Oregon Job Opportunities Webpage | Classification and Compensation | Pay Equity

Come for a job. | Stay for a career. | Make a difference... for a lifetime!

The Department of Administrative Services is an Equal Opportunity, Affirmative Action Employer Committed to Workforce Diversity. At the Department of Administrative Services, we embody the value of hiring a workforce representative of the communities we serve, understanding that a diverse workforce revitalizes our state. We value diversity and foster a positive and welcoming environment where all employees can thrive.