Technical Program Manager Cybersecurity Jobs in Utah

JOB DESCRIPTION:
The Office of Legislative Services (LSO) is a non-partisan office that provides internal support to the entire legislative branch. LSO provides support in varying ways, such as human resources, finance, IT services, printing, and more! As an internal support office, we look for individuals who embody a customer service mindset and demonstrate our core values. 
One of the best parts about working for the Legislative Services IT team is the reach your work will have within state government. We are looking for a seasoned cybersecurity professional with deep expertise across enterprise security, application development security, networks, cloud services, and end-user protection. In this role, you will help design, implement, and continuously improve security tools, processes, reporting, services, and policies relating to our network infrastructure, applications, endpoints, identity systems, and servers.  You will serve as a trusted technical advisor, owning and maintaining a multi-year cybersecurity architecture roadmap aligned with organizational priorities and help mature the organization's overall security posture through sound engineering and secure architecture.
This is a full-time, nonpartisan position that requires flexibility to work extended hours between November and March in preparation for, and during, the annual general legislative session. During the session (January through March), employees are required to work on-site. Outside of the session, employees are primarily office-based, with the option to work remotely once a week. Employees must maintain a permanent residence in Utah.

IDEAL CANDIDATE:
The ideal candidate will bring strong analytical judgment, technical depth, and a comprehensive understanding of cybersecurity methodologies, engineering practices, risk-based decision-making, and long-term cybersecurity strategic planning and implementation expected of a seasoned security professional.
The Cybersecurity Engineer is expected to demonstrate meticulous attention to detail, outstanding problem-solving skills, sound technical leadership, and the ability to perform effectively under pressure and tight deadlines.
They will have extensive experience with incident response across detection, triage, containment, eradication, recovery, and post-incident remediation, as well as leading security initiatives that reduce organizational risk.
To ensure success, a Cybersecurity Engineer must be comfortable working across a wide range of technologies and collaborating effectively with internal teams, vendors, and external partners while mentoring others and driving continuous improvement.
The successful candidate will demonstrate advanced knowledge of technologies such as antimalware, SIEM, firewalls, VPN, data loss prevention, IDS/IPS, IAM, reverse proxy, WAF, application security, cloud security, endpoint protection, vulnerability management, and security automation. They will be able to translate technical findings into actionable recommendations for non-technical users, guide secure design decisions, and balance operational needs with strong security controls. A deep knowledge of the NIST Cybersecurity Framework and the ability to apply it in architecture, risk assessment, control selection, and program maturity efforts is strongly desired.

JOB DUTIES:

• Help lead the design and evolution of enterprise cybersecurity architecture that protects the organization's data, systems, applications, and networks.
• Participate in the planning, implementation, management, monitoring, and continuous improvement of security measures that protect the organization's data, systems, and networks.
• Review new and existing technologies, projects, and system changes to identify security risks and recommend practical, risk-based mitigations.
• Design and review secure architecture for internally developed applications, infrastructure, identity services, and cloud-based systems.
• Monitor for indicators of intrusion or compromise and guide advanced investigation, containment, eradication, recovery, and post-incident remediation activities.
• Troubleshoot complex security, system, and network issues and provide risk-informed recommendations to technical and business stakeholders.
• Administer and improve security controls across IAM, email security, endpoint security, vulnerability management, logging, and detection platforms.
• Participate in change management, security assessments, vulnerability remediation, and application security testing, including SAST/DAST and related secure development practices.
• Develop and maintain security standards, procedures, metrics, and reporting to support compliance, operational maturity, and informed decision-making.
• Provide technical leadership, and collaborate with internal and external groups on cybersecurity initiatives, training, and incident preparedness.

SALARY:
The salary range for this position is 55.00 to 70.00 per hour, plus comprehensive medical, dental, leave, and retirement benefits. The starting salary will be determined based on the successful candidate's experience and qualifications.  

APPLICATION INSTRUCTIONS:
Send a current resume and cover letter (combined as a single PDF) by the closing date to hr@le.utah.gov. Failure to attach both a cover letter and resume or to combine as a single PDF may result in disqualification.
SUPPLEMENTAL INFORMATION:
Employees in this position are classified as exempt under the Fair Labor Standards Act (FLSA).

Employees in this position serve at the pleasure of the appointing officer in an at will status and may be terminated at any time without cause. This is not a career service position. The State of Utah is an equal opportunity employer. Hiring is done without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, or disability.  

Reasonable accommodations provided to known disabilities of individuals in compliance with the Americans with Disabilities Act. For accommodation information or if you need special accommodation to complete the application process, please contact Gary Crofts (gcrofts@le.utah.gov). 

Veteran's Preference (Utah Code Ann. 71A-2-102): An applicant claiming veteran's preference must do so in the body of the cover letter by providing sufficient information to identify the type of veteran's preference requested. Additionally, a copy of the applicant's DD-214 must be attached to the resume. If a disabled preference is claimed, a copy of the applicant's letter form the VA stating the disability percentage granted must also be attached.