Cybersecurity Analyst

About CENIC: Join the team thatconnects California to the world— advancing education and research statewide by providing the world-class computing network essential for innovation, collaboration, and economic growth. Our organization operates the California Research and Education Network (CalREN), a high-capacity computer network with more than 8,000 miles of optical fiber. The network serves over 20 million users across California, including the vast majority of K-20 students together with educators, researchers, and individuals at other vital public-serving institutions. POSITION SUMMARY: This is a full-time position with the CENIC Information Security Office (ISO). The Cybersecurity Analyst reports to the Manager, Information Security Office, working on a broad range of general administrative and cybersecurity support duties in multiple areas including: vulnerability management, updating security documentation, auditing network security monitoring tools, and other security audit and administrative tasks as assigned. The successful Cybersecurity Analyst will aid in the advancement of CENIC's ISO team efforts to provide information security services and support to CENIC and its Charter Associate members. Interpersonal skills and the ability to work effectively in a distributed team environment are desirable for this position. Limited travel within California and some additional US travel may be required. SUPERVISORY RESPONSIBILITY:None. ESSENTIAL FUNCTIONS: • Work under direction and supervision of senior members of the Information Security Office (ISO) on security solutions and implementations • Perform ISO documentation audits and updates as needed • Service desk ticket processing and updates • Follow instructions for the use and operation of information security tools and services, such as vulnerability management, network security monitoring, SIEM, endpoint protection, multi-factor authentication, email security, nmap, tcpdump, and Wireshark • Responsible for identifying and integrating available threat intelligence feeds with CENIC network security monitoring monitoring and SIEM services • Responsible for performing threat hunting of anomalous activity during standard ISO business hours • Responsible for monitoring and responding to security alerts during standard ISO business hours • Responsible for maintaining the vulnerability management asset inventory to ensure accurate reporting • Responsible for creating the weekly public vulnerability scan report • Responsible for creating the monthly enterprise vulnerability risk status report • Responsible for identifying and attending approved online training on a periodic basis • Provide other CENIC business user security assistance as needs dictate • Work closely with the CENIC Security Team to identify, discuss, and implement software tools and solutions in support of CENIC’s networks, network security designs, and implementations of network security policies, procedures and technologies. KEY SUCCESS FACTORS: • Ability to prioritize and complete tasks assigned in a timely manner • Strong interpersonal skills and ability to work well in a team-oriented environment • Basic knowledge of IP-based networking • Knowledge of regular expressions, data and text manipulation tools such as awk and sed. • Background in basic statistics and analytics and experience with modern analytic and visualization packages • Adept at understanding technical information and learning new concepts • Independent worker with high degree of self motivation • Keen attention to detail, avoiding shortcuts that may adversely impact quality of work • Strong analytical and problem-solving skills • Ability to consider, understand and prioritize security (and privacy, where applicable) principles, practices, and procedures in all aspects of your role with CENIC. REQUIRED EDUCATION AND/OR EXPERIENCE: • BA/BS in computer science or related field or equivalent experience. • Minimum of 4 years of experience in information security, cyber security, or network security engineering the design, deployment, and implementation of security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security and security operations team. • Mid-level cybersecurity certification, like CompTIA CySA+, SANS GSEC, or equivalent. • Working knowledge of computer, network, and data security. PREFERRED EDUCATION AND/OR EXPERIENCE: • BA/BS in cybersecurity, information assurance, or related field or equivalent experience. • Advanced cybersecurity certification, like CISSP, SANS GCIA, CISM or equivalent • Experience with logging environments such as Elastic Stack or Splunk. • Experience programming in C, C++, Python, Ruby, or other popular languages. • Minimum of 2 years experience maintaining and administering production Unix/Linux operating systems including RedHat/CentOS and FreeBSD variants. EXPECTATION OF CENIC EMPLOYEES Take individual responsibility, consideration, and awareness, as appropriate to the position, for security of CENIC and CalREN computer systems, the CalREN backbone, CENIC network equipment, and CENIC computing accounts; for the security and privacy of CENIC data and data pertaining to CENIC employees; and for the security and privacy of all systems, networks, and data pertaining to CENIC Associates and peers. Look for opportunities, procedures, and tools to improve CENIC's privacy and security practices. Report any concerns about CENIC security and privacy to your manager, the CENIC Security Team and/or CENIC Executive Management. WORK ENVIRONMENT: This position operates in a professional office environment with standard office equipment including computers, telephones, photocopiers and filing cabinets. PHYSICAL REQUIREMENTS: An employee must be able to maintain job focus despite constant in person and telephone interruptions. An employee is regularly required to communicate clearly, often via phone or email, in English and required to use hands or fingers to handle or feel objects, tools and/or controls. An employee is required to stand, walk, sit, reach with hands and arms, climb or balance and stoop, kneel, crouch and/or crawl. An employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision and the ability to adjust focus. Reasonable accommodation may be made to enable individuals with disabilities to perform the job functions. Ability to lift moderately heavy (25 to 50 pounds) and heavy (over 50 pounds) objects, such as routers, switches, computers, and peripherals WORK HOURS: The Information Security Office (ISO) operates weekdays between 8AM and 5PM PST, but is available 24 hours per day/7 days per week/365 days per year for incident response needs. An employee’s work shift is based on CENIC’s business needs. The CENIC Associate Cybersecurity Analyst's work schedule is 8 AM to 5 PM PST Monday through Friday. WORK AUTHORIZATION: Documented Proof of identity and legal eligibility to work in the United States. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time. WHY WORK AT CENIC? • Company Culture:Small teams and a collaborative environment provide the opportunity to make a large impact in a small organization. • Community Engagement:We work with research and education institutions in the largest state economy in the United States. The work you do has meaning. • Health Benefits: We have generous medical benefits as well as dental, vision, and life insurance. • Paid Time Off:We offer liberal vacation, holiday, and sick leave. • Investment in Your Future:CENIC contributes to your 403(b) even if you don't. We also offer matching contributions on top of that. CENIC is an equal opportunity employer – Vets/disabled