Apply on Employer Site

Monterey Bay Aquarium · 3 weeks ago

IT Security Analyst Sr.

Monterey, California, United States

Full-time

Hybrid

Mid, Senior Level

$108K/yr - $137K/yr

7+ years exp

Monterey Bay Aquarium is dedicated to creating an inclusive workplace that values diversity. They are seeking a Senior IT Security Analyst who will assess and maintain all aspects of IT security, define security standards, lead disaster recovery and incident response efforts, and ensure compliance with various regulations while protecting data across multiple environments.

AquacultureArchitectureAssociationGovernmentNon Profit

Responsibilities

Detection engineering & SOC management – Identify detection rules (e.g., SIEM rule tuning, playbooks, etc.) in collaboration with the managed SOC, reduce false positives, and drive mean-time-to-detect/respond improvements

Identity & access management – Review and confirm SSO/MFA, Conditional Access, least-privilege, and PAM, conduct quarterly access audits on significant platforms such as AD, HR, and Finance systems

OT/ICS security – Review and confirm network segmentation security, staff/vendor remote access, ensure monitoring capabilities are not hindered by any security rules, tools, implementations, and create incident runbooks with Facilities/Animal Care/Life Support

Cloud & M365 security posture – Create standards and processes for the administration of Defender (EDR/XDR), Purview/DLP, Entra ID, Secure Score, CIS baselines, and Conditional Access. Establish standards and processes for administering AWS

Data protection & privacy – Establish Data Classification standards, encryption (at rest/in transit), DLP requirements, retention/disposal implementation and enforcement; partner with Legal on PIAs

Vulnerability management – Set scanning cadence, patch SLAs, exceptions, risk acceptance, and verify pen-test remediations

Vendor & third-party risk – Review DPAs/Contracts/cybersecurity questionnaires and suggest language changes to reflect internal security requirements

Application Security/Software Development Life Cycle reviews – Threat model new apps/integrations, review data flows, authorization, and logging

Email security & awareness – Configure and maintain DMARC/SPF/DKIM, phishing simulations, targeted training based on failure cohorts

Write technical and functional documents and reports; maintain documentation on security tools and controls. This can include how-tos, infographics, whitepapers, processes and procedures, workflows, Visio diagrams, etc

Incident response leadership & tabletops – Lead incidents, coordinate response, forensics triage, post-mortems, and improvements

Resilience & ransomware readiness – Coordinate backup/restore testing, RTO/RPO validation, and DR exercises with the T&I Operations team

Metrics & reporting – Create and deliver monthly KPIs (e.g., MTTD/MTTR, patch compliance, phishing fail rate, control coverage) for leadership

Qualification

IT SecuritySIEMCloud SecurityData ProtectionIncident ResponseRisk AssessmentNetwork SecurityOT/ICS SecurityMetrics & ReportingTechnical DocumentationCommunication SkillsProblem SolvingTeam CollaborationConfidentiality

Required

BS/BA in Computer Science, or equivalent combination of education, training, and experience

7+ years' experience in the IT Security field in an equivalent/similar position

Knowledge of, and experience working in ITIL, CoBIT, NIST, CISA, CIS, and similar security platforms and IT Governance frameworks

Knowledge of SIEM & detection engineering, tuning, rule writing, playbooks, case workflow, ATT&CK mapping

Knowledge of DR (Disaster Recovery) and BC (Business Continuity) best practices, planning, methods, RTO/RPO planning, restore validation, and ransomware playbooks

Knowledge of data security and data governance, including data governance & privacy, data classification, retention/disposal, encryption, CPRA/CCPA, and breach response basics

Knowledge of AWS/Microsoft 365/Azure security, IAM, guardrails, logging/monitoring, CIS benchmarks, Entra ID, Conditional Access, Secure Score, Purview DLP/Insider Risk

Skill in network security, segmentation, firewalls, VPN/Zero Trust, packet capture/Wireshark, DNS/DMARC

Skill in OT/ICS security, vendor access control, change control, and monitoring constraints in life-support systems

Skill in risk assessment frameworks, NIST CSF/800-30, CIS Controls; ability to prioritize remediation by impact/likelihood

Skill in balancing sufficient security measures while maintaining ease of use for your customers

Ability to build metrics & executive communication, build KPIs, brief leadership/board, write clear policies/processes/SOPs/standards

Ability to work independently, exercise good judgment, and make data-driven decisions

Ability to learn and research new concepts, ideas, and technologies, and stay current on the latest threats and risks to the organization and the tools necessary to protect the organization

Ability to learn, comply, and remain current on federal and state privacy laws and policies, as well as compliance requirements

Ability to maintain confidentiality

Ability to work within and maintain Monterey Bay Aquarium's Core Values