IT Cyber Security Analyst

(ON-SITE - in-person position)  
Starting Salary: $102,255.04/year 
Total compensation, include salary and benefits, is $160,927.00
 
Paid Time Off (per year)

• 22 paid holidays 
• 12 paid vacation day (accrued based on time worked)  
• 12 sick days (accrued based on time worked) 
• 1 floating holiday

This is an open until filled position.  However, interested, qualified applicants are encouraged to apply by the next closing review date of April 21, 2025.  Applicants who apply after April 21, 2025 will be held for review, only as needed.

About the Team
At the Coast Community College District, the IT Cyber Security Analyst plays a vital role in supporting the success of students, faculty, and staff across Coastline College, Golden West College, and Orange Coast College. We’re looking for talented individuals who are passionate about technology and eager to contribute to our mission of fostering innovation, security, and seamless digital experiences.About the District
Established in 1947, the Coast Community College District (CCCD) is a beacon of educational excellence in Orange County, California. As a public, multi-campus community college district, CCCD has been transforming lives through accessible, high-quality education for over seven decades.
CCCD's impact extends across three comprehensive colleges: Coastline Community College, Golden West College, and Orange Coast College. Together, these institutions serve over 51,000 students annually, offering a rich tapestry of academic and vocational programs, support services, and co-curricular activities.
CCCD takes pride in fostering a supportive and inclusive environment. Our commitment to diversity, equity, and inclusion extends beyond our student body to encompass our employees and the broader community. We believe that this inclusive approach not only enriches the educational experience but also prepares our students for success in an increasingly diverse world.
Join us in shaping the future of education in Orange County. At CCCD, you'll be part of a dynamic team dedicated to making a lasting impact on our students and community. Together, we can continue our legacy of transforming lives through the power of education.

Summary
Performs analysis to prevent, detect, and respond to possible cyber-attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. Contains and remediates, or provides direction to others to contain and remediate, confirmed security incidents. Documents circumstances around confirmed security incidents for compliance reporting. Documents, logs, and identifies specific vulnerabilities that may cause ongoing impact and immediate impact to the environment. Make risk-adjusted, cost-effective recommendations that can improve the security of the environment and mitigate possible attacks. 

Distinguishing Career Features
The Cyber Security Analyst is a senior-level professional position in the Information Systems job family. Advancement along this ladder can occur through mastery with cyber security administration. 

Essential Duties and Responsibilities
Specific duties may vary among departments, divisions and jobs. Incumbents typically perform a substantial portion or all of the following types of duties, as assigned: 
1. Identifies, assesses, and recommends cybersecurity or cybersecurity-enabled products for use within a system and ensure that recommended products are in compliance with organization's evaluation and validation requirements. (NICE-T0119) Makes recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes). (NICE-T0550). Designs and develops new tools/technologies as related to cybersecurity. (NICE-T0284) 
2. Performs risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change. (NICE-T0181) Performs security reviews and identifies security gaps in architecture. (NICE-T0518) 
3. Performs technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications). (NICE-T0549) 
4. Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity. (NICE-T0259) Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguishes these incidents and events from benign activities. (NICE-T0258) Performs analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. (NICE-T0161) 
5. Performs cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. (NICE-T0163) Performs real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). (NICE-T0175) 
6. Documents and escalates incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. (NICE-T0155) Correlates incident data to identify specific vulnerabilities and makes recommendations that enable expeditious remediation. (NICE-T0047) Analyzes identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information. (NICE-T0260) 
7. Provides advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans. (NICE-T0548) 
8. Conducts and/or supports authorized penetration testing on enterprise network assets. (NICE-T0028) Monitors external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determines which security issues may have an impact on the enterprise. (NICE-T0503) 
9. Develops or assists with the development of privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations. (NICE-T0926) Promotes awareness of security issues among management and ensures sound security principles are reflected in the organization's vision and goals. (NICE-T0248) Plans instructional strategies such as lectures, demonstrations, interactive exercises, multimedia presentations, video courses, web-based courses for the most effective learning environment in conjunction with educators and trainers. (NICE-T0380) 
10. Performs other related duties as assigned that support the objective of the position. 
11. Required to abide by all District policies and procedures including Board Policy 3050 – Code of Professional Ethics. 

Note: NICE reference the Task Number as assigned by the National Institute of Standards and Technology (NIST) National Initiative for Cybersecurity Education / Cyber Workforce Framework (SP800-181). This framework provides guidance to employers and colleges/training for describing the task, knowledge, skills, and abilities for CyberWork.

Qualifications 
Education and Experience 
The position requires a Bachelor’s degree in computer science, cyber security or related technical field and 6 years’ experience in network and systems operations and analytics, with two years in project development and implementation, and on-going administration of integrated networks. Or, any combination of education and experience which would provide the required equivalent qualifications for the position. 

Licenses and Certificates 
Required: CISSP or CISM. 
Preferred: PMP, CCNA, OSCP, any GIAC certification. 
May require a driver license.

Desirable Qualifications
- Certifications - MS 500, AZ 500
- Enrolled or completed training in Identity and Access Administration Associate (SC300)

Knowledge and Skills 
1. Knowledge of computer networking concepts and protocols, and network security methodologies. 
2. Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
3. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
4. Knowledge of cybersecurity and privacy principles. 
5. Knowledge of cyber threats and vulnerabilities. 
6. Knowledge of specific operational impacts of cybersecurity lapses. 
7. Knowledge of data backup and recovery. 
8. Knowledge of business continuity and disaster recovery continuity of operations plans. 
9. Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). 
10. Knowledge of network services and protocols interactions that provide network communications. 
11. Knowledge of incident categories, incident responses, and timelines for responses. 
12. Knowledge of incident response and handling methodologies. 
13. Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. 
14. Knowledge of network traffic analysis methods. 
15. Knowledge of packet-level analysis. 
16. Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). 
17. Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. 
18. Knowledge of cyber defense and information security policies, procedures, and regulations. 
19. Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). 
20. Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). 
21. Knowledge of system administration, network, and operating system hardening techniques. 
22. Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 
23. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). 
24. Knowledge of OSI model and underlying network protocols (e.g., TCP/IP). 
25. Knowledge of cloud service models and how those models can limit incident response. 
26. Knowledge of malware analysis concepts and methodologies. 
27. Knowledge of an organization's information classification program and procedures for information compromise. 
28. Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. 
29. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. 
30. Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list). 
31. Skill of identifying, capturing, containing, and reporting malware. 
32. Skill in preserving evidence integrity according to standard operating procedures or national standards. 
33. Skill in securing network communications. 
34. Skill in recognizing and categorizing types of vulnerabilities and associated attacks. 
35. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). 
36. Skill in performing damage assessments 
37. Skill in using security event correlation tools. 
38. Skill to design incident response for cloud service models. 

Abilities 
1. Requires the ability to perform the essential responsibilities and functions of the position. 
2. Ability to design incident response for cloud service models. 
3. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. 
4. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. 
5. Ability to apply programming language structures (e.g., source code review) and logic. 
6. Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. 
7. Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
8. Ability to analyze malware. 
9. Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. 
10. Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. 
11. Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
12. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. 
13. Ability to interpret the information collected by network tools (e.g. nslookup, ping, and traceroute). 
14. Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.
 
Physical Abilities 
1. The general physical demands, working conditions, and essential job functions associated with this classification will be kept on file with the Office of Human Resources. 
2. Essential functions will vary by position. 
3. As defined by Title I of the Americans with Disabilities Act (“ADA”) and California’s Fair Employment and Housing Act (“FEHA”), the District shall engage in a timely, good faith interactive process with employees or employment applicants who are requesting or are in need of reasonable accommodations and, provide reasonable accommodations for employees or employment applicants who, because of their disability, are limited in or unable to perform one or more of the essential functions of their job in accordance with applicable state and federal law. 

Working Conditions 
Work is performed indoors where some safety considerations exist from physical labor, positioning in cramped areas, and handling of medium weight, yet, awkward materials.

This job specification describes the general nature of the work performed, representative duties as well as the typical qualifications needed for acceptable performance. It is not intended to be a complete list of all responsibilities, duties, work steps, and skills required of the job.

Note: D.E.I.A. - Diversity, Equity, Inclusion, Accessibility, and Anti-Racism

The Coast Community College District (Orange Coast College, Golden West College, and Coastline) continues to strengthen our efforts around diversity, equity, inclusion, access, and anti-racism. The Coast Community College District is focused on creating a culture of inclusive excellence by uplifting employees and students through an environment that is equitable, diverse, inclusive, and accessible. We have a strong focus and importance on D.E.I.A. and Anti-Racism (Diversity, Equity, Inclusion, Accessibility) and will be actively listening, assessing, and evaluating this throughout each stage of the application, recruitment, and interview process.

Note: Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

This is a permanent, general funded, full-time, 12-months per year classified position. The normal hours of work will be Monday through Friday 8:00 am to 5:00 pm, with the flexibility to occasionally work extended hours and/or weekends, if necessary, to meet the department's needs.  The effective date of employment will be arranged with the supervisor. The District provides medical, dental, and vision insurance for the employee and eligible dependents and life insurance for the employee.   (Salary Schedule:  EE-125)

Regular attendance is considered an essential job function; the inability to meet attendance requirements may preclude the employee from retaining employment. The person holding this position is considered a mandated reporter under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in Coast Community College District policies, procedures, and Title IX. (Reference: BP/AP 5910 ) The Coast Community College District celebrates all forms of diversity and is deeply committed to fostering an inclusive environment within which students, staff, administrators, and faculty thrive. Individuals interested in advancing the District's strategic diversity goals are strongly encouraged to apply. Reasonable accommodations will be provided for qualified applicants with disabilities who self-disclose.

Pay Philosophy: 

Coast Community College District, through policies, practices, and other benefit programs, delivers a fair and equitable total compensation program that promotes equal employment opportunity, inclusion, and workforce vitality.  In general, it is the policy of the District to place new employees at the first step of the salary grade.  All movement on the salary schedule will occur July 1 of each year for all classified employees. 

Application Requirements:
Application materials must be electronically submitted online at http://www.cccd.edu/employment to be considered for employment. 

Incomplete applications, application materials submitted by mail, and documents not requested in the job announcement will not be considered. Please note that the district does not return materials submitted in the application process (copies of original supporting documents are acceptable). 

A complete application packet includes:

1. A complete Coast Community College District Online Employment Application.
2. Responses to Supplemental Questions (please provide clear and detailed responses, as they will be carefully evaluated to determine the most qualified candidate(s) to be invited for an interview; please do not paste your resume, put "see resume" or "N/A", or leave blank).
3. A Cover Letter highlighting your experiences relevant to this position and addressing the minimum and essential qualifications, including your demonstrated evidence of D.E.I.A. (Diversity, Equity, Inclusion, Access).  (upload as a separate attachment - PDF recommended).
4. A Current Resume of professional and educational background and experience (upload as a separate attachment - PDF recommended).

  Submit an application online at:
 http://www.cccd.edu/employment
   Coast Community College District – Human Resources
   1370 Adams Avenue, Costa Mesa, CA 92626

Individuals who need reasonable accommodations in accordance with ADA should notify the Human Resources Office for assistance or call 714.438.4716.

*Note:  We have a strong focus and importance on D.E.I.A. and Anti-Racism (Diversity, Equity, Inclusion, Accessibility) and will be actively listening, assessing, and evaluating this throughout each stage of the application, recruitment, and interview process. 
  
 Submission of all required application information and materials is the responsibility of the applicant. All application materials become the property of the Coast Community College District and will NOT be copied or returned. To ensure consistency and fairness to all applicants, please do not submit materials in addition to those requested. Additional materials will not be considered or returned. Be sure to complete all questions and sections of the application. If you do not know an answer, please indicate so, but do not leave any space blank.
  
 All applications will be screened under a process of utmost confidentiality by a committee of representatives from the college community. Please note: Possession of the minimum qualifications does not ensure an interview.
  
 Any documents that you are unable to attach can be emailed to jobs@cccd.eduEmails must clearly indicate the job you are applying to and your full name.

Salary : $102,255 - $137,861