Security Analyst

While candidates from anywhere in California are welcome to apply, there is a strong preference for those who reside on the Central Coast (Ventura, Santa Barbara, San Luis Obispo, Monterey and Santa Cruz Counties). This role may offer opportunities for remote work; however, familiarity with and proximity to our local customers is valued.

Central Coast Salary Range: $95,062 - $137,840

Job Summary:

The Security Analyst is responsible for helping to protect CenCal Health’s system, networks, and data from cyberthreats through monitoring security events, assessing risks, implementing security solutions, and ensuring compliance with security policies. As a member of the Security Office, the Security Analyst helps to ensure the safety and integrity of CenCal Health’s information systems.

Duties and Responsibilities:

Policies and Trainings

• Assist with the maintenance and update of security policies to ensure they are up-to-date, aligned with security industry standards, and effective.

• Assist with the security awareness training plan and assist in the development of training materials as needed.

• Assist with new employee trainings, monthly security trainings, and phishing tests.

• Educate staff on information security through training and awareness programs.

Event Monitoring and Incident Response

• Monitor network traffic for suspicious behavior and identify potential threats.

• Assist with monitoring security events and alerts, and work with third-party Security Operations Center to evaluate tickets for review and escalation.

• Assist in response and investigation of security incidents in accordance with CenCal Health’s Incident Response Plan.

• Assist with performing root cause analysis and recommending improvements to prevent future incidents.

Cybersecurity and Vulnerability Management

• Assist in the development of identity and access controls, help manage the periodic access review process.

• Assist with the vulnerability management program and creation of tickets for security risks and for the IT department to be addressed during scans.

• Assist with and collaborate with IT to ensure patches are made timely.

Cybersecurity Prevention

• Assist and participate in annual security risk assessments and penetration testing.

• Implement and maintain security protocols and procedures to protect information systems and data.

• Assist with analyzing emerging threats and providing recommendations for proactive defense strategies.

• Stay up to date on the latest intelligence, including hackers’ methodologies, to anticipate and help prevent security attacks.

Knowledge/Skills/Abilities:

• Knowledge of security policies, procedures, and best practices.

• Familiarity with security tools and technologies such as firewalls, intrusion detection systems, and EDR software.

• Understanding of network security, cryptography, malware analysis, and incident response.

• Knowledge of compliance frameworks like NIST, CIS controls, PCI-DSS, or GDPR.

• Ability to effectively prioritize multiple tasks and deadlines.

• Ability to assume responsibility and exercise good judgment in making decisions within the scope of authority of the position.

• Ability to handle sensitive information with confidentiality and integrity.

• Ability to establish and maintain effective and cooperative working relationships with management and staff.

• Ability to work under pressure to accurately complete tasks within established deadlines.

• Ability to demonstrate high attention to detail.

• Strong analytical and problem-solving skills.

• Excellent communication and teamwork abilities.

• Understanding of CenCal Health’s operations and processes a plus.

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, or a related field.

• 1-3 years of experience in cybersecurity or a related field.

• Relevant certifications such as CompTIA Security+, CISSP, or CEH are a plus.

• Experience with DarkTrace, Microsoft Defender, E5, Windows, Linux, or similar security tools.