Information Security Analyst (County Classification: Systems Administrator Ii/Iii)

About the Position

PLEASE NOTE: This recruitment is open until the position is filled. For first consideration for the position, please submit your application byMarch 15th 2024.

The County of San Luis Obispo's Information Technology Department is looking for an enthusiastic, experienced Information Security Analyst (Classification: Systems Administrator II/III) to join the County's Information Security Team. This role will serve as a key contributor to the team that strives to protect the County and the critical services it provides to constituents, including emergency response, public safety, and secure elections.

The primary focus of this position is to administer and enhance the County's Identity Governance and Administration platform, SailPoint IdentityNow.

This is an opportunity to work with amazing people who love to teach, use great tools, support our community, and learn new skills through employer sponsored training in an environment that prioritizes a work-life balance.

The Department

San Luis Obispo County Information Technology Department (ITD) offers an exciting, fast-paced environment where exceptional performance is encouraged and rewarded. ITD consists of 84 staff distributed among Administration, Applications, Customer Service / Delivery, Infrastructure, and Information Security Divisions. ITD resources are operated and maintained in a manner that supports high availability of services while minimizing risk of business interruption. ITD's focus is on developing a sustainable, customer-focused technology environment that enhances and improves the quality of technology services used by County departments for the benefit of all San Luis Obispo County residents, businesses, and visitors.

This career opportunity provides candidates the exposure of working with State and Federal partners as well as all County departments; essentially 23 different industries. The County supports a hybrid work environment, provides a generous pension, and encourages collaboration and inclusivity.

Our Community

Located halfway between Los Angeles and San Francisco, approximately 280,000 people call San Luis Obispo County home. Our County's natural beauty includes beaches, lakes, mountains, wetlands, and oak-studded hills. It is home to California Polytechnic State University, Cuesta Community College, Hearst Castle, two historical missions, a commercial airport, and a Mediterranean-like climate. Residents rejuvenate themselves by enjoying the county's year- round farmers' markets, wineries, public trails, and cultural events. When not working from home, this position resides in beautiful downtown San Luis Obispo.

Click Hereto learn more about the County of San Luis Obispo's Information Technology Department.

Click Here to view the full job description for Systems Administrator II.

Click Hereto view the full job description for Systems Administrator III.

This recruitment may be used to fill future permanent, substitute, limited term, and temporary positions, both full-time and part-time throughout the County.

The Ideal Candidate

About the Position

The Information Security Analyst will work in a small, talented team that utilizes a broad array of tools to protect the County and continuously improve defenses. The position is the guardian of staff identity and access. The Information Security Analyst is responsible for account life cycle management utilizing SailPoint IdentityNow and other tools.

The Information Security Analyst participates in the development of workflows, system configuration, documentation, optimization, and support related to identity and access management. The Analyst develops and effectively communicates department and organization wide policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. The Analyst is responsible for the on-going maintenance, testing, support and optimization of Identity Governance and Role Based Access Control (RBAC) at the County. The Information Security Analyst works independently, holds team and organization level responsibilities, and leads small to medium scale projects.

While the primary focus of this position is Identity and Access Management, as a member of the ITD Information Security Team, the analyst will also assist and participate in other general information security related activities including incident response.

Information Security Analyst Responsibilities

• Define and maintain IAM policies, procedures, and standards.

• Own, manage and continuously improve the automated system used for provisioning, de-provisioning, and modification of user accounts.

• Ensure efficient management of employee onboarding and offboarding processes.

• Implement identity synchronization and integration with various systems.

• Design, implement, and enforce access control policies and principles.

• Facilitate regular access reviews and certifications.

• Administer privileged accounts and monitor their usage.

• Implement just-in-time (JIT) privilege escalation and session monitoring using Microsoft Privileged Identity Management or other systems.

• Establish identity governance processes for managing user access rights.

• Conduct training sessions and awareness campaigns.

• Collaborate with the incident response teams to handle cybersecurity incidents.

• Monitor various systems for suspicious activities and unauthorized access.

• Manage relationships with IAM solution vendors and service providers.

• Maintain detailed documentation of IAM processes and configurations.

• Generate regular reports on access and identity-related metrics for management.

• Conduct risk assessments related to IAM and recommend mitigation strategies.

• Prepare for and participate in security audits and assessments and ensure compliance with regulatory requirements.

• Collaborate with other IT and security teams to integrate IAM solutions.

• Maintain current knowledge of the threat landscape and industry information security trends.

• Provide technical support for IAM-related issues and incidents.

• Troubleshoot and resolve problems related to user access and identity management.

• Foster a culture of security awareness within the organization.

• Share knowledge and best practices with the security and IT teams.

• Identify and remediate risk across the entire County estate.

• Receive, interpret, and act on threat intelligence.

• Function as an administrator and user of various security tools including vulnerability management, endpoint detection and response, SIEM, SOAR, and phishing response platforms.

• Implementation of security controls based on cybersecurity frameworks such as CIS, NIST CSF and/or NIST SP 800-53

• Document processes, procedures, and training documentation.

The Ideal Candidate

The ideal candidate will have a passion for cybersecurity, be able to think like a criminal while acting as a defender for good and be able to synthesize data from a wide range of inputs in order to identify threats and influence the workforce to better protect the County. The ideal candidate will be collaborative, have an inquisitive mind, and be able to maintain a sense of calm and, hopefully, a sense of humor during intense situations. The ideal candidate will have a strong desire and ability to integrate systems and to improve and automate manual processes wherever possible.

The Ideal Candidate will possess knowledge of one or more of the following:

• Computer networking concepts, protocols, tools, and security methodologies.

• Risk management processes (e.g., methods for assessing and mitigating risk).

• Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.

• Authentication, authorization, and access control methods and technologies (PKI, SAML, OpenID, OAuth, RBAC, etc.).

• Cyber defense and vulnerability assessment tools and their capabilities. adversarial tactics, techniques, and procedures.

• Defense-in-depth principles and network security architecture.

• Cyber defense and information security policies, procedures, and regulations.

• System administration, network, and operating system hardening techniques.

• Data security standards and regulations such as HIPAA, PCI-DSS, CJIS Security Policy, Federal Tax Information 1075, etc.

• Cybersecurity frameworks such as NIST CSF, NIST SP 800-53, CIS Top 20, etc.

• Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Systems Experience - the ideal candidate will have experience using, administering, and/or supporting several of the following:

• Microsoft Entra, SailPoint, Okta, One Identity, Ping Identity, ForgeRock, Oracle or other leading Identity and Access Management software.

• Sentinel or Splunk SIEM software.

• Linux Administration

• Microsoft 365 and associated cloud-based services including Exchange Online, Azure Active Directory.

• Microsoft Operating Systems, Active Directory, Group Policy Management, SCCM (or other systems management tools).

The Ideal Candidate will also have the following characteristics:

• Excellent interpersonal, oral, and written communication skills

• Ability to speak in front of groups

• Ability to work with people of various technical backgrounds

• Ability to "translate" obscure or abstract ideas into potential solutions

• Possess a great attitude and a "get it done" mind set

• Possess a strong sense of work ownership and a high degree of self-motivation

• Possess a desire to learn new technology

• Ability to follow incident handling methodologies

• Have strong analytical, problem-solving, and troubleshooting skills

• Ability to preserve evidence integrity according to standard operating procedures or standards

• Ability to work independently and collaboratively

• Ability to maintain strict confidence

• Ability to laugh, learn from mistakes, and a desire to constantly improve

Minimum Qualifications

A combination of education, training, and experience resulting in the required knowledge, skills, and abilities. An example of qualifying education and experience includes:

System Administrator II: Either A:Graduation from an accredited four-year college or university with a bachelor's degree. (Job-related experience may substitute for the required education on a year-for-year basis). In addition, two years of job-related experience with the experience listed above. OR B: An associate degree or 60 semester units or 90 quarter units from an accredited college or university or completion from a job-related, accredited vocational institution. In addition, two years of experience installing and maintaining hardware and software systems.

System Administrator III:Either A:Graduation from an accredited four-year college or university with a bachelor's degree. (Job-related experience may substitute for the required education on a year-for-year basis) In addition, four years of job-related experience with experience listed above. (A post-graduate degree in a related field may substitute for one year of the required experience). OR B: An associate degree or 60 semester units or 90 quarter units from an accredited college or university or completion from a job-related, accredited vocational institution. In addition, four years of job-related experience installing and maintaining hardware and software systems.

Technical Certifications - one or more of the following certifications, or similar are a plus but not required:

• Microsoft Systems, Security, and or Cloud Certifications

• (ISC)2 - CISSP, SSCP, CCSP, HCISPP, etc.

• GIAC - GSEC, GCIA, GICSP, GWAPT, GPEN, GCLD, etc.

• Sailpoint Certifications

How to Apply

Applications, including answers to supplemental questions, must be submitted online by the final filing date. To apply for this position, click "apply" at the top of this page.Most Countyrecruitmentsrequire you to respond to supplemental questions as part of the application process. We recommend that you review these questions prior to beginning your application.

An initial application review will be conducted. Candidates who meet the minimum qualifications and are best qualified will be invited to participate in selection activities which may include online assessments, performance exams, written exams, and interviews.

Final candidates will be required to have an in-depth background review performed before proceeding in the process. Please note that references will not be contacted until the end of the process.

If you have questions or would like to discuss the opportunity further, please contact Human Resources at hr@co.slo.ca.us. Confidential inquiries are welcomed.

For further information regarding the County of San Luis Obispo, visit our website atwww.slocounty.ca.gov.