Senior Cybersecurity Operations Analyst (Information Security)

Los Angeles County Metropolitan Transportation AuthorityLos Angeles, CA
Onsite

About The Position

Monitors, detects, and responds to security incidents and collaborates with various security, crisis and emergency management teams to ensure the safety of Metro’s digital and physical assets. Interviews are projected to be scheduled for the week of August 10, 2026. These dates are subject to change. We encourage you to monitor your governmentjobs.com profile and emails for the latest updates.

Requirements

  • Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or a related field
  • Five years of relevant experience performing information security, security monitoring, and incident response
  • A valid California Class C Driver License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions
  • Ability to work in a secure CSOC environment, which may require extended periods of time sitting and working at a computer
  • This is a 24/7 operation, and the role may require working in shifts, including nights, weekends, and holidays, to ensure continuous monitoring and response.

Nice To Haves

  • Certification in one or more areas of cyber security specialization: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or equivalent preferred
  • Experience supporting day-to-day operations in a Security Operations Center (SOC) or similar security operations environment.
  • Experience analyzing and correlating logs across enterprise tools (like Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Non-Delivery Report (NDR), Identity and Access Management (IAM), and cloud platforms) to understand endpoint, email, networks, identity, and cloud security controls, identify root causes, and track attacker behavior.
  • Experience contributing to the development or improvement of Security Operations Center (SOC) playbooks, escalation paths, or response workflows.
  • Experience operating in regulated, high-risk, or mission-critical environments, with the ability to communicate technical information clearly to both technical and non-technical audiences.
  • Experience participating in incident response, including triaging alerts, investigating threats, and helping contain, mitigate, or recover from security incidents.
  • Experience utilizing common cybersecurity frameworks (such as National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO 27001), or Cybersecurity and Infrastructure Security Agency (CISA) guidance) to prepare incident or activity reports for technical teams or management.

Responsibilities

  • Monitor cybersecurity events across assigned environment using advanced Security Information, Threat Intelligence, and Security Information and Event Management (SIEM) tools to detect and respond to security threats and incidents.
  • Identify, analyze, and respond to security incidents, coordinating with teams to contain, mitigate, and recover from such breaches.
  • Maintain awareness of local, national, and global threats and vulnerabilities and develop mitigation strategies to protect critical networks and assets.
  • Analyze security data to identify potential security incidents, conduct root cause analysis, and offer actionable recommendations to prevent future occurrences.
  • Identify and remediate vulnerabilities within assigned environments.
  • Collaborate with Information Security and Information Technology Services (ITS) teams to implement security patches and updates.
  • Maintain detailed and accurate records of security incidents, including timelines, actions taken, and outcomes.
  • Prepare and furnish reports for management and relevant stakeholders on Cyber Security Operations Center (CSOC) activities and incident response metrics.
  • Work closely with ITS, and other technical and security teams to ensure effective communication and coordination during security incidents.
  • Participate in cross-functional security initiatives and projects and take responsibility for associated tasks.
  • Address relevant maintenance and tuning of CSOC tools, including SIEM, IDS/IPS, firewalls, and other security technologies.
  • Address improvement plans to the development and enhancement of CSOC processes, playbooks, and procedures.
  • Identify areas for improvement in incident response and threat detection capabilities.
  • Address innovative ideas to security awareness campaigns, based on operations and incident response activities.
  • May be required to perform other related job duties

Benefits

  • Metro provides reasonable accommodation to enable individuals with disabilities to perform the essential functions
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service