• Information Technology Security Analyst

    The County of Los Angeles (Los Angeles, CA)


    INFORMATION TECHNOLOGY SECURITY ANALYST

    Print (https://www.governmentjobs.com/careers/lacounty/jobs/newprint/4690295)

     

    

    INFORMATION TECHNOLOGY SECURITY ANALYST

    Salary

     

    $100,725.84 - $135,743.04 Annually

     

    Location

     

    Los Angeles County, CA

     

    Job Type

     

    Full time

     

    Job Number

    H2602B

    Department

    BOARD OF SUPERVISORS EXECUTIVE OFFICE

    Opening Date

     

    12/29/2025

     

    + Description

    + Benefits

    + Questions

    Position/Program Information

    EXECUTIVE OFFICE OF THE BOARD OF SUPERVISORS

    FILING PERIOD

    The application filing period will begin on Tuesday, December 30, 2025, at 8:00 a.m. (PT) – Continuous. We will keep accepting applications until the position is filled. The application window may close unexpectedly once we have enough qualified candidates.

    EXAM NUMBER

    H2602B

    TYPE OF RECRUITMENT

    We welcome applications from everyone!

    About Our Department

    The Executive Office (EO) of the Board of Supervisors (Board) serves as the foundation of the County government, facilitating the essential functions that enable the Board to conduct its legal duties. From creating and posting the Board agenda to hosting the meetings that facilitate County business, our department plays a critical and indispensable role. As recognized by fellow Clerks of the Board across California, our position is often described as the "hub of the wheel" of County government - essential for effective governance. Our multifaceted support for the Board has earned us the fitting analogy of "the kitchen drawer" of County departments, reflecting the diverse range of services we provide.

     

    The Opportunity

     

    This experienced-level class performs the full range of activities related to the development, implementation, and monitoring of information systems security standards, best practices, and architectures for a County department. Positions allocable to this class work under the general supervision of an Information Technology (IT) supervisor or manager to perform the full range of tasks related to the development, implementation, and monitoring of a departmental information technology security program including related policies and procedures. Incumbents carry out routine to complex assignments in one or more IT security-related areas, including application, network, physical/environmental, server, and workstation security; and security incident response, awareness training, identity and access management, and risk assessment.

     

    These positions require advanced knowledge of the functional areas of information systems security, including applicable legislation regarding protection of IT resources; IT risk assessment strategies and methodologies; security issues pertaining to protecting IT resources; information security standard methodologies; security management and practices; computer threats, vulnerabilities, and exploits; and Business Continuity Planning (BCP) and Disaster Recovery Planning(DRP). Incumbents must possess the ability to perform risk analysis; handle sensitive matters with discretion and maintain confidentiality; plan and carry out or lead small to medium IT security projects; and develop technical documentation and narrative reports.

     

    Information Technology Security Analyst is distinguished from Information Technology Security Specialist in that the latter typically leads large or enterprise security projects and may supervise staff.

     

    Check Out Our Outstanding Benefits!

     

    The County of Los Angeles offers an excellent benefits package that includes a Cafeteria Benefit Plan, Contributory Defined Benefit Retirement Plan, Deferred Compensation & Thrift Plans, and 13 paid Holidays. Click here (https://hr.lacounty.gov/benefits/) to see a list of employee benefits.

     

    Essential Job Functions

     

    + Participates in designing, applying, and monitoring a departmental IT security program in accordance with County and department-specific policies, standards, procedures and guidelines.

    + Completes the analysis, build, testing, and deployment of IT security solutions.

    + Assesses performance of applications across all components to identify potential vulnerabilities or threats; assists developers and infrastructure support staff with planning and implementing security countermeasures.

    + Ensures that network devices are tested, implemented, and maintained through improvements, fixes, and revisions and with appropriate security controls such as authentication and configuration.

    + Documents network data flows and access controls.

    + Conducts risk assessments for identity and access management controls.

    + Analyzes security data from computing and network devices to identify potential threats and vulnerabilities or to determine root cause of security incident.

    + Analyzes security hardware and software to determine their utility within the network infrastructure; participates in change control and technical review of proposed changes to IT resources.

    + Analyzes system outages, alerts, and reports of abnormal system behavior due to suspected security-related events such as viruses, Trojan activity, and hacker intrusions.

    + Monitors, analyzes, and responds to security events using security event-management tools.

    + Compiles and validates security-related statistical data for management reporting.

    + Assists in crafting, applying, and assessing a departmental security-awareness training program and related materials and trains departmental staff at all levels on security protocols, policies, and procedures.

    + Assists with development of compliance strategies for IT security programs; assesses risks of non-compliance with IT security policies, procedures, standards and guidelines and reports findings to appropriate management.

    + Assists in the development and implementation of Business Continuity Plans and Disaster Recovery Plans.

    + Assists with maintaining chain of custody of electronic and physical evidence related to an IT security incident.

    + Monitors and assesses physical security control safeguards.

    + Participates in the Countywide Computer Emergency Response Team (CCERT), Departmental Computer Emergency Response Team (DCERT), and or Security Engineering Teams (SET), as required.

    Requirements

    QUALIFYING REQUIREMENTS:

    OPTION I:Graduation from an accredited college with a bachelor's degree* in Computer Science, Information Systems, or a closely related field** AND two (2) years of recent, full-time, paid experience, within the last 5 years, assisting with the implementation, management, and monitoring of IT security solutions and programs, in one (1) or more of the following areas***.

     

    OPTION II: Three (3) years of recent, full-time, paid experience, within the last 5 years, assisting with the implementation, management, and monitoring of IT security solutions and programs, in one (1) or more of the following areas***.

     

    ***Areas Include:

    + Information systems security

    + IT risk assessment strategies and methodologies

    + Security issues pertaining to protecting IT resources

    + Information security best practices

    + Security management and practices

    + Computer threats, vulnerabilities, and exploits

    + Business Continuity Planning (BCP)

    + Disaster Recovery Planning (DRP)

    SUPPORTING DOCUMENTATIONS REQUIRED:

    *To receive credit for your education, include a legible copy of the official diploma, official transcript, or letter/certificate from an accredited institution within ten (10) days of filing the application. If you are unable to upload the document at the time of applying, you may send the documents to [email protected]. and indicate your name, the exam name, and exam number. The document should show the date the degree was conferred and be in English; if it is in a foreign language, it must be translated and evaluated for equivalency to U.S. standards. For more information on our standards for educational documents, please visit: https://file.lacounty.gov/SDSInter/dhr/070812\_PPG123.pdfandhttps://file.lacounty.gov/SDSInter/dhr/205105\_PPG\_123\_ACE\_Resource\_Guide.pdf

     

    We do not accept password-protected documents. Ensure documents are unlocked before attaching to your application or sending to the exam analyst.

    SPECIAL REQUIREMENT INFORMATION:

    **Closely related fields include Computer Engineering; Computer Information Systems; Computer Science and Engineering; Electrical Engineering and Computer Science; Management Information Systems; and Mathematics with Computer Science. Any degree that is not specifically listed will be reviewed by an IT subject matter expert(s) to determine whether the degree qualifies.

     

    NO OUT-OF-CLASS EXPERIENCE OR WITHHOLDS WILL BE ACCEPTED FOR THIS EXAMINATION.

    LICENSE:

    A valid California Class C Driver License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.

    PHYSICAL CLASS:

    Physical Class II – Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10 pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved.

    DESIRABLE QUALIFICATIONS:

    + Application Security management (ASM): Experience in application development using standard IT systems development methodology and techniques for resolving business problems. Includes systems develop, database management, development of online data entry and data inquiry capabilities, and defining techniques; communications, network analysis, design, planning and performance tuning.

    + Identity and Access Management (IAM): Experience with defining, testing, and implementing IT user provisioning and identity management technologies. Includes developing IAM policies, standards, and procedures; identifying appropriate access control techniques; analyzing and selecting IAM solutions; and familiarity with security and system development life cycles (SDLC) processes.

    + Incident Response Management (IRM): Experience in an IT organization providing technical assistance in computer incident response for potential or actual information-security breaches or attacks. Includes detecting, analyzing, responding to, and reporting information security incidents; and familiarity with the chain-of-custody process.

    + Microsoft Security Suite Management: Experience using security tools in the Microsoft E5/G5 Security Suite including Microsoft Defender for Endpoint, Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft Purview, and Microsoft Defender for Cloud Apps.

    + Network Security Management (NSM): Experience in IT network planning, design, and analysis. Involves supporting the implementation of security tools and controls such as intrusion detection/prevention systems, sniffers, and firewalls.

    + Physical / Environmental Security (PES): Experience in managing physical and environmental IT security methodologies to prohibit unauthorized physical access and prevent damage to IT resources. Includes physical and environmental security planning, design, and analysis.

    + Policy and Compliance Management (PCM): Proficient with developing and implementing IT security policies and standards. Involves supporting the monitoring for compliance.

    + Risk Assessment Management (RAM): Experience performing IT security risk assessments. Includes assisting with crafting and carrying out business continuity and disaster recovery plans and in developing risk assessment reports of findings and recommendations for remediation.

    + Security Awareness Training (SAT): Experience assisting in developing, implementing, and evaluating IT security awareness training programs and related materials. Includes assisting in reporting of training compliance.

    + Server Security Management (SSM): Experience in IT server (e.g., email, web, application, and database) security management comprised of implementing upgrades, patches, and updates to operating systems, software applications, and security protection software. Includes configuring server environment to protect the integrity of the system, for example by limiting user rights, disabling unnecessary services, and establishing group policies where applicable.

    + Workstation Security Management (WSM): Experience managing the security of workstation (e.g., desktops, laptops and tablets) and portable devices (e.g., thumb drives and personal digital assistants). Includes implementing upgrades, patches, and updates to operating systems, software applications, and security protection software; establishing group policies and user rights; and disabling unnecessary services where applicable.

     

    Additional Information

     

    Once we have identified that you meet the requirements, an invitation regarding the following assessment processes will be sent.

     

    Our Assessment Process

    This examination consists of two (2) parts:

    Part I : Multiple Choice and Simulation Assessments,weighted 40%, measuring:

    + Reading Comprehension

    + Deductive Reasoning

    + Professional Potential

    + Achievement

    + Working Relationships

    + Analyzing Information

    + Learning Quickly

    + Generating New Ideas

    + Using Time Efficiently

    + Working to High Quality Standards

    + Adapting to Change

    + Coping with Uncertainty

    + Willingness to Learn

    + Responsibility

     

    APPLICANTS MUST MEET THE REQUIREMENTS AND ACHIEVE 70% OR HIGHER ON PART I IN ORDER FOR THEIR EVALUATION OF TRAINING AND EXPERIENCE (PART II) TO BE CALCULATED AND SCORED.

    Part II:An Evaluation of Training & Experience,weighted 60%, measuring:

    + Experience developing and implementing information technology policies and procedures

    + Experience with incident response

    + Experience with information technology security platforms

    + Experience performing security risk analysis activities

     

    APPLICANTS MUST MEET THE REQUIREMENTS AND ACHIEVE A PASSING SCORE OF 70% OR HIGHER ON EACH PART OF THE EXAMINATION IN ORDER TO BE PLACED ON THE ELIGIBLE LIST.

    Exam Review:

    MULTIPLE-CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19.

     

    All notifications including invitation letters will be sent electronically to the email address provided on the application. It is important to provide a valid email address. Please add [email protected],[email protected],[email protected],[email protected],[email protected],[email protected], [email protected] to your email address and list of approved senders to prevent email notifications from being filtered as spam/junk/clutter mail.

    Transfer of Test Components

    If you recently took identical components for other exams, the test responses may be automatically transferred to this examination. This exam contains test components that might be used on future exams, and the responses could be transferred to that exam.

    Test Preparation

    We provide study guides and other test preparation resources to help job seekers prepare for employment tests. While the guides may help in preparing for the test, we recommend reviewing all related materials that seem necessary.

     

    + Online practice tests are available athttps://www.shldirect.com/en-us/practice-tests (https://www.shldirect.com/en-us/practice-tests).

    + Various information can be found on our website at https://hr.lacounty.gov/job-search-toolkit/. The section dedicated to test preparation is "Employment Test Assistance."

    ELIGIBILITY AND VACANCY INFORMATION:

    Applicants who successfully pass the assessment(s) will be placed on an eligibility list for a period of twelve (12) months. Applications will be processed as they are received and added to the list accordingly. This list will be used to fill vacancies within the Executive Office of the Board of Supervisors as they arise.

     

    Interested in Applying? Please view the application and filing information below.

     

    We only accept applications filed online. Applications submitted by U.S. mail, fax, or in person are not accepted. Apply online by clicking on the "Apply" green button at the top right of this posting. This website can also be used to get application status updates.

     

    Please fill out the application completely. Provide relevant job experience including employer's name and address, job title, beginning and ending dates, number of hours worked per week, and description of work performed.

     

    We may verify information included in the application at any point during the examination and hiring process, including after an appointment has been made. Falsification of information could result in refusal of application or rescission of appointment. Copying verbiage from the Requirements or class specification as your work experience will not be sufficient to demonstrate meeting the requirements. Doing so may result in an incomplete application and may lead to disqualification.

     

    We will send notifications to the email address provided on the application, so it is important to provide a valid email address. If you choose to unsubscribe or opt out from receiving our emails, it is possible to view notices by logging intogovernmentjobs.comand checking the profile inbox. It is every applicant's responsibility to take steps to view correspondence, and we will not consider claims of missing notices to be a valid reason for re-scheduling an exam part. Register the below domains as approved senders to prevent email notifications from being filtered as spam/junk mail.

     

    [email protected]

     

    [email protected]

     

    [email protected]

     

    [email protected]

     

    [email protected]

     

    [email protected]

     

    [email protected]

     

    New email addresses need to be verified. This only needs to be done once per email address and can be done at any time by logging in to governmentjobs.com and following the prompts. This is to enhance the security of the online application and to prevent incorrectly entered email addresses.

     

    ____________________________________________________________________________________________________________________

    Anti-Racism, Diversity, and Inclusion (ARDI):

    The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. We are committed to promoting Anti-racism, Diversity, and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality, diversity, and inclusion in recruitment, selection, and employment practices.

    Testing Accommodation/ ADA Coordinator Phone:

    If you require an accommodation to fairly compete in any part of the assessment process, contact the Testing Accommodations Coordinator at (213) 974-1421. We require a completed “Request for Reasonable Accommodation/appropriate form name” form as well as supporting documentation from a qualified professional justifying the request. The sooner you contact us, the sooner we can respond and keep you moving through the process.

    Social Security Number (SSN):

    Federal law requires that all employed persons have a Social Security Number, so please include yours when applying.

    Access to Computer and Internet:

    For those who do not have access to a computer or the internet, we provide access to complete an application at public libraries throughout the county.

    User ID and Password:

    All applicants must file their application online using their own user ID and password. Using a family member's or friend's login information may erase a candidate's original application record.

     

    Have any questions about anything listed above? Contact us:

     

    Exam Number: H2602B

    Department Contact Name: Jenny Gomez

    Department Contact Email:[email protected]

     

    Department Contact Phone:(213) 974-0895

     

    Testing Accommodations Coordinator:(213) 974-1421

     

    Teletype Phone:(213) 974-1704

     

    California Relay Services Phone:(800) 735-2922

     

    CLICKHERE (http://file.lacounty.gov/SDSInter/dhr/247636\_EmploymentInformation.pdf) FOR ADDITIONAL EMPLOYMENT INFORMATION!

    COUNTY OF LOS ANGELES

    Employment Information

     

    Any language contained in the job posting supersedes any language contained below.

     

    This document is intended to provide general information about the recruitment process of the County of Los Angeles. Applicants with questions about a specific job posting should contact the exam analyst listed on the posting.

    Equal Employment Opportunity/Non-Discrimination Statement:

    The County of Los Angeles is an Equal Employment Opportunity Employer and is committed to non-discrimination in the County workforce, regardless of age (40 and over); ancestry; color; ethnicity; religious creed; protected family or medical leave status; disability; marital status; medical condition; genetic information; military and veteran status; national origin; race ; sex; gender; sexual orientation; or any other characteristic protected by State or federal law. For more information, please visit:https://employee.hr.lacounty.gov/eeo-programs/.

    Testing Accommodations for Applicants:

    The County of Los Angeles complies with all federal and state disability laws and makes reasonable accommodations for qualified applicants and employees with disabilities. If a reasonable accommodation is needed to participate in the job application process, please contact the testing accommodation coordinator listed on the job posting. Hearing impaired applicants with telephone teletype equipment may leave messages by calling the teletype phone number on the job posting. For more information on accommodations, please visit: https://hr.lacounty.gov/accessibility/.

    Fair Chance:

    The County of Los Angeles is a Fair Chance employer. Except as otherwise permissible under applicable laws, you will not be asked to provide information about conviction history unless you receive a conditional offer of employment. The County will make an individualized assessment of whether your conviction history has a direct and adverse relationship with the specific duties of the job, and will also consider potential mitigating factors, which may include, but is not limited to, evidence and extent of rehabilitation, recency of the offense(s), and age at the time of the offense(s). If asked to provide information about conviction history, any convictions or court records which are exempted by a valid court order do not have to be disclosed. Qualified applicants with arrest or conviction records will be considered for employment in accordance with County Fair Chance Policies and the Fair Chance Act (Gov. Code Section 12952).

    Employment Eligibility:

    Final appointment is contingent upon verification of U.S. citizenship or the right to work in the United States.

    Career PathFinder:

    Resources to help current and prospective employees plan a career with Los Angeles County are available. To explore career paths to and from nearly all job titles, please visit our interactive Career PathFinder application athttp://career-pathfinder.hr.lacounty.gov.

    Veteran’s Credit:

    Pursuant to the County Charter and County policy, in all open competitive examinations (i.e., examinations open to everyone), the County of Los Angeles will add a credit of 10 percent of the total credits specified for such examination to the final passing score of an honorably discharged veteran, as well as the spouse of a deceased or disabled veteran, who served in the Armed Forces of the United States under specific conditions.

     

    For more information on veteran’s credit, please visit:https://file.lacounty.gov/SDSInter/dhr/205102\_PPG\_115.pdf

     

    Revised September 2025

     

    For detailed information, please clickhere (http://hr.lacounty.gov/benefits/)

     

    01

     

    The information you provide on this supplemental questionnaire will be evaluated and used to determine your eligibility to participate in the next phase of the examination process. CHECK YOUR ANSWERS CAREFULLY. Any mistakes you make and/or any incomplete responses you provide in completing these questions will be used to disqualify your application even if you possess the qualifying experience or education. Be specific as possible and include all information requested. Comments such as "see resume or application" will NOT be considered as a response. All information is subject to verification at any time in the examination and hiring process. Falsification of any information may result in disqualification or dismissal.

     

    + I understand the above information and instructions.

     

    02

     

    Many important notifications including invitation letters will be sent electronically to the email address provided on the application. It is important that you provide a valid email address. DO NOT select "off" under Email Preferences within your profile or click "unsubscribe" on our notices if you would like the County of Los Angeles to notify you regarding your application status, test schedules, and other important information pertaining to your candidacy for this position. Please add the following email addresses to your list of approved senders to prevent email notifications from being filtered as spam/junk/clutter.

     

    + [email protected]

    + [email protected]

    + [email protected]

    + [email protected]

    + [email protected]

    + [email protected]

     

    It is your responsibility to take the above steps to view correspondence. Los Angeles County will not consider claims of not viewing or receiving notification to be a valid reason for late test administration or rescheduling of a test component.

     

    + I understand the above information and instructions.

     

    03

     

    Information Technology Security AnalystEvaluation of Training and Experience

     

    Instructions:Questions 4 through 11 are a self-assessment of your Training and Experience as it relates to the position. This Evaluation of Training and Experience is weighted at60%of your final exam score. All information that you provide is subject to verification. The assessment will evaluate your experience in the following areas:

     

    + Experience developing and implementing information technology policies and procedures

    + Experience with incident response

    + Experience with information technology security platforms

    + Experience performing security risk analysis activities

     

    In order to receive credit for your responses, please make sure to provide any supporting work history when prompted.Failure to provide a response may result in no or partial credit.

    Certification Statement

    By completing the following self-assessment, I hereby attest that all information I have provided in this training and experience questionnaire is true and complete to the best of my knowledge. I acknowledge that Human Resources staff may verify the information that I have provided.I understand that any misrepresentations, falsifications, or intentional omissions of material facts violates Civil Service Rules and may subject me to actions that may include removal from this examination and dismissal from County employment.

     

    + I have read and understood the above instructions.

     

    04

     

    Indicate the extent of your experience regarding the development and/or implementation of information technology policies and procedures.

    Notes:

    + Participating is defined as being a team or project member contributing to the development or implementation (e.g., workgroups) of information technology policies and procedures, but not being the primary lead.

    + Leading is defined as being the primary individual responsible for all phases of the development and/or implementation of information technology policies and procedures to ensure timely completion within allocated timelines and resources.

    + I have participated in the development OR implementation of information technology policies and procedures

    + I have participated in the development AND implementation of information technology policies and procedures

    + I have led the development OR implementation of information technology policies and procedures

    + I have led the development AND implementation of information technology policies and procedures

    + None of the above

     

    05

     

    In order to receive credit for your response to question 4, please describe the duties you performed developing and/or implementing information technology strategies, policies, or procedures. Also include your position title, employer name, start and end dates of employment (month/year), and immediate supervisor name(s) and phone number(s). If you have no experience in any area listed, then indicate "N/A." Comments such as "see resume or application" will not be considered as a response.Failure to provide a response may result in no or partial credit.

     

    06

     

    What level of experience do you have with incident response activities (e.g., phishing, malware, data breaches, account compromise).

    Notes:

    + Participating is defined as being a team or project member contributing to (e.g., workgroups) incident response activities, but not being the primary lead.

    + Leading is defined as being the primary individual responsible for all phases of an incident response to ensure the security and integrity of your organization’s assets.

    + I have participated in incident response activities

    + I have led incident response activities

    + None of the above

     

    07

     

    In order to receive credit for your response to question 6, please describe the duties you performed for the level of incident response activity selected. Also include your position title, employer name, start and end dates of employment (month/year), and immediate supervisor name(s) and phone number(s). If you have no experience in any area listed, then indicate "N/A." Comments such as "see resume or application" will not be considered as a response.Failure to provide a response may result in no or partial credit.

     

    08

     

    Of the list below, how many information technology security platforms do you possess experience usingand/orimplementing as part of your job?

     

    + CrowdStrike Anti-Malware

    + Microsoft Exchange Online Protection

    + Tenable Vulnerability Management Portal

    + M365 Security Portal

    + 1 platform

    + 2 or 3 platforms

    + All 4 platforms

    + None of the above

     

    09

     

    In order to receive credit for your response to question 8, please describe the duties you performed while using and/or implementing each platform indicated above. Also include your position title, employer name, start and end dates of employment (month/year), and immediate supervisor name(s) and phone number(s). If you have no experience in any area listed, then indicate "N/A." Comments such as "see resume or application" will not be considered as a response.Failure to provide a response may result in no or partial credit.

     

    10

     

    Indicate which security risk analysis activi