Information Technology Security Analyst
Job in
Martinez, Contra Costa County, California, 94553, USA
Listed on 2026-07-06
Listing for:
Superior Court of California, County of Contra Costa
Full Time
position Listed on 2026-07-06
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Network Security, IT Support
Job Description & How to Apply Below
Information Technology Security Analyst
$84,538.06 – $ annually
Final Filing – 5:00 pm Thursday, July 16, 2026
Under the direction of the Chief Information Security Officer, the Information Security Analyst supports the protection of court information systems, case‑management platforms, and sensitive judicial data. The analyst monitors systems for threats, assists with incident response, and helps maintain compliance with statewide judicial security standards. Only applicants who meet the minimum qualifications by the final filing day may apply. Regular and punctual attendance is essential.
Duties- Network Monitoring – Monitor court networks, servers, and applications for suspicious activity or security breaches.
- Incident Response – Investigate alerts, document incidents, and elevate issues to senior analysts when needed.
- Security Tools Management – Assist with operating firewalls, endpoint protection, encryption tools, MDM, and SIEM platforms.
- Vulnerability Management – Coordinate monthly vulnerability assessments, maintain the vulnerability dashboard, and collaborate closely with the IT team to prioritize and track patching remediation.
- Policy & Compliance Support – Help maintain security policies aligned with Judicial Council standards and statewide IT governance such as CJIS, CLETS, and NIST 800-53 best practices.
- Security Awareness & Compliance – Administer simulated phishing campaigns, analyze results, and conduct user follow‑ups. Track compliance for mandatory cybersecurity and AI training, and ensure staff sign‑off on the Information Systems Security Policy (ISSP).
- Email Security Operations – Triage suspicious email reports, verify legitimacy, and perform block or remediation actions directly within the Microsoft 365 tenant.
- Documentation & Reporting – Prepare reports on findings, risks, and recommended improvements.
- Physical Security – Security camera and physical access management. Assist with camera password change and network segmentation. Security footage requests.
- Audit Responsibilities – Conduct regular reviews of privileged access (PIM), monitor Microsoft 365 and on-premises environments for unusual admin connection attempts, conduct general access review (M365/On‑prem), verify and monitor MFA activation states, and perform periodically installed software reviews.
- Foundational Cybersecurity Knowledge
- Information Security Principles – CIA triad, threat types, risk, controls.
- Common Attack Vectors – phishing, malware, ransomware, credential attacks.
- Security Best Practices – Principle of least privilege, patching, secure configuration.
- Systems & Network Knowledge
- Windows Security – Active Directory basics, permissions, event logs.
- Linux Security – file permissions, system logs, SSH hardening.
- Networking Fundamentals – TCP/IP, ports, protocols, firewalls, VPNs, and network segmentation (e.g., isolating IoT/security camera networks).
- Cloud Security Basics – identity and access in Azure/Entra , shared responsibility model, cloud workload migration basics, and MDM (Mobile Device Management) concepts.
- One or more scripting languages (e.g., Power Shell, Python, and bash).
- Security Operations (SOC) Skills
- SIEM Monitoring – log analysis, alert triage, correlation rules.
- Incident Response – detection, containment, documentation, escalation.
- Endpoint Protection – EDR tools, malware detection, remediation steps.
- Vulnerability Scanning – interpreting scan results, prioritizing fixes.
- Email Security & Phishing Triage – Analyzing email headers, recognizing phishing indicators, and executing tenant‑level blocks or remediation.
- Identity & Access Management – IAM Concepts – authentication, authorization, MFA, provisioning.
- Identity Auditing – Practical knowledge of privileged access reviews (PIM), Active Directory/Azure account monitoring, and MFA activation tracking.
- Role Based Access Control – applying least privilege in a court environment.
- Public Sector & Court Specific Knowledge
- Judicial Data Sensitivity – sealed records, confidential case files.
- Government IT Governance – compliance, audits, documentation.
- Change Management – structured updates, approvals, tracking.
- CJIS Compliance Framework – Understanding…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×