Information Security Analyst

Multi-State Lottery Association - Urbandale, IA



The Multi-State Lottery Association is a non-profit government benefit association based in Urbandale, IA responsible for administration of multi-jurisdictional lottery games, including Powerball. MUSL is fully owned by its lottery members and is operated for the benefit of participating lotteries.

The Information Security Analyst will provide expertise in developing information security standards for the Association and participating Lotteries, review installations throughout the United States, and ensure all sites are in compliance with the published standards and goals of the organization.

Essential Duties:

Act as an independent technical resource for participating lotteries.

Travel to sites across the United States to review compliance with the Association's rules and guidelines.

Assist with development of information security policies and procedures in line with the Association’s mission and industry best practices.

Assist Information Technology and Software Development groups in design of hardware and software systems, including off-site/cloud based systems.

Participate in incident investigations and provide subject matter expertise.

Oversee outsourced providers of day to day administration of information security tools and devices.

Required Qualifications:

One or more years of work experience as a network/system engineer, security analyst, penetration tester, forensics specialist or equivalent combination of education and experience.

Ability to create, read, and interpret documents such as network diagrams, vulnerability scans, operating instructions and procedure manuals.

Ability to communicate complex information security topics with experts and non-experts.

CISSP or willingness to obtain within 12 months of hire.

Ability and willingness to travel for up to 5 days at a time with a minimum of 15 trips annually.

Authorization to work in the United States and ability to pass a background check.

Preferred Experience/Qualifications:

Bachelor's Degree in Technology, Computer Science, Engineering, or similar

IT or Security Certifications

Experience with a large multi-site environment

Experience with hosted/cloud services

Software development or scripting coursework or experience

Knowledge of some of the following topics:

  • Auditing, monitoring, and risk assessments
  • HIPAA, HITRUST, ISO 27001, NIST, PCI-DSS, ITIL, COSO, COBIT, or similar regulations/frameworks
  • Encryption, access control, cryptographic key management, and PKI
  • Windows/Linux/Unix/MacOS/Android/iOS
  • Networks, firewalls, IDS/IPS, and end point security
  • Authentication systems, including multi-factor
  • Vulnerability assessments, pen testing, social engineering
  • Data encryption protection systems e.g. data at-rest, in-transit
  • Virtualization/containerization
  • SIEM, Log management
  • Blockchain technology
  • Cloud Computing (Azure/AWS/etc.)

To Apply, please upload your resume as a PDF and provide a brief description of why you're a good fit for the position in the cover letter field, along with salary requirements. We plan to accept applications through September 14, 2018. You may also visit our website at for information about the organization and this role.

Job Type: Full-time


  • Information Security: 1 year (Required)


  • Bachelor's (Required)


  • CISSP (Preferred)
  • Any Information Security Certification (Preferred)


  • English (Required)

Work authorization:

  • United States (Required)