INFORMATION TECHNOLOGY SECURITY ANALYST

Position/Program Information

EXECUTIVE OFFICE OF THE BOARD OF SUPERVISORS

FILING PERIOD The application filing period will begin on Tuesday, December 30, 2025, at 8:00 a.m. (PT) - Continuous. We will keep accepting applications until the position is filled. The application window may close unexpectedly once we have enough qualified candidates.

EXAM NUMBER

H2602B

TYPE OF RECRUITMENT
We welcome applications from everyone!
About Our Department The Executive Office (EO) of the Board of Supervisors (Board) serves as the foundation of the County government, facilitating the essential functions that enable the Board to conduct its legal duties. From creating and posting the Board agenda to hosting the meetings that facilitate County business, our department plays a critical and indispensable role. As recognized by fellow Clerks of the Board across California, our position is often described as the "hub of the wheel" of County government - essential for effective governance. Our multifaceted support for the Board has earned us the fitting analogy of "the kitchen drawer" of County departments, reflecting the diverse range of services we provide.

The Opportunity

This experienced-level class performs the full range of activities related to the development, implementation, and monitoring of information systems security standards, best practices, and architectures for a County department. Positions allocable to this class work under the general supervision of an Information Technology (IT) supervisor or manager to perform the full range of tasks related to the development, implementation, and monitoring of a departmental information technology security program including related policies and procedures. Incumbents carry out routine to complex assignments in one or more IT security-related areas, including application, network, physical/environmental, server, and workstation security; and security incident response, awareness training, identity and access management, and risk assessment.

These positions require advanced knowledge of the functional areas of information systems security, including applicable legislation regarding protection of IT resources; IT risk assessment strategies and methodologies; security issues pertaining to protecting IT resources; information security standard methodologies; security management and practices; computer threats, vulnerabilities, and exploits; and Business Continuity Planning (BCP) and Disaster Recovery Planning(DRP). Incumbents must possess the ability to perform risk analysis; handle sensitive matters with discretion and maintain confidentiality; plan and carry out or lead small to medium IT security projects; and develop technical documentation and narrative reports.

Information Technology Security Analyst is distinguished from Information Technology Security Specialist in that the latter typically leads large or enterprise security projects and may supervise staff.
Check Out Our Outstanding Benefits!
The County of Los Angeles offers an excellent benefits package that includes a Cafeteria Benefit Plan, Contributory Defined Benefit Retirement Plan, Deferred Compensation & Thrift Plans, and 13 paid Holidays. Click here to see a list of employee benefits.

Essential Job Functions

• Participates in designing, applying, and monitoring a departmental IT security program in accordance with County and department-specific policies, standards, procedures and guidelines.
• Completes the analysis, build, testing, and deployment of IT security solutions.
• Assesses performance of applications across all components to identify potential vulnerabilities or threats; assists developers and infrastructure support staff with planning and implementing security countermeasures.
• Ensures that network devices are tested, implemented, and maintained through improvements, fixes, and revisions and with appropriate security controls such as authentication and configuration.
• Documents network data flows and access controls.
• Conducts risk assessments for identity and access management controls.
• Analyzes security data from computing and network devices to identify potential threats and vulnerabilities or to determine root cause of security incident.
• Analyzes security hardware and software to determine their utility within the network infrastructure; participates in change control and technical review of proposed changes to IT resources.
• Analyzes system outages, alerts, and reports of abnormal system behavior due to suspected security-related events such as viruses, Trojan activity, and hacker intrusions.
• Monitors, analyzes, and responds to security events using security event-management tools.
• Compiles and validates security-related statistical data for management reporting.
• Assists in crafting, applying, and assessing a departmental security-awareness training program and related materials and trains departmental staff at all levels on security protocols, policies, and procedures.
• Assists with development of compliance strategies for IT security programs; assesses risks of non-compliance with IT security policies, procedures, standards and guidelines and reports findings to appropriate management.
• Assists in the development and implementation of Business Continuity Plans and Disaster Recovery Plans.
• Assists with maintaining chain of custody of electronic and physical evidence related to an IT security incident.
• Monitors and assesses physical security control safeguards.
• Participates in the Countywide Computer Emergency Response Team (CCERT), Departmental Computer Emergency Response Team (DCERT), and or Security Engineering Teams (SET), as required.

Requirements

QUALIFYING REQUIREMENTS:

OPTION I: Graduation from an accredited college with a bachelor's degree* in Computer Science, Information Systems, or a closely related field** AND two (2) years of recent, full-time, paid experience, within the last 5 years, assisting with the implementation, management, and monitoring of IT security solutions and programs, in one (1) or more of the following areas***.

OPTION II:Three (3) years of recent, full-time, paid experience, within the last 5 years, assisting with the implementation, management, and monitoring of IT security solutions and programs, in one (1) or more of the following areas***.
***Areas Include:

• Information systems security
• IT risk assessment strategies and methodologies
• Security issues pertaining to protecting IT resources
• Information security best practices
• Security management and practices
• Computer threats, vulnerabilities, and exploits
• Business Continuity Planning (BCP)
• Disaster Recovery Planning (DRP)

SUPPORTING DOCUMENTATIONS REQUIRED: *To receive credit for your education, include a legible copy of the official diploma, official transcript, or letter/certificate from an accredited institution within ten (10) days of filing the application. If you are unable to upload the document at the time of applying, you may send the documents to jegomez@bos.lacounty.gov . and indicate your name, the exam name, and exam number. The document should show the date the degree was conferred and be in English; if it is in a foreign language, it must be translated and evaluated for equivalency to U.S. standards. For more information on our standards for educational documents, please visit: https://file.lacounty.gov/SDSInter/dhr/070812_PPG123.pdf and https://file.lacounty.gov/SDSInter/dhr/205105_PPG_123_ACE_Resource_Guide.pdf

We do not accept password-protected documents. Ensure documents are unlocked before attaching to your application or sending to the exam analyst.

SPECIAL REQUIREMENT INFORMATION:

**Closely related fields include Computer Engineering; Computer Information Systems; Computer Science and Engineering; Electrical Engineering and Computer Science; Management Information Systems; and Mathematics with Computer Science. Any degree that is not specifically listed will be reviewed by an IT subject matter expert(s) to determine whether the degree qualifies.

NO OUT-OF-CLASS EXPERIENCE OR WITHHOLDS WILL BE ACCEPTED FOR THIS EXAMINATION.
LICENSE: A valid California Class C Driver License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.

PHYSICAL CLASS:
Physical Class II - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10 pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved.

DESIRABLE QUALIFICATIONS:

• Application Security management (ASM): Experience in application development using standard IT systems development methodology and techniques for resolving business problems. Includes systems develop, database management, development of online data entry and data inquiry capabilities, and defining techniques; communications, network analysis, design, planning and performance tuning.
• Identity and Access Management (IAM): Experience with defining, testing, and implementing IT user provisioning and identity management technologies. Includes developing IAM policies, standards, and procedures; identifying appropriate access control techniques; analyzing and selecting IAM solutions; and familiarity with security and system development life cycles (SDLC) processes.
• Incident Response Management (IRM): Experience in an IT organization providing technical assistance in computer incident response for potential or actual information-security breaches or attacks. Includes detecting, analyzing, responding to, and reporting information security incidents; and familiarity with the chain-of-custody process.
• Microsoft Security Suite Management: Experience using security tools in the Microsoft E5/G5 Security Suite including Microsoft Defender for Endpoint, Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft Purview, and Microsoft Defender for Cloud Apps.
• Network Security Management (NSM): Experience in IT network planning, design, and analysis. Involves supporting the implementation of security tools and controls such as intrusion detection/prevention systems, sniffers, and firewalls.
• Physical / Environmental Security (PES): Experience in managing physical and environmental IT security methodologies to prohibit unauthorized physical access and prevent damage to IT resources. Includes physical and environmental security planning, design, and analysis.
• Policy and Compliance Management (PCM): Proficient with developing and implementing IT security policies and standards. Involves supporting the monitoring for compliance.
• Risk Assessment Management (RAM): Experience performing IT security risk assessments. Includes assisting with crafting and carrying out business continuity and disaster recovery plans and in developing risk assessment reports of findings and recommendations for remediation.
• Security Awareness Training (SAT): Experience assisting in developing, implementing, and evaluating IT security awareness training programs and related materials. Includes assisting in reporting of training compliance.
• Server Security Management (SSM): Experience in IT server (e.g., email, web, application, and database) security management comprised of implementing upgrades, patches, and updates to operating systems, software applications, and security protection software. Includes configuring server environment to protect the integrity of the system, for example by limiting user rights, disabling unnecessary services, and establishing group policies where applicable.
• Workstation Security Management (WSM): Experience managing the security of workstation (e.g., desktops, laptops and tablets) and portable devices (e.g., thumb drives and personal digital assistants). Includes implementing upgrades, patches, and updates to operating systems, software applications, and security protection software; establishing group policies and user rights; and disabling unnecessary services where applicable.

Additional Information

Once we have identified that you meet the requirements, an invitation regarding the following assessment processes will be sent.

Our Assessment Process
This examination consists of two (2) parts:
Part I : Multiple Choice and Simulation Assessments, weighted 40%, measuring:

• Reading Comprehension
• Deductive Reasoning
• Professional Potential
• Achievement
• Working Relationships
• Analyzing Information
• Learning Quickly
• Generating New Ideas
• Using Time Efficiently
• Working to High Quality Standards
• Adapting to Change
• Coping with Uncertainty
• Willingness to Learn
• Responsibility

APPLICANTS MUST MEET THE REQUIREMENTS AND ACHIEVE 70% OR HIGHER ON PART I IN ORDER FOR THEIR EVALUATION OF TRAINING AND EXPERIENCE (PART II) TO BE CALCULATED AND SCORED.

Part II: An Evaluation of Training & Experience, weighted 60%, measuring:

• Experience developing and implementing information technology policies and procedures
• Experience with incident response
• Experience with information technology security platforms
• Experience performing security risk analysis activities

APPLICANTS MUST MEET THE REQUIREMENTS AND ACHIEVE A PASSING SCORE OF 70% OR HIGHER ON EACH PART OF THE EXAMINATION IN ORDER TO BE PLACED ON THE ELIGIBLE LIST.

Exam Review:

MULTIPLE-CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19.
All notifications including invitation letters will be sent electronically to the email address provided on the application. It is important to provide a valid email address. Please add vcudiamat@hr.lacounty.gov , info@governmentjobs.com , talentcentral@shl.com , noreply@proctoru.com , jegomez@bos.lacounty.gov , noreply@government.gov , and donot-reply@amcatmail.com to your email address and list of approved senders to prevent email notifications from being filtered as spam/junk/clutter mail.

Transfer of Test Components
If you recently took identical components for other exams, the test responses may be automatically transferred to this examination. This exam contains test components that might be used on future exams, and the responses could be transferred to that exam.

Test Preparation
We provide study guides and other test preparation resources to help job seekers prepare for employment tests. While the guides may help in preparing for the test, we recommend reviewing all related materials that seem necessary.

• Online practice tests are available at https://www.shldirect.com/en-us/practice-tests (https://www.shldirect.com/en-us/practice-tests).
• Various information can be found on our website at https://hr.lacounty.gov/job-search-toolkit/ . The section dedicated to test preparation is "Employment Test Assistance."

ELIGIBILITY AND VACANCY INFORMATION:
Applicants who successfully pass the assessment(s) will be placed on an eligibility list for a period of twelve (12) months. Applications will be processed as they are received and added to the list accordingly. This list will be used to fill vacancies within the Executive Office of the Board of Supervisors as they arise.

Interested in Applying? Please view the application and filing information below.
We only accept applications filed online. Applications submitted by U.S. mail, fax, or in person are not accepted. Apply online by clicking on the "Apply" green button at the top right of this posting. This website can also be used to get application status updates.
Please fill out the application completely. Provide relevant job experience including employer's name and address, job title, beginning and ending dates, number of hours worked per week, and description of work performed.

We may verify information included in the application at any point during the examination and hiring process, including after an appointment has been made. Falsification of information could result in refusal of application or rescission of appointment. Copying verbiage from the Requirements or class specification as your work experience will not be sufficient to demonstrate meeting the requirements. Doing so may result in an incomplete application and may lead to disqualification.

We will send notifications to the email address provided on the application, so it is important to provide a valid email address. If you choose to unsubscribe or opt out from receiving our emails, it is possible to view notices by logging into governmentjobs.com and checking the profile inbox. It is every applicant's responsibility to take steps to view correspondence, and we will not consider claims of missing notices to be a valid reason for re-scheduling an exam part. Register the below domains as approved senders to prevent email notifications from being filtered as spam/junk mail.

info@governmentjobs.com
talentcentral@shl.com
noreply@proctoru.com
donot-reply@amcatmail.com
noreply@government.gov
vcudiamat@hr.lacounty.gov
jegomez@bos.lacounty.gov

New email addresses need to be verified. This only needs to be done once per email address and can be done at any time by logging in to governmentjobs.com and following the prompts. This is to enhance the security of the online application and to prevent incorrectly entered email addresses.

____________________________________________________________________________________________________________________

Anti-Racism, Diversity, and Inclusion (ARDI):
The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. We are committed to promoting Anti-racism, Diversity, and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality, diversity, and inclusion in recruitment, selection, and employment practices.

Testing Accommodation/ ADA Coordinator Phone:
If you require an accommodation to fairly compete in any part of the assessment process, contact the Testing Accommodations Coordinator at (213) 974-1421. We require a completed “Request for Reasonable Accommodation/appropriate form name” form as well as supporting documentation from a qualified professional justifying the request. The sooner you contact us, the sooner we can respond and keep you moving through the process.

Social Security Number (SSN):
Federal law requires that all employed persons have a Social Security Number, so please include yours when applying.

Access to Computer and Internet:
For those who do not have access to a computer or the internet, we provide access to complete an application at public libraries throughout the county.

User ID and Password:
All applicants must file their application online using their own user ID and password. Using a family member's or friend's login information may erase a candidate's original application record.

Have any questions about anything listed above? Contact us:
Exam Number: H2602B
Department Contact Name: Jenny Gomez
Department Contact Email: jegomez@bos.lacounty.gov
Department Contact Phone: (213) 974-0895
Testing Accommodations Coordinator: (213) 974-1421
Teletype Phone: (213) 974-1704
California Relay Services Phone: (800) 735-2922

CLICK HERE FOR ADDITIONAL EMPLOYMENT INFORMATION!

For detailed information, please click here

• 

• Los Angeles County

• (800) 970-5478

Show more