Initial Posting Date:
12/05/2025Application Deadline:
12/16/2025Agency:
Department of Administrative ServicesSalary Range:
$6,679 - $10,092Position Type:
EmployeePosition Title:
Security Analyst II – Threat Hunter (Information Systems Specialist 7)Job Description:
Now Hiring, Apply Today! Security Analyst II – Threat Hunter (ISS7)
Enterprise Information Services (EIS) is a state government-wide information technology (IT) organization led by Oregon’s State Chief Information Officer (CIO). The Cyber Security Services (“CSS”) is an information security management section within EIS. CSS’s mission: Leading Oregon Government to safeguard the State’s information resources. CSS is comprised of the following units: Governance Risk and Compliance, Enterprise Security Architecture, Network Security, and Security Operations Center (SOC).
What You’ll Do
As the Security Analyst II - Threat Hunter you’ll continuously monitor Microsoft Sentinel and Defender XDR for security threats, perform initial triage to validate and assess alerts, and provide timely, actionable notification and escalation to support effective incident response and protect state agencies from cyber threats.
For a full review of the position duties, details, and working conditions, please click here.
This Is What You Need to Qualify
Six (6) years of information systems experience in: Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps, Attack surface reduction (ASR), device timeline, evidence & response actions, Live response sessions and EDR forensics ; OR
An Associate's degree in Computer Science, Information Technology, or related field, OR completion of a two (2) year accredited vocational training program in information technology or related field; AND four (4) years of information systems experience in: Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps, Attack surface reduction (ASR), device timeline, evidence & response actions, Live response sessions and EDR forensics; OR
A Bachelor's degree in Information Technology, Computer Science, or related field AND two (2) years of information systems experience in: Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps, Attack surface reduction (ASR), device timeline, evidence & response actions, Live response sessions and EDR forensics; OR
Master's degree in Information Technology, Computer Science, or related field may substitute for all of the above.
The ideal candidate will possess the following desired skills and attributes:
Ability to perform deep incident investigation using Sentinel’s Investigation Graph and entity behavior analysis.
Ability to pivot across tools (e.g., Defender → Sentinel → Purview → Entra logs → Tenable One).
Advanced KQL (Kusto Query Language) capability including ability to build complex queries, joins, unions, time-series queries, anomaly detection patterns, custom hunting queries, and scheduled analytics rules.
Capable of developing hypothesis-driven hunting campaigns (threat intel, MITRE ATT&CK-based, behavior-based).
Strong proficiency in analyzing logs from: Entra ID sign-in logs, Office 365 audit logs, Windows event logs (including Sysmon),Network/Firewall logs
Capable of drafting response actions, such as isolating devices, blocking IPs, disabling accounts, or updating detection rules.
Preference Statement
Preference will be given to candidates with one or more of the following certifications: CISSP: (Certified Information Systems Security Professional), SC-200: Microsoft Security Operations Analyst, SC-100: Cybersecurity Architect, AZ-500: Azure Security Engineer, CompTIA CySA+ or Security+ , GIAC (GCIA, GCIH, GMON) for advanced threat hunting.
How to Apply
Click on the "Apply" link above to complete your online application and submit by the posted closing date and time. For step-by-step instructions click apply to work for the state or current state employee.
Required Documents: cover letter and resume
The work experience and/or education section of your application must clearly demonstrate how you meet all the minimum qualifications and desired skills and attributes listed above. Your cover letter should address your skills supporting an enterprise level environment. Failing to attach required documents may result in disqualification of your application.
The State of Oregon does not request or require your age, date of birth, attendance or graduation dates from an educational institution during the application process.
Complete any supplemental questions through Workday.
Be sure to check Workday and your email for additional tasks and updates. After hitting submit there may be additional required tasks for you to complete prior to the announcement closing. Please save a copy of this job announcement for reference, as it is not available for you to view after the announcement deadline.
If you are requesting Veteran’s Preference, you will receive a Workday task to submit your supporting documents. Be sure to submit your documentation prior to the close date of this posting in order to have the preference considered. Click on the following link for additional information on Veterans’ Preference.
Benefits of Joining Our Team
The Department of Administrative Services (DAS) Team strives to create an environment that is supportive and encourages work-life balance and innovation. The EIS team is built on collaboration and support. We work together to ensure our customer agencies receive the highest quality of service. We take pride in our work and look for ways to innovate. EIS is committed to hiring highly skilled, diverse and dedicated employees who will bring a unique skill set to the team.
Our amazing benefits include:
Comprehensive Health Coverage: Low-cost medical, vision, and dental plans for you and your family. Additional benefits include life insurance, short- and long-term disability, deferred compensation savings plans, and flexible spending accounts for health and childcare. Optional benefits including life insurance, disability, FSA, and more
Generous Paid Time Off: 11 holidays, 3 personal business days, monthly sick leave and vacation leave that increases with years of service.
Career Development: Opportunities for professional growth and advancement.
Get There - Oregon’s easy-to-use carpool matching tool and trip planner.
Public Service Loan Forgiveness: You may qualify for the PSLF program.
Hybrid Work Opportunity: This position supports a hybrid work schedule. You can expect to work in the office 1 day per week, with work arrangements periodically reviewed to ensure business needs are met.
Additional Details
This announcement is for one, full-time, permanent, SEIU represented, Security Analyst II – Threat Hunter (Information Systems Specialist 7) position and may be used to fill future vacancies.
The salary listed is the non-PERS qualifying salary range. If the successful candidate is PERS qualifying, the salary range will reflect an additional 6.95%.
Review the Classification and Compensation page for more details on the classification, or you may visit our website for information on the job offer process following pay equity.
Applicants must be authorized to work in the United States. Applicants who require VISA sponsorship will not be considered at this time.
Employee will be required to possess and maintain a valid driver’s license issued by the state where the employee resides or provide an acceptable alternate form of transportation.
Employee is required to obtain and maintain CJIS clearance.
Finalists will be subject to a computerized criminal history check. Adverse background data may be grounds for immediate disqualification.
If you need an application in an alternate format in order to complete the process or for accommodation requests under the Americans with Disabilities Act (ADA), you may contact the Recruiter, Nancy Karnas at: nancy.karnas@das.oregon.gov | 971-719-3083.
Helpful Links & Resources
How to Set Job Alerts | Workday Applicant FAQ | What You Need to Know to Get the Job
Oregon Job Opportunities Webpage | Classification and Compensation | Pay Equity
Come for a job. | Stay for a career. | Make a difference... for a lifetime!
The Department of Administrative Services is an Equal Opportunity, Affirmative Action Employer Committed to Workforce Diversity. At the Department of Administrative Services, we embody the value of hiring a workforce representative of the communities we serve, understanding that a diverse workforce revitalizes our state. We value diversity and foster a positive and welcoming environment where all employees can thrive.