Senior Cybersecurity Analyst
Senior Information Technologist
 
Salary may be negotiable within the range listed above, based on position requirements and successful candidate’s qualifications, subject to appropriate authorization.

 OPEN TO THE PUBLIC
This recruitment will establish an open eligible list that will be used to fill current and future Senior Cybersecurity Analyst positions. The eligible list established may also be used to fill positions in similar and/or lower classifications throughout the County of Orange.
 

ORANGE COUNTY INFORMATION TECHNOLOGY
The mission of Orange County Information Technology (OCIT) is to provide innovative, reliable, and secure technology solutions that support County departments in the delivery of quality public services. OCIT provides IT solutions across County departments for voice communications, network services, application support, service desk, desktop support, as well as data center services.
 
Click here for more information on OCIT
Click here for more information on the County of Orange.
 
THE OPPORTUNITY
OCIT is seeking an experienced Senior Cybersecurity Analyst for the Enterprise Cybersecurity Operations Team. The selected candidate will oversee and assist a team of cybersecurity analysts in the continuous monitoring of the County enterprise environment assets, analyzing threats, mitigating vulnerabilities, detecting compromises, and conducting incident response. The candidate is also responsible for the design, configuration, implementation, and ongoing support of County Enterprise security tools.
 

• Ensure the service ability and integrity of SOC equipment and tools
• Serve as the subject matter expert on security systems, including but not limited to SIEM, SOAR, EDR, IAM, PAM, IPS/IDS, Web Proxy Firewall, DLP, Email Security, and WAP, and provide technical leadership on their day-to-day operation, as well as enhancements to the toolset
• Participate and lead the efforts of cybersecurity analysts on the day-to-day operation of the SOC
• Lead and perform threat hunting activities including analysis of threat intelligence, detection and evaluation of IOCs, and escalation of incidents
• Evaluate vendor solutions, make recommendations, and lead projects for deployment and/or enhancement of security systems
• Participate in the incident response team and execute the County Incident Response Plan and cyber incident playbooks
• Review cybersecurity requests against normal operational security processes and provide approval or escalation
• Support SOC efforts in digital forensics and eDiscovery
• Liaise with County departments on operational security matters, requests, and problems
• Maintain documentation on tools, processes, procedures, and playbooks

DESIRABLE QUALIFICATIONS AND CORE COMPETENCIES:
The ideal candidate will possess a bachelor’s degree in Information Computer Sciences, Information Computer Technology, Information Systems, or in a closely related field , five (5) plus years of professional  work experience in IT  and 3 years within cybersecurity as a cybersecurity analyst. In addition, the ideal candidate will possess extensive professional work experience and/or knowledge in the following core competencies:
 
 Information Technology and Cybersecurity Knowledge 

• Understanding the NIST 800-53 framework and application of its controls in operational security 
• Installing, configuring, and supporting all varieties of Microsoft Windows Services and platforms in an enterprise environment
• Proficiency in scripting languages and PowerShell 
• Implementing enterprise security best practices including encryption, implicit and explicit permissions, multi-factor authentication, auditing and digital forensics, and data retention
• Understanding network protocols, routing and switching, LAN/WAN, remote access, and encryption protocols
• Understanding and applying network security concepts and troubleshooting enterprise firewalls, IDS/IPS, DNS Security, and WAF (web application firewall)
• Knowledge of Microsoft Office365, Azure Cloud, and related security concepts
• Supporting email routing and messaging systems, email security gateways, and email encryption
• Intimate knowledge of security tools such as SIEM, SOAR, EDR, DLP, and Web Filter/Proxy 
• Extensive writing and communication skills including technical documentation

Additional Qualifications (not required, but a plus):

• Knowledge of IAM and PAM (Privileged Access Management) 
• CompTIA Security+, CySA+, or equivalent certifications

Problem Solving | Analytical Skills

• Identifying and resolving challenging technical issues and problems or researching possible solutions
• Great analytical skills and ability to work under pressure

Leadership | Relationship Building | Interpersonal Skills

• Knowledge of principles and practices of supervision, team building and leadership
• Working with other public and private agencies in efforts to provide information technology-specific customer service to the community, public and key stakeholders
• Generating consensus and collaborative relationships to bring about efficient and effective outcomes

Oral | Written Communication Skills

• Responding quickly, courteously, and proficiently to customer service requests
• Soliciting feedback and adjusting customer requests to fit into business improvements
• Developing, maintaining and updating well written procedural documents

SPECIAL QUALIFICATIONS
The Probation Department requires that all candidates undergo an extensive background investigation process, to the satisfaction of the Department. Candidates must successfully clear prior to the start of their employment. All employment offers are contingent upon successful completion of a background investigation.

MINIMUM QUALIFICATIONS
Please click here for details on this classification, including the physical, mental, environmental and working conditions.
 
RECRUITMENT PROCESS
Human Resource Services (HRS) will screen all application materials to identify qualified applicants. After screening, qualified applicants will be referred to the next step and notified of all further procedures applicable to their status in the competition.

Application Screening (Refer/Non-Refer) 
Applications and supplemental responses will be screened for qualifications that are highly desirable and most needed to successfully perform the duties of this job. Only those applicants that meet the qualifications as listed in the job bulletin will be referred to the next step.
 
Structured Oral Interview | SOI (Weighted 100%)
Candidates will be interviewed and rated by panel of job knowledge experts. Each candidate’s rating will be based on responses to a series of structured questions designed to elicit the candidate’s qualifications for the job.
 
Eligible List
Once the assessment has been completed, HRS will establish an eligible list of candidates. Candidates placed on the eligible list may be referred to a selection interview to be considered for present and future vacancies.
 
Based on the County’s needs, the selection procedures listed above may be modified. All candidates will be notified of any changes in the selection procedure.

Veterans Employment Preference Policy (VEPP)
The County is committed to providing a mechanism to give preferential consideration in the employment process to veterans and their eligible spouses and will provide eligible participants the opportunity to receive interviews in the selection process for employment and paid internship openings. Please click here (Download PDF reader) to review the policy.