Job No. 546275 Information Security Analyst

CLASSIFICATION TITLE: Operating Systems Analyst - Career

UNION CODE: R09

TEMPORARY END DATE: This position is temporary and ends on or before December 31, 2025. Any continuation beyond December 31, 2025 is contingent upon satisfactory performance and available funding.

FT/PT: Full-time   

PAY PLAN: 12-month   

WORKPLACE TYPE: On-site (work in-person at business location)

ANTICIPATED HIRING RANGE: $5,500 - $7,000

• However, offer amount will be commensurate with candidate’s experience, education, skills, and training.

CSU CLASSIFICATION SALARY RANGE: $5,158 - $12,730

PAY BASIS: Monthly  

BENEFITS: CSUB offers a best-in-class benefit package for eligible employees that includes an array of medical plans, choice of dental plans, vision coverage, retirement participation in CalPERS, CSU tuition waiver, up to 24 vacation days per year, sick leave with unlimited accrual, 14 paid holidays per year and more!  See our benefits website for additional information.

CANDIDATES ELIGIBLE TO APPLY: Open to all qualified applicants

SPECIAL INSTRUCTIONS TO APPLICANT:

FOR PRIORITY CONSIDERATION, applications must be received by March 12, 2025; however, the position will remain open until filled.

POSITION PURPOSE: Under the management of the Information Security Officer, the incumbent serves as a hands-on team player in our Information Technology Services (ITS) department. Our Information Security Office works to prevent, detect, respond, remediate, and anticipate cybersecurity threats to our university and works to ensure the confidentiality, integrity, and availability of our university systems and applications for protection of valuable assets.

The Information Security Analyst contributes to the development and use of security tools and reporting systems. The Analyst identifies risks and threats to assets and data systems ensuring compliance with University policies and standards, relevant regulations, and security best practices. Additionally, the Analyst assesses systems, processes, and networks, interacts with the campus community to develop solutions, and participates as a member on ITS project teams to incorporate security best practices into projects.

As a member of the Computer Security Incident Response Team, the Analyst investigates incidents, monitors, and investigates intrusions into the campus network, reports incidents, and performs mitigation activities in accordance with the campus incident response plan. In addition, as a member of the Information Security Working Group, the Analyst assists the Information Security Office with developing policies, standards, and procedures for the campus community.

DUTIES & RESPONSIBILITIES:

Advanced Threat Information/Analysis & Security Support

• Plan, install, configure, deploy, and use various security tools and reporting systems in the cloud and on-premises.
• Independently monitor and report on system vulnerabilities.
• Train and lead staff and students to report on and resolve vulnerabilities.
• Manage the campus Identity and Access Management (IAM) solution and advise the IAM Governance Committee.
• Manage the campus Security and Incident and Event Management (SIEM) solution, and respond to flagged incidents.
• Use independent judgment to respond to security incidents.
• Proactively identify and leverage threat intelligence data from reliable sources to enhance University security solutions.
• Provide independent guidance for confidential data and protected data systems and security reviews as part of the security risk assessment and product review process.
• Research and stay current with cybersecurity intelligence and strategies, hacker technologies, trends, and threats.
• Provide advanced guidance to the Information Security Officer on security enhancements and purchases of necessary tools.
• Develop security best practices, knowledge base articles, and guidelines.
• Stay informed and familiar with state and federal laws and regulations, CSU and University policies, standards, and processes.
• Keep up analytical skills, detail-oriented skills, ingenuity, and problem-solving skills critical to cybersecurity. Track and document account compromises and other security incidents and report statistics to ITS management and the various security subcommittees.
• Administrator the campus password manager.

Automation of Security Systems & Responses

1. Independently script automated responses to vulnerability reports, incidents, and repetitive processes.
2. Train other team members to properly interact with key systems.
3. Proactively ensure the highest levels of systems availability.
4. Work with vendors to ensure appropriate automated processes are implemented.

Technical Support & Consulting

1. Provide independent consultation and guidance to other ITS units and campus-wide clients.
2. Troubleshoot, diagnose and solve a variety of network- and system-based security issues.
3. Provide 3rd tier support.
4. Respond to and resolve support incidents within defined timelines.

Compliance & Security Awareness

1. Ensure campus systems, programs, procedures, and processes are compliant with state and federal laws and regulations, CSU audit requirements, as well as compliance to CSU and CSUB information security policies and standards.
2. Support the Information Security Officer in development and management of the campus Information Security Awareness Program.
3. Participate and assist in audits.
4. Assist clients with security products, security training and procedures.

REQUIRED QUALIFICATIONS:

EDUCATION & EXPERIENCE – Bachelor’s degree from an accredited four-year college or university in Computer Science, Computer Information Systems, Cybersecurity, Information Security, Information Systems, Engineering, or a related field with relevant technical training. Additional qualifying experience may be substituted for the required education on a year-for-year basis. Minimum of two (2) years (within 3 years) of full-time equivalent experience.

LICENSES – Possession of a valid driver’s license or the ability to obtain by date of hire.

SKILLS, KNOWLEDGE & ABILITIES (SKA’s) –

• Regular and reliable attendance is required.
• Proficient in at least one scripting language such as Python, Perl, Java, and/or PowerShell.
• Knowledge and experience with vulnerability reporting systems.
• Self-driven to learn new applications and emerging technology.
• Knowledge and use of support ticketing systems (i.e., ServiceNow).
• Demonstrated ability to maintain a high degree of confidentiality.
• Knowledge of internal operating system technology, computer operations and hardware, and network communications theory.
• Ability to use operating system languages as defined by the campus and ability to perform systems level programming in a distributed, networked environment.
• Ability to use performance monitoring software and interpret results.
• Ability to perform preventative and remedial maintenance to operating system(s).
• Ability to interface/integrate campus defined operating system(s) with software and other systems.
• Ability to evaluate existing and proposed systems and recommend upgrades and/or modifications.
• Knowledge of applications programming techniques and procedures.
• Understanding of job control and production procedures with an ability to troubleshoot and isolate production problems and applications code.
• Ability to research and survey new products and/or releases, such as productivity tools.
• Ability to establish and document operations procedures.
• Knowledge of network operating system and network architecture, configuration, and protocols.
• Knowledge of client server technologies.
• Knowledge of system management and security/control procedures.
• Knowledge of data communication network architecture, configuration, protocols, and interfaces.
• Ability to identify and implement critical maintenance fixes and to isolate and correct malfunctions, including interface problems.
• Ability to establish data security standards and procedures.
• Demonstrated customer service experience requiring a very high level of diplomacy and professionalism.
• Ability to use tact and diplomacy to effectively handle a broad range of high level and sensitive interpersonal situations with diverse personalities, and to respond appropriately to conflicts and problems.
• and teamwork by maintaining a positive, cooperative, productive work atmosphere in the University with the ability to establish and maintain effective working relationships within a diverse population and with those from various cultural backgrounds.
• Excellent communication skills; ability to effectively communicate information in a clear and understandable manner.
• Thorough knowledge of English grammar, spelling and punctuation.
• Ability to interpret, communicate and apply policies and procedures.
• Ability to maintain a high degree of confidentiality.
• Excellent organizational and time management skills with the ability to set own priorities to coordinate multiple assignments with fluctuating and time-sensitive deadlines.
• Excellent computer skills and competence with a variety of computer applications including word-processing, spreadsheets, databases, on-line systems, Internet as well as online calendaring and email.
• Working knowledge of or ability to quickly learn University infrastructure.

PREFERRED QUALIFICATIONS:

• Professional certifications or vendor certifications in information security.
• Working knowledge of Security Orchestration, Automation and Response (SOAR) systems.
• Knowledge and experience with Identity and Access Management (IAM) systems.
• Working knowledge of Tenable.
• Knowledge and use of either AWS or Azure.
• Experience with source control system tools (e.g., Git)
• Ability to collect and interpret raw network data using tools such as Wireshark, NetWitness, Snort.
• Working knowledge of network protocols such as HTTPS, SMTP, and DNS.
• Working knowledge and experience with various operating systems such as Unix/Linux, Windows, MacOS, and iOS,
• Working knowledge of Palo Alto Network firewalls
• Working knowledge of threat intelligence, threat analytics, and security analytics
• Working knowledge of commercial password manager tools.
• Working knowledge with tools such as asset discovery, vulnerability scanners, SIEM, intrusion detection, endpoint detection and response, next gen firewalls, behavioral analytics, and various firewalls
• Experience working on enterprise-level projects.
• Demonstrated skills in an institutional/educational environment utilizing a customer-oriented and service- centered attitude.
• Must be willing to travel and attend training programs off-site for occasional professional development.
• Must be able to work occasional holidays and adjust working hours to meet special jobs. May be called back periodically to perform work as needed on an emergency basis.

PHYSICAL DEMANDS: LIGHT WORK – involves mainly sitting, up to 25% standing or walking; lifting medium weight objects limited to 25 pounds.

ENVIRONMENTAL FACTORS:N/A

SPECIAL CONDITIONS:

SCREENING: Only those applicants possessing experience most directly related to the immediate needs of the office will be invited to appear before a Qualifications Appraisal Board for the purpose of appraising training, experience, and interest in the position.

CALIFORNIA STATE UNIVERSITY EMPLOYEES UNION: It shall be the policy of the CSU in filling vacant CSUEU bargaining Units 2, 5, 7 & 9 positions to fill such vacancies from among qualified individuals currently employed on-campus except when it is determined that it is necessary to appoint outside applicants to meet campus workforce diversity goals or to provide specialized skills and abilities that are not available from current employees.

BACKGROUND CHECK: Satisfactory completion of a background check (including a criminal records check) is required for employment. CSU will make a conditional offer of employment, which may be rescinded if the background check reveals disqualifying information, and/or it is discovered that the candidate knowingly withheld or falsified information. Failure to satisfactorily complete the background check may affect the continued employment of a current CSU employee who was conditionally offered the position.

SENSITIVE POSITION: Sensitive positions are designated by the CSU as requiring heightened scrutiny of individuals holding the position, based on potential for harm to children, concerns for the safety and security of the people, animals, or property, or heightened risk of financial loss to the CSU or individuals in the university community.

MANDATED REPORTER: Not a reporter.

GENERAL INFORMATION: It is the policy of California State University, Bakersfield to hire only United States citizens and aliens lawfully authorized to work in the United States. All new employees will be required to present documentation verifying their right to accept employment. You will also be requested to present a social security card at the time of initial appointment in compliance with state payroll regulations.  State regulations require that every state employee sign the Oath of Allegiance prior to commencing the duties of his/her State employment, except legally employed non-citizens. These individuals are required to sign the Declaration of Permission to Work.

EEO STATEMENT: All university programs and activities are open and available to all regardless of race, sex, color, ethnicity or national origin. Consistent with California law and federal civil rights laws, the CSU Bakersfield provides equal opportunity in education and employment without unlawful discrimination or preferential treatment based on race, sex, color, ethnicity, or national origin. Our commitment to equal opportunity means ensuring that every student and employee has access to the resources and support they need to thrive and succeed in a university environment and in their communities. The CSU Bakersfield complies with Title VI of the Civil Rights Act of 1964, Title IX of the Education Amendments of 1972, the Americans with Disabilities Act (ADA), Section 504 of the Rehabilitation Act, the California Equity in Higher Education Act, California’s Proposition 209 (Art. I, Section 31 of the California Constitution), other applicable state and federal anti-discrimination laws, and CSU’s Nondiscrimination Policy. We prohibit discriminatory preferential treatment, segregation based on race or any other protected status, and all forms of discrimination, harassment, and retaliation in all university programs, policies, and practices.

The CSU Bakersfield is a diverse community of individuals who represent many perspectives, beliefs and identities, committed to fostering an inclusive, respectful, and intellectually vibrant environment. We cultivate a culture of open dialogue, mutual respect, and belonging to support educational excellence and student success. Through academic programs, student organizations and activities, faculty initiatives, and community partnerships, we encourage meaningful engagement with diverse perspectives. As a higher education institution, we are dedicated to advancing knowledge and empowering individuals to reach their full potential by prioritizing inclusive curriculum development, faculty and staff training, student mentorship, and comprehensive support programs. At CSU Bakersfield, excellence is built on merit, talent, diversity, accessibility, and equal opportunity for all.