6,021 Security Analyst jobs in the United States

Information Security Analyst

Job Location(s)

US-CA-Los Angeles

Job ID

2025-2182

Category

Information Technology

Department

Engineering Solutions

Type

Regular Full-Time

Position Summary

Overview: The Information Security Analyst is an early-career role within TCW's Information Security team, focused on supporting the firm's enterprise security and vulnerability management efforts. The team is responsible for protecting the confidentiality, integrity, and availability of the firm's data and technology assets through proactive monitoring, response, and continuous improvement of information security controls and processes. The analyst will gain hands-on experience with security monitoring, incident investigation, and collaboration across technology and business teams to strengthen the firm's overall security posture.

Purpose: The Information Security Analyst will assist in the continuous improvement of TCW's information security operations by analyzing and assessing threats, supporting vulnerability management processes, and contributing to incident response activities. The analyst will work closely with experienced security professionals and cross-functional partners to detect risks, validate security events, and coordinate remediation efforts. This position offers a strong foundation for developing technical skills and understanding enterprise security operations in a dynamic, regulated environment.

Essential Duties

Support the full vulnerability management lifecycle, including vulnerability scanning, risk assessment, prioritization, and remediation efforts.
• Investigate, validate, and escalate suspicious or anomalous security activity through available tools and telemetry.
• Perform detailed analysis of alerts and events generated from security platforms to determine risk and potential impact to the firm.
• Contribute to the enhancement of technical controls and operational processes across the Information Security Program.
• Collaborate with technology and cross-functional teams to assess existing controls and implement security improvements.
• Document incident investigations, analysis steps, and remediation outcomes for knowledge sharing and continuous improvement.
• Participate in threat analysis activities, including reviewing threat intelligence and mapping to TCW's environment to identify risks or exposures.
• Support and maintain the firm's vulnerability management lifecycle, including vulnerability scanning, reporting, and remediation coordination.
• Conduct proactive threat hunting and investigation of anomalous behavior in TCW's systems and networks.
• Participate in regular security operations reviews and recommend improvements to processes, tools, or controls.
• Stay current with evolving threat landscape, attack techniques, and best practices in security monitoring and response.
• Perform other security-related duties as assigned.

Required Qualifications

• Minimum of 2 years of experience in an Information Security Analyst, SOC Analyst, or similar role with significant exposure to security operations, incident and threat analysis
• Hands-on or foundational experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar, etc.) and vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7).
• Understanding of incident response methodologies, threat detection, and information security principles.
• Strong analytical skills with the ability to identify root causes and provide actionable recommendations.
• Excellent written and verbal communication skills, including clear documentation of investigative steps and outcomes.
• Ability to work independently and collaboratively with technical and non-technical stakeholders.
• Comfortable managing multiple priorities in a fast-paced, evolving environment.

Professional Skills Qualifications

• Bachelor's degree in information security, Computer Science, Information Systems, or related field
• Familiarity with threat modeling frameworks (e.g., MITRE ATT&CK).
• Knowledge of security frameworks (e.g., NIST, ISO, CSA)
• Exposure to cloud platforms (e.g., Azure, AWS) and associated security practices.
• Experience with scripting or querying tools (e.g., KQL, PowerShell, Python) to assist with analysis and automation.
• Certifications such as Security+, CySA+, CEH, GCIA, GCIH, GSEC, or equivalent.

Estimated Compensation:

Base Salary: For a CA based position, the base salary is $90-100K.

Other Compensation :In addition to the base salary, this position will be eligible to be considered for an annual discretionary bonus.

Benefits : Eligible for TCW's comprehensive benefits package. See more information here.

#LI-JS1

This position is located in the city of Sacramento .

Under the general direction of the Information Technology Manager I, Information Security Office (ISO) in the Information Technology Services Division (ITSD), the Information Technology Specialist I performs duties in support of the Department of Rehabilitation's (DOR) Information Security and Privacy Programs. In this capacity, the incumbent acts as a lead on complex information security and privacy activities, works independently as a technical specialist, and is part of a team that develops and maintains the Department's ISO and Privacy policies and procedures. Maintains and conducts security awareness training and risk assessments. Responds to and investigates security and privacy incidents that threaten the confidentiality, integrity, and availability of DOR's information assets. This position requires strong organizational skills, knowledge of State and Federal security requirements, experience performing risk analysis and management, ability to identify and respond to threats, and the ability to investigate security and privacy incidents. The incumbent must possess strong written and verbal communication skills and knowledge of State and departmental administrative processes.

Under Government Code 14200, this position is a hybrid, in-office/telework position, and may be subject to change. Incumbent must live and work in California. Incumbent can be required to report to the office, or any designated location at any time. Telework agreements can be modified and/or cancelled at any time.

Multiple vacancies may exist .

Essential Functions
Security Incidents: Investigate, report, and resolve information security incidents, including: investigate, contain, and mitigate incidents; coordinate with stakeholders when incidents occur; maintain consistency with response plans; and report events using established criteria. Communicate recovery activities to internal stakeholders, executive staff, and management teams, while ensuring the impact of the incident is understood. Incorporate lessons learned and update strategies, as needed. Develop, maintain, and periodically test department response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery, Technology recovery plan and Disaster Recovery).

Audits and Analyses: Protect DOR's network assets by researching emerging threats, reviewing firewall log files, intrusion detection and prevention logs, and system event logs. Manage the department security information event management system (SIEM) by triaging alerts, performing threat hunts, configuring detection rules, and documenting procedures. Perform network vulnerability assessments and routine audits of hardware and software to identify security gaps and risks. Establish and manage a baseline of network operations and expected data flows for users and systems to support in the detection of security incidents. Establish incident alert thresholds to detect and analyze events to better understand attack targets, methods, and impact of those events. Monitor the network's physical environment, personnel activity, and external service provider activity to detect potential cybersecurity events, including identification of unauthorized individuals, connections, devices, and software. Maintain detection processes and procedures by verifying adequate identification of anomalous events. Review and respond to advisory notifications from the Multi-State Information Sharing and Analysis Center, including other security organizations, and determine appropriate action.

Security Policy, Standards and Procedures: In collaboration with the ISO, develop and maintain DOR information security and privacy policy, ensuring security and privacy roles and responsibilities are identified, coordinated, and aligned with internal roles and external partners. Support the Risk Manager in maintaining the department risk management program by gathering information from business units, creating reports, and enforcing security controls. Ensure legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed. Enforce a minimum level of security across the organization via a baseline configuration of IT/industrial control systems. Verify all users, including privileged users, third-party stakeholders (e.g., suppliers, customers, and partners), senior executives, and physical and information security personnel understand their role and responsibilities. Provide input and deliver information security training to departmental staff.

You will find additional information about the job in the Duty Statement .

Minimum Requirements You will find the Minimum Requirements in the Class Specification.

• INFORMATION TECHNOLOGY SPECIALIST I

Additional Documents

• Job Application Package Checklist
• Duty Statement

Position Details Job Code #:
JC-489486

Position #(s):
-014

Working Title:
Information Security Analyst

Classification:
INFORMATION TECHNOLOGY SPECIALIST I $6,513.00 - $,729.00 A
7,163.00 - 9,599.00 B
7,864.00 - 10,537.00 C
New to State candidates will be hired into the minimum salary of the classification or minimum of alternate range when applicable.

# of Positions:
Multiple

Work Location:
Sacramento County

Telework:
Hybrid

Job Type:
Permanent, Full Time

Department Information
If you are interested in becoming a part of a diverse and inclusive workforce where talent, experience, and expertise are valued, the Department of Rehabilitation (DOR) invites you to apply for this employment opportunity.

Join us in our Sacramento location within walking distance of Golden 1 Center, Downtown Commons (DOCO), State Capitol Park, the American River, seasonal farmers markets, public transportation, and a large variety of shopping locations and eateries. If you strive to make a difference, we invite you to seek a career with DOR!

DOR administers the largest vocational rehabilitation program in the country. We have a three-pronged mission to provide services and advocacy that assist people with disabilities to live independently, become employed and have equality in the communities in which they live and work. DOR provides consultation, counseling, and vocational rehabilitation, and works with community partners to assist the consumers we serve.

DOR is committed to recruiting and retaining a talented and skilled workforce that reflects the diversity of communities that exist in California and values fairness and inclusion. Diversity encompasses characteristics including, but not limited to, race, color, ethnicity, national origin, language, religion, age, disability, sexual orientation, gender, gender identity and expression, socioeconomic status, veteran status, criminal history, and family structures.

Our work at DOR is guided by the following core values:

• We believe in the talent and potential of individuals with disabilities.
• We invest in the future through creativity, ingenuity, and innovation.
• We ensure our decisions and actions are informed by interested individuals and groups.
• We pursue excellence through continuous improvement.
• We preserve the public's trust through compassionate and responsible provision of services.

VISION STATEMENT:

Employment, independence, and equality for all Californians with disabilities.

MISSION STATEMENT:

DOR works in partnership with consumers and other stakeholders to provide services and advocacy resulting in employment, independent living, and equality for individuals with disabilities.

People with disabilities are encouraged to apply.

Department Website:

Special Requirements
If mailing in an application, include JC#489486 on your State Application (STD678) in the "Examination(s) or Job Title(s) for which you are applying" section found under the "Questions" tab of your CalCareer application template . Applicants who do not submit the required information may not be considered for this job.

It is a requirement to submit work experience, dates, and hours worked, contact names and phone numbers of supervisors on the state application in order of current and old work experience. Resumes or other documents cannot substitute a state application. Applicants who fail to submit a completed STD.678 may not be considered.

• Do not submit any document(s) with your social security number on it
• Do not submit your exam result(s) along with your application.
• Do not submit the "Equal Employment Opportunity" questionnaire (page 5) with your completed application. This page is for examination use only.

Upon hire, applicant may be required to provide copies of transcripts or diploma.

Statement of Qualifications:
APPLICATIONS RECEIVED WITHOUT A STATEMENT OF QUALIFICATIONS (SOQ) WILL NOT BE CONSIDERED. NOTE: Resumes, cover letters, and other materials will not be accepted in place of the required SOQ.

• Applicant must answer the questions listed below in numerical order.
• SOQ shall not exceed One page in length, single-spaced, 12 point Arial font, and be in justified paragraph format.
• The document shall be titled "Statement of Qualifications - (Your Full Name)."
• When completing the SOQ, please include all relevant experience, education, and training for the statement below.

1. Explain a complex security incident you investigated. What tools and methodologies did you use, and how did you communicate your findings to stakeholders?

2. Reflect on a mistake or oversight you made in a security-related task. What did you learn from the experience, and did it change your approach to the task?

Application Instructions
Completed applications and all required documents must be received or postmarked by the Final Filing Date in order to be considered. Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application.
Final Filing Date: 8/31/2025
Who May Apply
Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply.

Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process. Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).

How To Apply
Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:

Address for Mailing Application Packages

You may submit your application and any applicable or required documents to:

Department of Rehabilitation
N/A
Attn: Personnel Unit#008, PAS-250346/JC-489486
721 Capitol Mall

Sacramento , CA 95814

Address for Drop-Off Application Packages

You may drop off your application and any applicable or required documents at:

Department of Rehabilitation
N/A
Personnel Unit#008, PAS-250346/JC-489486
721 Capitol Mall

Sacramento , CA 95814

08:00 AM - 05:00 PM

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is optional. It may be included, but is not required.
• Statement of Qualifications -
  Please see Special Requirements for instructions.
  

Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.

Desirable Qualifications In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

Benefits
There are many benefits to joining our team! We offer competitive pay, advancement opportunities, upward mobility, work-life-balance, and for many positions, flexible hours and remote work options. The State of California offers a competitive and comprehensive benefits package, subject to eligibility, such as:

• Pension through CALPERS
• Medical Benefits, including health , dental , and vision insurance
• Medical benefits into retirement
• Deferred Compensation options: 401k and 457b
• Leave benefit options (Vacation/Sick or Annual Leave)
• Paid Holidays
• ScholarShare (College Saving Account)
• Pre-Tax Parking
• Commute Program
• School Loan forgiveness under the federal Public Service Loan Forgiveness
• Disability Insurance Programs
• Alternate Work Schedules
• Employee Assistance Program
• Employee Wellness Services

For the latest information on the attractive benefits offered by the state of California, explore the Health Benefits Summary provided by CalHR .

Contact Information
The Hiring Unit Contact is available to answer questions regarding the position or application process.
Department Website:
Hiring Unit Contact:
Jessica Cervantes
(


Please direct requests for Reasonable Accommodations to the interview scheduler at the time the interview is being scheduled. You may direct any additional questions regarding Reasonable Accommodations or Equal Employment Opportunity for this position(s) to the Department's EEO Office.
EEO Contact:
Office of Civil Rights
(

California Relay Service: 1- (TTY), 1- (Voice) TTY is a Telecommunications Device for the Deaf, and is reachable only from phones equipped with a TTY Device.

Examination Information
To o tain list eligibility for the Information Technology Specialist I position(s), you must first take the online exam :



Equal Opportunity Employer
The State of California is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.

It is an objective of the State of California to achieve a drug-free work place. Any applicant for state employment will be expected to behave in accordance with this objective because the use of illegal drugs is inconsistent with the law of the State, the rules governing Civil Service, and the special trust placed in public servants.

Working for Pacific Service Credit Union

We put people first. That includes our members, our employees and the communities we serve. We hire energetic and enthusiastic people who want to work as part of our team.

What's in it for you?

Health insurance coverage: We provide our employees with 100% premium employer-paid medical, dental, vision, disability and basic life insurance for full-time employees and a low monthly premium for eligible dependents.

401k: We contribute 3% of your base salary to your 401k account regardless of whether you contribute or not. In addition, we match 75% of your contributions up to the first 3% of eligible compensation beginning after your first day of employment and up to 6% after three years of service. Employees are vested at 100% for all employer contributions beginning the first day of employment.

Bonus program: All employees are rewarded for attaining our annual organizational goals.

Tuition Reimbursement program for employees eligible after six months of service.

Recognition program where employees can be nominated by management, their peers or by members.

Employee referral bonus.

Student Loan Repayment Assistance: Contributions toward your student loans every month by the credit union after six months of service.

Employees are eligible to receive a consumer loan rate discount.

Vacation and sick time: Full-time employees receive more than two weeks' vacation per year, 11 paid holidays and 10 days of sick leave.

Our Hiring Process

We believe it's important for you to know where you stand in our hiring process. Below is an outline of the steps we take to make the best hires possible.

Apply: Submit your resume for one of our job openings.

Our Talent Team and our partner - Total Quality Consulting (TQC Team) will review your submitted information and will call or email successful applicants for an interview as soon as possible.

In-Person Interview: After a screening call with TQC, we'll invite a final number of candidates to our office for an in-person interview or set up a live Zoom meeting with the hiring manager(s).

If we believe that you have what it takes, we'll make an offer and provide next steps in the hiring process!

Pre-employment requirements include an employment application, standardized testing, including aptitude or skill-set test, a drug screen, a credit screen and a criminal background check.

ABOUT THIS ROLE:

At Pacific Service Credit Union, we uphold trustworthy practices, deliver innovative solutions, and provide exceptional support to our internal teams. Every employee contributes to operational excellence, efficiency, and compliance, driving our success and member financial well-being. As an Information Security Analyst, you will be responsible for helping ensure the security of the organization's computer systems and information assets by monitoring, investigating, and mitigating security threats. You will work closely with the IT team and provide information security support across various business units to ensure information security practices are implemented. You will support the Information Security Manager in all aspects of Information Security functions, including the configuration and maintenance of information security standards, technologies, processes and procedures, as appropriate.

ESSENTIAL JOB FUNCTIONS:

• Conduct regular vulnerability assessments and help triage identified vulnerabilities and escalate tickets to IT teams for remediation.
• Monitor service tickets, security alerts, reported incidents, and SIEM escalations. Provide support for incident resolution.
• Monitor and investigate reported phishing emails.
• Support evidence collection and documentation of mitigation and remediation efforts which may be required as a result of audits or regulatory examinations.
• Support information security initiatives to improve system security hardening, establish secure baselines, and ensure compliance with regulatory requirements.
• Assist and support in the implementation of Information Security related projects.
• Provide after-hours coverage, when necessary, for security events and incident security tasks.
• Drive innovation and continuous improvement. Foster a culture of evolution by adapting to changes, optimizing processes, and contributing to the growth and success of the organization.
• Demonstrate accountability in your work by taking ownership of responsibilities, setting clear goals, meeting deadlines, and delivering high-quality results. Act with integrity, follow through on commitments, and uphold professional standards.
• Support and uphold company culture by aligning your work with the credit union's mission and values, contributing to a positive, high-performing environment. Serve as a role model for professionalism, collaboration, and the pursuit of excellence.
• Maintain regular and reliable attendance, including punctuality, are essential to achieving organizational excellence.

SUPPORTING FUNCTIONS:

• Performs other duties as assigned.

COMPETENCIES:

The following competencies are essential for success in this role:

• Collaboration: Establishes and maintains effective relationships, exhibits tact and consideration, displays positive outlook and pleasant manner, offers assistance and support to co-workers, works cooperatively in group situations, works actively to resolve conflicts
• Effective Communication: Expresses ideas and information in a clear and concise manner; tailors message to fit the interests and needs of the audience; delivers information in a manner that is interesting and compelling to the listener; keeps others adequately informed
• Execution: Turns strategy into action, aggressively pursues challenging goals and objectives; willing to put in requisite time and effort to accomplish objectives; takes a highly focused, goal driven approach toward work; implements plans efficiently and produces desired results within a specified timeframe
• Job Knowledge: Competent in required job skills and knowledge, exhibits ability to learn and apply new skills, requires minimal supervision, displays understanding of how job relates to others, uses resources effectively
• Member/Customer Focus: Displays courtesy and sensitivity, manages difficult member/internal customer situations, meets commitments, responds promptly to member/internal customer needs, solicits feedback to improve service
• Problem solving: Identifies and resolves problems in a timely manner, gathers and analyzes information skillfully, develops alternative solutions, resolves problems in early stages, works well in group solving situations
• Quality of work: Demonstrates accuracy and thoroughness; critically reviews work processes to ensure quality; identifies and resolves problems that could impact quality; makes sure deliverables and services meet all requirements, expectations and deadlines; does not make the same mistakes twice

These competencies are essential to upholding our values and delivering exceptional service to our internal and external members.

REQUIRED MINIMUM QUALIFICATIONS:

Education:

• Associate degree in Information Systems/Technology, Computer Science or related discipline; or equivalent experience required.

Experience:

• 1-3 years' experience in information security, preferably in a financial setting

PREFERRED QUALIFICATIONS:

• Security+, Network+, GSEC or other related certifications are desired.

OTHER INFORMATION:

Hours Required: A work schedule of Monday through Friday, generally 8 a.m. to 5 p.m., with alternate work schedules, as required. This is a non-exempt position. Hours may fluctuate to accommodate response to incident and security events. This position is eligible for the credit union's telecommute policy.

Travel Requirements: Minimal travel required.

Innovative Systems, Inc., headquartered in Pittsburgh, PA, has Information Security Analyst position responsible for supporting & enhancing security acrss infrastructure, coding, SaaS platforms, bus. continuity, disaster recovery, & policy implmntn. This is a hybrid position w/ability to telecommute 2 days per week w/approp. telecommuting sys.; remote worksite must be w/in commuting distance of Pittsburgh, PA for 3 in-office days. Apply online at innovativesystems.com

recblid i6nze3rpabidbiak5t3lb27qlhzrd8

Job Type

Full-time

Description

The Information Security Analyst is part of Poppy Bank's Information Security Team who proactively administer & maintain our cybersecurity risk posture. The incumbent will be experienced in information security and work under minimal supervision from the Information Security Officer. This position will be a liaison and collaborator with business units and work closely with the Information Technology team, various departments, and a variety of vendors that supply the bank's layered information security architecture. The incumbent is responsible for ongoing and continual administration, monitoring and reporting of information security events and the platforms that generate those events. Platforms include security awareness, breach & attack simulation, identity & access management, secrets management, vulnerability & patch management, end-point protection, and data-protection among others. The incumbent will work closely with a Managed Security Provider as some of the security platforms are outsourced to an MSP. The Information Security Analyst assists the ISO in responding to and mitigating threats across the organization.

The incumbent will work closely with the Information Security Officer in identifying analyzing and responding to emerging threats to the environment adjusting the security configurations accordingly. The Information Security team frequently collaborates across the organization in securely deploying new technologies and processes that support the business while protecting the Bank and its customers. The incumbent may serve as a liaison with the Bank's Compliance and Audit teams, ensuring close tracking of various audit and exam Where division of duties permit, the incumbent will assist the Information Technology team in various projects and tasks. This position requires that the individual work in office, independently, and with minimal supervision.

Ensures compliance within all Bank policies and procedures, as well as all applicable state and federal banking regulations.

Essential Duties and Responsibilities include the following:

• Configure, manage, monitor and report on multiple cyber security platforms and controls such as enterprise security awareness, breach & attack simulation, asset management, identity & access management, email security, and infrastructure & end-point security.
• Monitor and respond to alerts from various information security platforms
• Assists with implementation of policies or procedures and remediates compliance issues throughout the organization
• Work closely with internal IT, vendors, and third-party MSPs to identify and remediate vulnerabilities, manage risk and optimize security.
• respond to audits and exams and track remediation efforts to conclusion
• Diagnose and research causes of security issues (e.g., misconfigured DNS records, exposed insecure protocols, use of known vulnerable software, weak ciphers)
• Collaborate with IT to ensure secure deployment of new & existing capabilities and product deployments comply with security policies and standards
• Monitor and report on emerging cybersecurity threats and trends and provide recommendations to internal teams on how to mitigate risks.
• Respond to security incidents and/or policy violations
• Track, and report on the security risk register, Key Performance Indicators (KPI)/Key Risk Indicators (KRI) and MSP service tickets to the Information Security Officer and update the department at weekly Team meetings
• Implement proactive preventative measures
• Perform scheduled software/hardware system checks & upgrades (may involve occasional after-hours work)
• Research, install, configure, maintain, and monitor cyber security platforms
• Maintain strong knowledge of the threat landscape and mitigation strategies
• Document internal processes and procedures related to duties and responsibilities
• Minimum of 10 hours CRA volunteer hours per year. Volunteer hours are typically scheduled within business hours. This is compensable time and mileage is reimbursed
• Other duties as assigned

Supervisory Responsibilities: None

Qualifications:

• A minimum of 4 years of experience as an Information Security Analyst or similar role.
• A BA/BS degree in Computer Science or related discipline; or an equivalent combination of experience and education.
• Security certification(s) such as security+, CEH or similar is preferred
• Experience in the highly regulated banking industry is preferred.
• Experience in securing Saas environments is preferred.
• Proficient understanding of IT concepts and principles, including strong knowledge of networking, server management, firewall, SD-WAN, and virtualization technologies.
• Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework (CSF), NIST 800-53, CIS Security Controls, MITRE ATT&CK)
• Understanding of the following technologies: PC's, laptops, printers, mobile devices such as Apple iPad, and other peripherals, networking, Active Directory, Exchange, Windows, Microsoft Office, anti-virus / anti-malware software.
• Working knowledge of Windows 10, Server 2016, Server 2019, Office 2019, M365
• Ability to prioritize and manage multiple tasks to meet deadlines
• Ability to interact with a wide range of internal staff members and external professionals, including consultants, vendors, auditors, technical staff, and others
• Intermediate level experience with creating technical documentation.
• Experience of working in a fast-paced, team-oriented environment, with the ability to positively contribute to cross-functional teams
• Intermediate level knowledge of networking/security solutions including firewalls, IPS, SIEM, LAN/WAN, wireless, VPN, VLANs preferred
• The ability to learn quickly and adapt to changing requirements

Physical/Mental Demands & Work Environment:

The incumbent in the course of performing this position frequently spends time writing, typing, speaking, listening, operating basic business equipment, seeing (such as close, color and peripheral vision, depth perception and adjusted focus), sitting, walking, standing, reading documents or instruments, detailed work, problem solving, client contact, reasoning, math, language, presentations, verbal and written communication, analytical reasoning, stress, multiple concurrent tasks, and constant interruptions. The incumbent for this position will occasionally lift up to 15 pounds, pull, squat, kneel and reach. The incumbent is in a non-confined office-type setting in which he or she is free to move about at will. The work environment is typically quiet to a moderate noise level.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Management reserves the right to change this position description at any time.

Requirements

See qualifications above.

Poppy Bank provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

For San Francisco Postings, review Fair Chance Ordinance .

CA Privacy Notice to Applicants/Employees

Salary Description

$72,205-$117,307 DOE

Applied Medical is a new-generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute to a larger capacity than is possible in typical positions.

Position Description

Are you passionate about cybersecurity? Join Applied Medical as an Information Security Analyst and be at the forefront of protecting our digital infrastructure. As part of our Corporate Applications team, you'll be working onsite at our global headquarters operating security controls, monitoring networks for threats, supporting the installation of security software, and participating in investigations. The Information Security Analyst will also contribute to the development and maintenance of security policies and compliance activities.

Key Responsibilities:

• Security Operations: Plan, implement, operate, upgrade, and monitor security measures to protect computer networks and sensitive information from potential security threats, vulnerabilities, or breaches. Respond to security incidents by conducting Incident Response activities and safeguarding digital files and vital electronic infrastructure.

• Process Improvement & Compliance: Support the development and maintenance of security policies and procedures. Assist with the internal and external audits by providing compliance documentation aligned with applicable laws, regulations, and industry standards. Recommend and assist in delivering security education, training, and awareness initiatives to promote organizational compliance and best practices.

• Technical Support: Stay informed on evolving regulatory requirements and emerging cybersecurity trends. Serve as a technical resource for project initiatives and implementation of projects.

Position Requirements

This position requires the following skills and attributes:

• Associate's degree or above in Information Security, Computer Science, or a related field, or equivalent experience
• 3 - 5 years of experience of relevant work experience.
• Experience with monitoring and analyzing security alerts from SIEM tools.
• Experience in managing endpoint security solutions (antivirus solution).
• Experience supporting DLP programs and investigating potential data exfiltration events.
• Experience in vulnerability scans and remediation.
• Ability to think in a proactive and innovative approach to solve security challenges
• Strong organizational and analytical skills with a proven ability to solve complex problems
• Excellent written and verbal communication skills
• Ability to multi-task and plan all aspects of a project or process from inception to completion
• Familiarity with cybersecurity tools and technologies
• Proficiency in Microsoft Office programs

Preferred

The following skills and attributes are preferred:

• Strong understanding of Windows, macOS, and/or Linux endpoint architecture and security features
• Experience with security incident investigation and remediation
• Familiarity with malware behaviors and attack techniques

If you are excited about making a significant impact and contribute to a dynamic team, we encourage you to apply and embark on an exciting journey of excellence at Applied Medical. Our unique business model empowers our team members to have a substantial impact, unlike conventional roles.

Benefits

Benefits:

• Competitive compensation range: $8000 - $11000/year (California).
• Comprehensive benefits package.
• Training and mentorship opportunities.
• On-campus wellness activities.
• Education reimbursement program.
• 401(k) program with discretionary employer match.
• Generous vacation accrual and paid holiday schedule.

Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply.

Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life.

Equal Opportunity Employer

Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.

Overview

BAI, a defense contractor, is seeking an Information Security Analyst with 3+ years of experience with DevSecOps Automation and Continuous Integration Continuous Delivery (CI/CD) experience to work Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. Opportunities for career advancement, excellent benefits, and stability are some of the advantages of our well established, employee-focused company.

 

Salary

The typical annual salary range for this position is $120,000.00 USD to $153,000.00 USD. Salary will be based on current qualifications, directly related experience, geographic location, and possible contractual requirements which could fall outside of this range.

Responsibilities

Information Assurance

• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• May respond to computer security breaches and viruses
• Work with ISSO and Cybersecurity Lead to respond to computer security breaches and viruses

DevSecOps

• Integrate security into a continuous integration, continuous delivery, and continuous deployment pipeline to minimize vulnerabilities in software code
• Ensure the entire DevOps team, including developers and operations teams, share responsibility for following security best practices
• Enable automated security checks at each stage of software delivery by integrating security controls, tools, and processes into the DevOps workflow
• Assist in the continuous integration, continuous delivery/deployment (CI/CD), continuous feedback, and continuous operations cycle

Qualifications

• Between 3 and 10 years of practical CEAT computer security experience in secure network and system design, analysis, procedure/test generation, test execution and implementation of computer/network security mechanisms
• Security+
• CISSP Certification or NSA equivalent
• IAM Level 2 as per DoD Directive 8570.01; and experience working with the Risk Management Framework processes.
• Strong DEVSECOPS and Linux background is a plus
• Excellent communication and interpersonal skills—verbal, non-verbal, written, and listening—for staff, customer, and organizational level communications, both formal and informal
• Ability to work independently, self-starter
• Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint

Education:

BS or BA degree in a Computer or Information Science field or a relevant technical discipline.

ALLOWABLE SUBSTITUTION: An additional 6 years of relevant work experience may be substituted for a Bachelor’s Degree, or 4 additional years of work experience with a relevant Associate’s Degree.

Clearance :

Condition of employment – must have a T5/Secret Security Clearance and be able to acquire and maintain a DoD Top Secret Security Clearance. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

Citizenship :

Must be a US citizen at time of application.

BAI is an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status, or any other non-merit based factors made unlawful by federal, state or local laws.

We are seeking an Information Security Analyst with 3+ years of experience with DevSecOps Automation and Continuous Integration Continuous Delivery (CI/CD) experience to work Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. Opportunities for career advancement, excellent benefits, and stability are some of the advantages of our well established, employee-focused company.

Responsibilities

• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
• May respond to computer security breaches and viruses
• Work with ISSO and Cybersecurity Lead to respond to computer security breaches and viruses

DevSecOps

• Integrate security into a continuous integration, continuous delivery, and continuous deployment pipeline to minimize vulnerabilities in software code
• Ensure the entire DevOps team, including developers and operations teams, share responsibility for following security best practices
• Enable automated security checks at each stage of software delivery by integrating security controls, tools, and processes into the DevOps workflow
• Assist in the continuous integration, continuous delivery/deployment (CI/CD), continuous feedback, and continuous operations cycle

Qualifications

• Between 3 and 10 years of practical CEAT computer security experience in secure network and system design, analysis, procedure/test generation, test execution and implementation of computer/network security mechanisms
• Security+
• CISSP Certification or NSA equivalent
• IAM Level 2 as per DoD Directive 8570.01; and experience working with the Risk Management Framework processes.
• Strong DEVSECOPS and Linux background is a plus
• Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer, and organizational level communications, both formal and informal
• Ability to work independently, self-starter
• Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint

Education:

BS or BA degree in a Computer or Information Science field or a relevant technical discipline.

ALLOWABLE SUBSTITUTION: An additional 6 years of relevant work experience may be substituted for a Bachelor's Degree, or 4 additional years of work experience with a relevant Associate's Degree.

Clearance:

Condition of employment - must have a T5/Secret Security Clearance and be able to acquire and maintain a DoD Top Secret Security Clearance. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

Citizenship:

Must be a US citizen at time of application.

About Us

Credit Unions are not-for-profit organizations that exist to serve their members rather than to maximize profits. As a member-owned institution, our focus is on providing a safe place to save and borrow at reasonable rates! That is why our mission at Mid American Credit Union is to be the best choice for quality financial services, above and beyond all other alternatives.

Who Should Apply

Mid American Credit Union is looking for individuals that like to be challenged, rewarded and inspired! This job is perfect for self-motivated, quick thinkers with unmatched problem-solving skills. Are you ready to be a part of a team that provides outstanding service each and every day?

What You'll Do

As part of the IS team, the Information Security Analyst is responsible for assisting in on going reviews of IS systems and hardware to assure that regulatory requirements are met, and that all internal policies and procedures conform to regulatory levels. The Information Security Analyst is also responsible for assisting in the detection and remediation to third party audits, testing, and real time security vulnerabilities. The Information Security Analyst will also assist other members of the IS team and third-party vendors in maintaining technology infrastructure and processing cycles in a manner that adheres to IS Compliance, IS Security, and IS performance standards.

Operations

• IS Compliance and Cybersecurity
  • Lead the completion of Mid American Credit Union's ongoing review of IS systems and procedures.
  • Assist management to ensure information security policies and procedures conform to the appropriate regulatory level.
  • Assist management by monitoring and advising on status of emerging trends in the industry and research potential security enhancements as directed by management.
• Third Party Audits and Testing
  • Schedule and review periodic vulnerability and penetration test reports to track vulnerability and patch remediation efforts.
  • Work with 3rd party vendors and IS staff to identify the appropriate mitigation action and remedies to reduce the risk to Mid American Credit Union information assets with minimal negative impact on the associated business processes.
  • Investigate and report security violations of Mid American Credit Union Information Security policies and procedures
  • Assist in Mid American Credit Union's annual Disaster Recovery testing and complete internal audits which include, but are not limited to, active directory reviews, internet logs, internal privileges, system access, media access, etc.
• Network Performance and Hardware
  • Review hardware, software, and firmware technologies for possible security vulnerabilities that could impact the security of Mid American Credit Union assets.
  • Provide trouble shooting and problem resolution for functional security and resolve security issues.
• User Support -
  • Respond to user requests for assistance in a timely, accurate and professional manner.
  • Log all users requests in the Help Desk ticketing systems.
  • Assist other team members with open tickets as needed.
  • Perform any other duties as needed.
• Third Party Vendor, Training and Documentation -
  • Establish and maintain relationships that adhere to the credit union service standards with other Mid American Credit Union employees and third party vendors.
  • Assist in the daily coordination and collaboration with third party vendors.
  • Assist in IS security awareness and training efforts throughout the credit union.
  • Assist in updating existing IS policies and procedures.
  • Maintain all required documentation which includes, but not limited to; the ACET workbook, exam documentation, daily monitoring, vulnerabilities and remediation, audit test findings and remediation, incident response, change management, etc.

Cultural Responsibilities

Committed to being part of the Mid American team! Show commitment to learning and growth. Consistently demonstrate a positive attitude and strong people skills during interactions with co-workers and members. Be able to work individually as well as with a team. Embrace change and be able to think of new ideas to assist our members. Demonstrate financial responsibility and professionalism.

What You Need to Get the Job Done

• Must be team oriented and possess a positive attitude while working well with others.
• Customer service experience including the ability to effectively perform the skills necessary to deliver exceptional service, such as communication, empathy, patience and organization.
• Education - A 2-year college degree or completion of a specialized course of study at a business or trade school preferred.
• Experience - 6 months to 2 years of similar or related experience, including time spent in preparatory positions. Working knowledge of front and back office financial institution processes is a plus.
• Understanding of networks and cyber security. Working knowledge relating to Microsoft server, exchange, and active directory preferred.
• A significant level of trust and diplomacy is required to be an effective subject matter expert in the position. In-depth dialogues, conversations and explanations with customers, direct and indirect reports and outside vendors of a sensitive and/or high confidential nature is a normal part of the day-to-day experience. Communications can involve motivating, influencing, educating and/or advising others on matters of significance.
• Must be able to work extended hours and/or travel off site when requested by management.
• 24x7 on call is required with on-site Saturday rotation duties.
• Must be able to perform job functions independently or with limited supervision and work effectively on own or as part of a team. Must be able to read and carry out various written instructions and follow oral instructions.
• Strong verbal and written communication skills. Strong organizational skills
• Ability to demonstrate a high degree of integrity, trust-worthiness, and maintain confidentiality of information and job-related data.
• Ability to prioritize multiple tasks and adjust to changing priorities, as well as, meet hard deadlines.

What You'll Love About Us

• A Company that Cares. We are more than a financial institution; we give back to our community. We teach financial literacy and donate to and support local organizations.
• Work that Stays at Work. Genuine work/life balance served here!
• Rest and Relaxation. Paid vacation time, personal leave and paid holidays

An Equal Opportunity Employer

Mid American Credit Union is an Equal Opportunity Employers whose policy is not to discriminate unlawfully against any qualified employee or applicant for employment on the basis of protected military or veteran status, disability, race, color, religion, sex, age, national origin, pregnancy, genetic information, sexual orientation, gender identity, or any other classification protected by applicable local, state or federal law.

Because our team members are trusted to handle sensitive information, we require all candidates who receive and accept employment offers to complete a background check before being hired.

This Company Participates in E-Verify

The Right to Work

Este Empleador Participa en E-Verify

El Derecho a Trabajar