"Information Security Analyst"

Information Security Analyst

Job no: 551683
Work type: Staff
Location: Northern California: Humboldt
Categories: Bargaining Unit: Confidential, Appointment Type: Probationary, Time Basis: Full Time, Job Search Category/Discipline: Information Systems & Technology, Workplace Type (Exclude Inst Fac): Telecommute eligible (work onsite as scheduled and/or as requested and telecommute as scheduled)

First Review Date: Thursday, October 16, 2025
Open Until Filled

At Cal Poly Humboldt, bold hearts and open minds shape the future.

Founded in 1913, Cal Poly Humboldt began as a small college for teachers. Today Humboldt has grown into a comprehensive university with rigorous science and liberal arts programs. Designated a polytechnic in 2022, Cal Poly Humboldt provides hands-on, impactful educational opportunities that lead to meaningful, measurable outcomes for the individual, for the state, and the world.

Cal Poly Humboldt is proud to have more than 6,000 students of all backgrounds spread across 61 majors, 13 graduate programs, and 4 credential programs - all of whom contribute passion and creativity within their fields and set the stage for a future grounded in equity and sustainability. Hands-on learning, inspired teaching, ground-breaking research, and thought-provoking creative activity happen daily at Humboldt.

Finding a better future is a task for the bold and open, the down-to-earth and visionary. Cal Poly Humboldt strives to cultivate these qualities in leaders, innovators, and scholars in every field.

(Job # 551683) Confidential Technical Support, Information Security Analyst, Salary Range: $4,228 - $12,444 Hiring Range: $4,228 - $8,333. This is a full-time, benefited, exempt, 12-month pay plan, permanent position with a one-year probationary period in the Information Security Department. This position comes with a premium benefits package that includes outstanding vacation, medical, dental, and vision plans, life insurance, voluntary pre-tax health and dependent care reimbursement accounts, a fee waiver education program, membership in the California Public Employees Retirement System (PERS), and 14 paid holidays per year. Additional benefits information can be found at https://www.humboldt.edu/hr/employee-benefits.

Position Summary:

The Information Security Office within Information Technology Services (ITS) develops and manages information security assessment and operations, evaluates strategic technologies, and leads interpretation and application of IT policy for the campus.

Under the general direction of the Information Security Officer, the Information Security Analyst (Confidential Technical Support) leads security monitoring, incident response, and technical security initiatives to safeguard university data and infrastructure. This position applies advanced knowledge of security frameworks, threat detection, and forensic analysis to detect, prevent, and respond to cyber threats.

The Information Security Analyst will require ongoing access to highly confidential data such as campus email content, HR, APS, UPD, Payroll, Health Center, and Presidential workstations, file shares, and encrypted data sets in order to assist the Information Security Officer in investigations and secure operations as needed. In addition, this position plays a critical role in assisting management in the preparation of reports for management in support of labor disputes, bargaining issues, litigation, Title IX investigations, criminal activity, and Public Records Access Requests.

The analyst provides lead work direction for student security analysts, guiding day-to-day assignments and supporting their development through mentoring and technical oversight.

This position may perform some duties remotely via telecommuting. If operational needs allow, the appropriate administrator will set a schedule with the incumbent and file a Telecommute Program Form delineating which duties can be accomplished remotely. While telecommuting, all ITS employees are expected to stay signed in to email and chat programs and be responsive and available through their scheduled remote shifts.

Key Responsibilities:

Security alert investigation and response - 35%

• Develop and tune detection rules, analyze alerts, investigate incidents, and execute automated and manual response actions. Conduct forensic analysis, maintain incident response playbooks, and coordinate mitigation across stakeholders.
• Lead the intake and triage of alerts from SIEM, endpoint, firewall, and other sources.

Security tool administration - 30%

• Administer and improve core security tools including SIEM, EDR/XDR, vulnerability management, and threat intelligence platforms.
• Design and maintain integrations, create scripts for data normalization and enrichment, and lead implementation of detection and response enhancements.

Work direction and security student mentorship - 15%

• Provide lead work direction for student security analysts, including daily task assignment, quality assurance, technical mentoring, and development of training resources to build their capabilities and support overall SOC effectiveness.

Technology security reviews - 15%

• Participate in technology security reviews (e.g., procurement, vendor, and existing systems), identifying risks and recommending mitigations.
• Support delivery of campus-wide awareness and training efforts. Assist with documentation related to audits, compliance, and public records or legal matters.

Other Duties as Assigned - 5%

Knowledge, Skills, and Abilities Associated with this Position Include:

• Thorough and advanced knowledge of information security frameworks, standards, and best practices.
• Knowledge of cybersecurity technologies including SIEM, endpoint detection and response (EDR), network security, vulnerability management, and secure architecture.
• Demonstrated competence in independently applying judgment to resolve complex information security risks and incidents.
• Analytical skills to assess security problems from a broad perspective and develop strategic solutions.
• Skilled with scripting, log analysis, and data correlation for automated detection and response.
• Strong communication and interpersonal skills to effectively convey security risks and policies to diverse audiences, including management.
• Ability to independently manage and contribute to incident response efforts, from detection and analysis through containment, recovery, and post-incident review.
• Strong project planning and time management skills, with the ability to manage concurrent security initiatives.
• Ability to handle and protect sensitive/confidential information, including in support of public records or legal investigations.
• Demonstrated commitment to fostering an inclusive working environment and supporting individuals from diverse backgrounds.

Minimum Qualifications:

To enter this classification at position skill level I, a basic foundation of knowledge and skills in computer programming and software development, information processing, systems analysis, technical information equipment and systems, and/or application program packages and related technical functions is a prerequisite. This foundation normally would be obtained through a bachelor's degree in computer science, information systems, educational technology, communications, or related fields, or similar certified coursework in applicable fields of study. Foundation knowledge and skills may include working knowledge of common software application packages, equipment platforms, reference database systems and sources, and training methods and a basic understanding of networks, data communications, and multimedia systems.

Preferred Qualifications:

• Professional certifications such as CISSP, GCIH, GCFA, or OSCP.
• Experience with tools and platforms such as SIEMs, Firewall logs, XDR, Threat Intelligence, and vulnerability scanners.
• Familiarity with CSU system security policies and institutional data classification standards.
• Knowledge of compliance requirements and frameworks such as the NIST Cybersecurity Framework (CSF), GLBA, FERPA, and California privacy laws.
• Experience evaluating the security posture of third-party vendors and cloud-based services.
• Demonstrated ability to develop and deliver information security training and awareness programs.
• Strong technical writing skills, including the ability to produce documentation, risk assessments, and procedural guidance.
• Familiarity with DevSecOps practices and Git-based workflows for version control and automation.
• Skill in mentoring and providing lead work direction to professional, technical, or student staff.
• Proven ability to develop automated detection and response workflows that reduce triage time or false positives through scripting and correlation of diverse log sources.
• 4+ years of relevant full-time experience in information security operations, including responsibility for threat detection, incident response, and the administration of security tools such as SIEMs and EDR platforms.

Application Procedure: To apply, qualified candidates must electronically submit the following materials by clicking the Apply Now button:
- Letter of Interest
- Resume or Curriculum Vitae
- Contact information for at least three professional references

Application Deadline: The deadline to submit application materials for the first review date is 11:55 p.m. on October 16, 2025.

Any inquiries about this recruitment can be directed to careers@humboldt.edu or Cal Poly Humboldt's Human Resources Office at (707) 826-3626.