INFORMATION SECURITY ANALYST

About The Position

Requirements

• A Bachelor's degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field.
• Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities.
• Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
• Knowledge of: Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards.
• Knowledge of: Emerging technologies and the possible impact on existing information systems, instructional processes and business operations.
• Knowledge of: Incident response best practices and software license compliance laws.
• Knowledge of: Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls.
• Knowledge of: Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory.
• Knowledge of: Principles of program design, coding, testing and implementation.
• Knowledge of: Advanced knowledge of desktop and server operating systems including Windows and Linux.
• Knowledge of: Disaster recovery and backup including business continuity planning.
• Knowledge of: Principles of training, support, and services to end-users.
• Knowledge of: General research techniques and data driven analytics.
• Knowledge of: Modern office administrative practices and use of tools including computers, websites and other applications related to this job.
• Skills and Ability to: Apply current NIST and ISO standards to current operations.
• Skills and Ability to: Respond to incidents and events in a timely manner.
• Skills and Ability to: Prepare clear and concise system documentation and reports.
• Skills and Ability to: Prioritize assigned tasks and projects.
• Skills and Ability to: Communicate complicated technical issues and the risks they pose to stakeholders and management.
• Skills and Ability to: Establish and maintain effective and cooperative working relationships with others.
• Skills and Ability to: Analyze situations accurately and adopt effective course of action.
• Skills and Ability to: Coordinate, develop, and implement projects.
• Skills and Ability to: Work with attention to detail and independently with minimum supervision.
• Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination.
• Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the District's hiring policy; or demonstrated equivalent transferable skills to do so.

Nice To Haves

• Bilingual abilities, desirable.

Responsibilities

• Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure.
• Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District.
• Work with campus and district technology teams to ensure the security of all applications and assets.
• Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations.
• Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards.
• Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management.
• Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies.
• Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises.
• Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc.
• Monitor and maintain the District's security event information system (SEIM) and data loss prevention software.
• Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment.
• Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff.
• Assist in the secure management and maintenance of the District's network authentication systems for wired and wireless network access.
• Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems.
• Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures.
• Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions.
• Perform other duties reasonably related to the job classification.

Benefits

• In addition to the salary, this position qualifies for the choice of one of the District's excellent Health Benefits and Welfare plans, which the premium cost is 100% paid by the District for the employee and their eligible dependents, and one health plan costing an estimated $60,000 for the District for fiscal year 2025-2026. We offer two medical plans (Anthem Blue Cross [PPO] and Kaiser Permanente (HMO]); dental (Delta Dental PPO); vision (VSP Choice); life insurance for the employee (The Hartford); life insurance for eligible dependents (The Hartford); a long term disability/income protection plan (The Hartford); and an employee assistance plan (Anthem EAP).
• In addition, the District contributes an additional 26.81% of the employee's salary towards an eligible employee's pension (CalPERS).
• Employees may also elect to participate in optional plans including purchasing additional life insurance for themselves and their eligible dependent(s); enroll in a medical, transportation, and/or dependent care Flexible Spending Account(s) (with the $4 monthly administrative fee paid by the District); and set pre-taxed dollars aside to supplement their pension in a 403b (tax shelter annuity) and/or a 457 (deferred compensation) plan(s).
• Classified employees also earn 10 to 22 days per year of vacation (based on years of service), and up to 12 sick leave days (pro-rated for less than full-time positions). There are currently 20 paid holidays.