Salary : $102,169.60 - $140,774.40 Annually Location : Throughout San Bernardino County, CA Job Type: Full-time Job Number: 25-15026-01 Department: Innovation and Technology Department Opening Date: 08/02/2025 Closing Date: 8/15/2025 5:00 PM Pacific The Job The Innovation and Technology Department is seeking motivated and passionate professionals for the role of Information Security Analyst. The analyst will be responsible for monitoring, analyzing, and collaborating on security incidents and events to safeguard the security operations of the Countywide Information Security Program. They will respond to, defend against, consult on, and resolve enterprise and departmental security concerns, events, issues, and incidents related to cyber, operational, and information security. Key responsibilities may include:
- Monitoring computer networks for security issues and suspicious activities.
- Incident responder and investigates cybersecurity incidents.
- Lead response efforts in collaboration with other IT teams, vendors, and cyber intelligence partners to analyze and remediate the issue.
- Educates staff; and recommends security measures including protocols, policies, and procedures to leadership.
- Conducts vulnerability assessments with a proactive focus on threat intelligence and the mitigation and prevention of cyberattacks.
- Collaborate with colleagues for network security design enhancements.
Current vacancies exist within the Innovation and Technology Department (ITD). For more detailed information, refer to the Information Security Analyst job description. BENEFITS OVERVIEWHealth BenefitsPaid Time OffRetirement
- Medical and Dental: Family Coverage
- Vision: Employee Coverage
- Premium Subsidies to offset health costs
- Flexible Spending Account (FSA): Pre-tax account for qualified healthcare expenses
- Up to 4 weeks accruable vacation with cash-out option
- 11 days accruable sick leave
- 15 paid holidays
- Perfect attendance leave
- Flexible work schedules (in some departments)
- Generous Pension
- Retirement reciprocity may be available
- 457(b) Deferred Compensation Plan
- Retirement Medical Trust Fund
DCAP Account - County Paid Life Insurance - AD&D Insurance 529 Savings Plan -Short & Long Term Disability - Wellness Program - Commuter Services - Employee Discounts - Annual Tuition Reimbursement For additional information, review the To view additional details, explore the CONDITIONS OF EMPLOYMENT Pre-Employment Process: Applicants must successfully pass a background check and a job-related physical exam, including a drug test, prior to employment Availability: Incumbents may occasionally work evening and weekend hours. Some overtime, on-call, or call back work may be required. Sponsorship: Please note San Bernardino County is not able to consider candidates who will require visa sponsorship at the time of application or in the future. Candidates must be able to present their legal right to work in the United States. Minimum Requirements REQUIRED EXPERIENCE: Three (3) years of experience assisting with the implementation, management, and monitoring of IT security solutions and programs. -AND- REQUIRED EDUCATION: Sixty (60) semester (90 quarter) units of completed college-level courses in information security, information systems, programming, computer science, software engineering, or a closely related field. Substitutions:
- One (1) additional year of qualifying work experience may substitute for the education requirement.
- A Bachelor's degree in information security, information systems, information technology, programming, computer science, software engineering, or a closely related field may substitute one (1) year of the required experience.
Desired Qualifications The ideal candidate will possess:
- Master's degree in information systems, information security, information technology, computer science, or a closely related field.
- Information security experience in higher education or state/local government.
- Information security related training or certifications such as CEH, CSA, or CISSP.
- Experience performing information security audits or risk assessments.
- Ability to administer network and host-based tools for penetration testing and ethical hacking products and tools.
- Knowledge of host compromise, and various techniques for malware injection and MITRE Kill Chain Framework.
- Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Experience with cloud infrastructure and provisioning technology.
Selection Process Examination Procedure: There will be a competitive evaluation of qualifications based on the information provided in the Application and the Supplemental Questionnaire. You are encouraged to include detailed descriptions of your qualifying experience and skills, as only the most highly qualified applicants will be referred to the Department. Application Procedure:Please complete and submit the online employment application and supplemental questionnaire for consideration before the posted deadline. Resumes will not be accepted in lieu of the application and/or supplemental questionnaires. To ensure timely and successful submission of your online application, please allow ample time to complete and submit your application before the filing deadline. Applicants will be automatically logged-out if they have not submitted the application and all required materials prior to the posted deadline. Once your application has been successfully submitted you will receive an onscreen confirmation and an email. We recommend that you save and/or print these for your records. Please note: if you do not receive an onscreen confirmation and an email acknowledging our receipt of your application, we have not received your application. If you need technical assistance, follow this link to or contact their Toll-Free Applicant Support line at (855) ###-####. Please note that Human Resources is not responsible for any issues or delays caused by your internet connection, computer, or browser when submitting an application. Equal Employment Opportunity (EEO) / Americans with Disabilities Act (ADA):San Bernardino County is an and Americans with DisabilitiesAct (ADA) compliant employer, dedicated to ensuring equal employment opportunities for allemployees and applicants. ADA Accommodation:If you have a disability and need accommodations during the testing process, please submit the within one week of the recruitmentfiling deadline. Veterans' Preference:Eligible veterans, their spouses, or widows/widowers who are not current County employees mayreceive additional Veterans' Preference points. For details and instructions on how to request thesepoints, please refer to the For more important details, Administrative Services Unit The County of San Bernardino offers a range of benefit programs for employees and their eligible dependents. These include health, dental, vision, and life insurance, as well as a variety of voluntary benefits. Programs and benefit amounts vary and are based on bargaining unit, family size, hire date, plan selection, and number of hours worked. For a summary of benefits, please click Refer to the appropriate MOU, contact the County's Employee Benefits and Services Division at (909) ###-#### or visit the Benefits website for more detailed information at 01
PLEASE READ THE BELOW STATEMENT Instructions: The information provided on your application and in your responses to the following Supplemental Questionnaire will be used to determine if you meet the minimum requirements for this position, as well as in a
competitive evaluation of qualifications. It is in your best interest to be as thorough as possible in your responses. Applicants will not be able to update their application materials or answers to the questionnaire once the application has been submitted. Note: Experience listed on this questionnaire must also be listed and fully detailed in the work experience section of your application.
- I have read and understand the above statement.
02
Education: Do you possess sixty (60) semester (90 quarter) units of completed college level courses in information security, information systems, programming, computer science, or software engineering?
03
Education/Coursework: A list of coursework is required. Please provide the following information:
Course Number & Title School name Units: number of units & type (semester or quarter) Example: CSCI 1-Computer Science I, CSUSB, 4 qtr units.If you have completed a degree in Computer Science or other closely related field, indicate degree completed (e.g., B.S., M.S., etc.), major field, and school. You do not need to list coursework. If you have attached unofficial transcripts in lieu of listing coursework, please indicate such below.If none, indicate N/A 04
Security Operations Center Experience: Describe your experience and competency level (i.e., expert, moderate, novice, or knowledge only) assisting with the implementation, management, and monitoring and analysis of IT cybersecurity incidents and events, solutions threat intelligence analysis and investigation, penetration testing, vulnerability scanning, and use of other related computer forensic tools and programs. Ensure to include name of employer. Experience listed must be listed and fully detailed in the work experience section of your application.If none, indicate N/A 05
Incident Response Management Experience: Describe your experience and competency level (i.e., expert, moderate, novice, or knowledge only) assisting or leading a cyber or information security event, incident, or breach. Describe in detail at least two (2) notable cybersecurity network intrusions/incidents where you were the primary or lead individual and share your experience and approach, methodology, actions taken, preventive measures suggested/recommended, and your interaction with law enforcement (if applicable). Ensure to include name of employer, date (month and year) of the intrusion/incident, without providing any sensitive information specific to these two intrusions/incidents. If none, indicate N/A 06
Security Awareness Training Program and Policy Formulation Experience: Describe your experience and competency level (i.e., expert, moderate, novice, or knowledge only) establishing, supporting, and innovating your organization's security awareness training program that includes phishing simulation exercises. Specific to this program, describe in detail at least two (2) accomplishments that demonstrate cybersecurity risk was mitigated. Describe your experience by citing at least two (2) examples of your work in formulating a policy, standard, or process/procedure associated with an organization's information security program. Ensure to include the name of the employer. Experience must be listed and fully detailed in the work experience section of your application.If none, indicate N/A 07
Applicant Acknowledgement - Notification via email: As part of our efforts to increase efficiency and promote conservation of resources, Human Resources uses email to communicate with applicants. Therefore, all future communications regarding this recruitment, including applicant status and testing notifications, will be made via email.) Each applicant needs their own email address. We strongly encourage you, as an applicant, to ensure that the email address you have provided with your application is current, secure and readily accessible to you. Adjust Spam and/or other filters so that our emails are accepted. Please carefully read any notices that we send you and follow any instructions provided in a timely manner. We will not be responsible in any way if you do not receive our emails (i.e., for the non-delivery of our emails or if you fail to check your e-mail on a timely basis).
- I acknowledge that I have read, understood, and agree to the above statement.
08
**ATTENTION GMAIL USERS** We have become aware of an increase in Gmail's spam filter sensitivity. Due to this change, it is possible that emails coming from San Bernardino County Human Resources may be marked as spam and will not make it into your Gmail inbox. For your convenience, the attached PDF document contains a step-by-step guide to create and apply filters within Gmail. Click this link to Once downloaded, follow the instructions so that you will receive future emails from San Bernardino County Human Resources.
Note: If you apply the filters and still do not receive emails from San Bernardino County Human Resources you can check your (Neogov) account inbox. All notifications will appear there.
09
Applicant Acknowledgement - Application Complete: Thank you for taking the time to complete this application and supplemental questionnaire. Please be sure to review all information provided prior to submitting it as you cannot update or revise it once submitted. Your submitted application will be reviewed and evaluated as is. Please do not refer to a resume or other documentation in lieu of completing the employment history section or responding to the supplemental questions; they will not be reviewed or considered. Once your application has been successfully submitted, you will receive an onscreen confirmation and an email confirmation will be sent to the email address listed on your application. We recommend that you save and/or print these for your records. Please note, if you do not receive an onscreen confirmation and an email acknowledging our receipt of your application we have not received your application.
- I acknowledge that I have reviewed my application and understand that I will not be able to update or revise any part of it once submitted..
Required Question