CYBERSECURITY ANALYST
 

WHO WE ARE
Established in 1945, the Orange County Employees Retirement System (OCERS) provides retirement, death, disability, and cost-of-living benefits to retirees of the County of Orange and certain districts. Our services begin the moment a new hire becomes an OCERS member and continue throughout the member’s career and retirement. Serving approximately 48,000 members, OCERS is governed by a ten-member Board of Retirement that is responsible for managing a $21 billion dollar fund. For more information about OCERS, please click here. We are driven by our Mission, Vision, and Values: 

Mission
OCERS mission is to provide secure retirement and disability benefits with the highest standards of excellence.

Vision
OCERS vision is to be a trusted partner providing premier pension administration, distinguished by consistent, quality member experiences and prudent financial stewardship. 

Values

• Open and Transparent
• Commitment to Superior Service
• Engaged and Dedicated Workforce
• Reliable and Accurate
• Secure and Sustainable

THE OPPORTUNITY 
Under the direction of the Director of Information Security, the Cybersecurity Analyst will perform a variety of duties including the evaluation, implementation, maintenance, and daily management of the agency’s information security systems and solutions. Additionally, they will perform duties related to threat detection and prevention, vulnerability management, security education, incident response, security control implementation, and similar related duties as required. This position requires strong analytical skills, strong knowledge of cybersecurity standards and principles, and the ability to interface with all levels of staff.
 
The Cybersecurity Analyst reports directly to the Director of Information Security and is expected to uphold the highest standards of accountability, professionalism, customer service, and excellence. This position is responsible for protecting OCERS' systems, member data, and member funds from cyberattacks and fraudulent activities.

ESSENTIAL DUTIES AND RESPONSIBILITIES  
Include, but are not limited to the following: 

Security Systems Administration

• Perform daily administrative tasks associated with the organizations' various security systems
• Support computer users with security-related software installations, implementation of new security products and procedures, and troubleshooting of existing security solutions
• Compile and validate security-related statistical data; prepare reports and meeting agendas

 
Threat/Vulnerability Analysis and Remediation

• Analyze threat intelligence feeds/security bulletins to identify potential threats and vulnerabilities
• Identify vulnerable systems and mitigate the associated risk by applying security patches, making configuration changes, implementing compensating controls, etc.

 
Incident Detection, Investigation, and Response

• Monitor alerts from various systems to identify and investigate anomalous activity
• Analyze system alerts, outages, and abnormal system behavior due to potential security events
• Identify and document security events and incidents; take action to prevent compromise

 
Security Awareness Training and Education

• Assist in the development and implementation of security awareness training programs
• Train and educate staff on information security protocols, policies, and procedures
• Enforce organization security policies and procedures

Security Control Implementation and Assessment

• Evaluate, recommend, implement, and monitor security measures and programs in accordance with organization policies, procedures, and standards
• Facilitate audits and assessments; reports the status of remediation efforts
• Research the latest information security trends and recommend security enhancements

 
General

• Establish and maintain cohesive working relationships with public officials, vendors, supervisors, executives, technical and non-technical staff, and others encountered in the course of work
• Perform additional duties as assigned