Info Security Analyst

Role overview

This position is for a Tier 2 Senior Cyber Security Analyst supporting the County of Orange Security Operations Center. The SOC’s purpose is to safeguard county systems, assets, and information from cyber threats. In this role, you will handle SIEM alert creation, tuning, monitoring, and investigation, while also contributing to incident response, digital forensics, data loss prevention, and eDiscovery-related work.

Key responsibilities

• Continuously watch for security activity across networks and systems and act on suspicious events.
• Coach and support Tier 1 SOC analysts.
• Spot, investigate, and document potential security incidents.
• Assist with risk and vulnerability reviews across network, system, and application environments.
• Help build, maintain, and report on cybersecurity metrics.
• Contribute to cyber threat intelligence analysis and reporting.
• Support the identification and rollout of automation opportunities and routine automation tasks.
• Recommend and help implement security controls and operational risk mitigations, including support for security awareness initiatives.
• Evaluate new security tools, methods, and technologies and help introduce them in line with the organization’s security strategy.
• Use commercial, government, and custom tools and procedures to detect, contain, remediate, and help eradicate vulnerabilities and intrusions.
• Support implementation of government security policies such as NIST, and suggest practical tailoring where needed.
• Analyze security requirements and recommend additional safeguards when appropriate.
• Review system audit activity on a regular basis and track corrective actions through closure.
• Provide briefings to senior leadership as needed.

Experience and education

A bachelor’s degree in a related discipline plus 2 years of relevant experience is required. Having 4 years of related experience is strongly preferred. Additional experience may be considered in place of formal education.

Preferred certifications include CySA+, SecurityX+, GIAC Security Essentials (GSEC), or comparable industry certifications.

Technical requirements

• Hands-on experience with programming languages such as Python, C++, and JavaScript.
• Practical exposure to SIEM platforms and alert analysis, including Sentinel SIEM or comparable tools.
• Working knowledge of IDS/IPS, firewalls, and anti-virus/anti-malware solutions.
• Experience supporting incident response activities and handling security incidents.
• Background in vulnerability management.
• Understanding of the full incident response lifecycle: identification, protection, detection, response, and recovery.
• Ability to follow SOC standard operating procedures consistently.

Pre-employment checks

Candidates must be able to clear a LiveScan background check, CSS Department review, and Probation Department review. A drug screen is also required.

Compensation and benefits

The hourly pay range is $38.00 to $40.00. Non-exempt employees may be eligible for overtime at 1.5 times the base hourly rate for hours worked beyond 40 in a workweek, or as otherwise required by applicable law. Final compensation is determined by relevant skills, education, and experience.

Full-time employees may choose from different benefits packages. These may include medical, dental, and vision coverage; health savings accounts with qualified medical plan enrollment; 10 paid days off; 3 paid bereavement days; 401(k) with employer match; life and disability insurance; commuter benefits; dependent care flexible spending account; accident insurance; critical illness insurance; hospital indemnity insurance; accommodations and reimbursement for work travel; and a discretionary performance or recognition bonus. Sick leave and mobile phone reimbursement are provided in line with state or local law.

Communication consent and privacy notice

By applying and sharing your email address and/or phone number, you agree to receive text, email, and/or voice communications from the employer, its agents, representatives, or affiliates. These communications may be automated, pre-recorded, AI-assisted, or individually initiated, and may include opportunity-related information. Message and data rates may apply, and message frequency may vary.

You confirm that the contact details provided belong to you and that you are authorized to receive calls, texts, and emails at those contacts. You also acknowledge the use of AI technology during sourcing, including calls from an AI voice recruiter, and understand that AI is used only to collect information and does not make employment decisions. Calls may be recorded.

Consent is not required to purchase any goods, services, or property. You may withdraw consent at any time by replying STOP to messages or by contacting privacy@aditiconsulting.com. Please also review the employer’s privacy policy for details on collection, use, disclosure, and applicant rights regarding personal information.

Reference details

Reference code: #26-03199.