Sr. Cybersecurity Analyst

Reporting to the Manager, Information Security Office, the Senior Cybersecurity Analyst actively works as a cybersecurity resource on multiple complex projects to initiate and drive security activities to ensure networks, systems, and data are protected and available to support the organization's mission to serve the California educational community. Working as part of the core security team, the analyst will collaborate with members of the Security Advisory Committee, peer staff throughout the organization, and external solution partners to establish and enhance security tools, resources, and processes. This includes data protection, incident response, vulnerability management, email gateway security, identity and access management security architecture, network security monitoring, malware defense, and security awareness training. This position also functions as a point of cybersecurity expertise to internal staff and may serve as an official representative of in technical forums, panel discussions, and conference presentations.

Work under limited supervision with members of the Information Security Office (ISO) and extended teams on security solutions and implementations
Serve as a core member of the Information Security Office (ISO), performing varying security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, and resolution of security incidents.
Collaborate with the Security Advisory Committee, segment leaders, and other security experts around the state to develop plans, if appropriate, for a Security Operations Center.
Integrate knowledge of n etwork protocols, services, threats, vulnerabilities, mitigation strategies, hardware capabilities, and other information to build a security environment that reduces and mitigates risk.
Evaluate a wide range of data, including Zeek (Bro) logs, email security logs, netflow data, centralized syslog, authentication logs, and others, to detect security incidents. Take timely action as appropriate: block problem traffic, send alerts, and/or investigate when suspicious activity is detected.
Maintain ISO documentation and perform updates as needed
Work with internal and external stakeholders to lead and complete new ISO projects and initiatives
Responsible for identifying and integrating available threat intelligence feeds with network security monitoring and SIEM services
Responsible for working with ISO staff and peer teams to design and implement secure email gateway services.
Responsible for working with ISO staff and peer teams to design and implement secure identity and access management services.
Responsible for performing threat hunting of anomalous activity
Responsible for monitoring and responding to security alerts
Responsible for maintaining the vulnerability management asset inventory to ensure accurate reporting
Responsible for creating the weekly public vulnerability scan report
Responsible for creating the monthly enterprise vulnerability risk status report
Responsible for identifying and attending approved online training on a periodic basis
Lead incident response efforts with internal and external security personnel and system administrators.
Respond appropriately to internal and/or external complaints and notifications (e.g., scanning, hacking, spamming, etc.).
Promote a strong security culture throughout internal network, consulting with management and staff.
Ability to be 'on call' outside of regular business hours on a regular and recurring basis

Key Success Factors

Ability to prioritize and complete tasks assigned in a timely manner
Strong interpersonal skills and the ability to work well in a team-oriented environment
Working knowledge of IP-based networking
Working

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.