Senior Cybersecurity Analyst

• This is a Direct Hire position, Hybrid On site (first week of the month being on site, the rest remote)

Essential Functions

• Work under limited supervision with members of the Information Security Office (ISO) and extended Company's teams on security solutions and implementations


• Serve as a core member of the Company's Information Security Office (ISO), performing varying security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, and resolution of security incidents.


• Collaborate with the Company's Security Advisory Committee, Company's segment leaders, and other security experts around the state to develop plans, if appropriate, for a Security Operations Center.


• Integrate knowledge of network protocols, services, threats, vulnerabilities, mitigation strategies, hardware capabilities, and other information to build a security environment that reduces and mitigates risk while allowing Company's open science mission to succeed.


• Evaluate a wide range of data, including Zeek (Bro) logs, email security logs, netflow data, centralized syslog, authentication logs, and others, to detect security incidents. Take timely action as appropriate: block problem traffic, send alerts, and/or investigate when suspicious activity is detected.


• Maintain ISO documentation and perform updates as needed


• Work with internal and external stakeholders to lead and complete new ISO projects and initiatives


• Responsible for identifying and integrating available threat intelligence feeds with Company's network security monitoring and SIEM services


• Responsible for working with ISO staff and peer teams to design and implement secure email gateway services.


• Responsible for working with ISO staff and peer teams to design and implement secure identity and access management services.


• Responsible for performing threat hunting of anomalous activity


• Responsible for monitoring and responding to security alerts


• Responsible for maintaining the vulnerability management asset inventory to ensure accurate reporting


• Responsible for creating the weekly public vulnerability scan report


• Responsible for creating the monthly enterprise vulnerability risk status report


• Responsible for identifying and attending approved online training on a periodic basis


• Lead incident response efforts with internal and external security personnel and system administrators.


• Respond appropriately to internal and/or external complaints and notifications (e.g., scanning, hacking, spamming, etc.).


• Promote a strong security culture throughout Company's internal network, consulting with Company's management and staff.


• Ability to be 'on call' outside of regular business hours on a regular and recurring basis
  
  

Key Success Factors

• Ability to prioritize and complete tasks assigned in a timely manner


• Strong interpersonal skills and the ability to work well in a team-oriented environment


• Working knowledge of IP-based networking


• Working knowledge of scripting using regular expressions, data, and text manipulation tools such as awk and sed.


• Background in basic statistics and analytics, and experience with modern analytic and visualization packages


• Adept at understanding technical information and learning new concepts


• Self-motivated with demonstrated ability to work highly independently, requiring little direct supervision.


• Keen attention to detail, avoiding shortcuts that may adversely impact the quality of work


• Strong analytical and problem-solving skills


• Ability to consider, understand, and prioritize security (and privacy, where applicable) principles, practices, and procedures in all aspects of your role with the company.


• Experience streamlining operational capabilities through standardization and automation.


• Able to work on multiple tasks and respond to rapidly changing priorities.


• Ability to serve as a consultant on long-range vision for security design for Comapny's security services.


• Able to identify and implement security enhancements that will maximize the security profile of Company's while being sensitive to its mission.


• Ability to formulate, organize, and present ideas in an effective manner. Develop proposals and articulate cost/benefit trade-offs to various audiences.


• Ability to work collaboratively in a team environment and the ability to lead teams to reach consensus.


• Knowledge of public-key and private-key encryption techniques, including DES, RSA, and PGP/GPG.


• Strong understanding of complex TCP/IP networks.


• Knowledge of Layer 2, Wireless, Switching, and Routing Protocols


• Familiarity with securing virtualized environments.


• Familiarity and experience working on research and education networks.


• Familiarity with Research and Education networking communities in the US or abroad.
  
  

Required Education And/Or Experience

• BA/BS in computer science or related field, or equivalent experience.


• Certifications and/or equivalent training in a technical security specialty (e.g., GIAC, CISSP)


• A minimum of 7 years of experience in information security, cybersecurity, or network security engineering design, deployment, and implementation of security solutions. This includes continuous monitoring and making improvements to those solutions, working with the information security and security operations teams.


• Experience implementing industry security standards, such as ISO 27001, NIST SP800-53, NIST Cybersecurity Framework, or the Center for Internet Security (CIS) Critical Security Controls


• Minimum of 4 years of experience running and supporting security information and event management (SIEM) services.


• Minimum of 4 years of experience running and supporting vulnerability management services.
  
  

Preferred Education And/Or Experience

• Bachelor's degree in cybersecurity, information assurance, or related field.


• Experience configuring and supporting security orchestration and automated response (SOAR) services.


• Experience programming in C, C++, Python, Ruby, or other popular languages.


• 4 years of experience maintaining and administering production Unix/Linux operating systems, including RedHat/CentOS and FreeBSD variants.

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.