Cybersecurity Analyst

The District: 
Irvine Ranch Water District (IRWD) is a progressive, values-driven agency, with an international reputation for its leading-edge financial management practices, water recycling program, water use efficiency practices, water banking, urban runoff treatment, and energy generation and storage. Established in 1961 as a California Water District under the provisions of the California Water Code, IRWD is an independent special district serving central Orange County. IRWD provides high-quality drinking water, reliable sewage collection and treatment, ground-breaking recycled water programs, and environmentally sound urban runoff treatment to its customers. As an independent, not-for-profit public agency, IRWD is governed by a publicly elected five-member Board of Directors. The Board is responsible for the District's policies and decision-making. Day-to-day operations are supervised by the General Manager. Additional information can be found at the District's website: www.IRWD.com.
 
IRWD Corporate Values 
Irvine Ranch Water District believes that its values drive the character, culture, and capacity of our organization. IRWD was built on values, and we weave them into the fabric of everything we do. Values are the ingredients in our recipe for both institutional and individual success. They are a code of conduct to promote positive outcomes for others and ourselves. They are more than words on a wall or a website. We live by them every day. We pledge to keep them relevant in an ever-changing world.
 
 
IRWD's employees enjoy working in a safe, supportive, and nurturing environment where they form strong bonds with fellow employees. To ensure effective communication and promote a collaborative team environment, employees report to work each day in the office or in the field, depending on their positions.
 
The Position:
Under general supervision, responsible for protecting the confidentiality, integrity and availability of the District’s systems and data, cybersecurity strategies and procedures, cybersecurity architecture, design, requirements validation and verification, handling the day-to-day duties for the cybersecurity operations, and collaborating with external cybersecurity agencies/resources.

The ideal candidate for the Cybersecurity Analyst role at Irvine Ranch Water District (IRWD) will have a strong foundation in IT security practices, a keen understanding of the specific security needs within the public utility sector, and a proactive approach to safeguarding sensitive systems and data. This individual will be detail-oriented, collaborative, and capable of navigating complex technical environments while ensuring compliance with industry standards and regulations.

For the full job description and responsibilities of the position, please click here.

Applications will be accepted on a continuous basis until a sufficient number of qualified applications have been received.  The deadline for the first review of applications is 8:00 AM on December 2, 2024.  Qualified candidates are encouraged to submit applications early.  Candidates who submit applications after the first review deadline are not guaranteed to be considered for this recruitment.  This recruitment may close at any time without notice after the first review deadline. 

This position is 100% in-office, meaning employees are expected to work from our Sand Canyon or Operation office full-time, without the option for remote work.
 

Management reserves the right to add, modify, change, or rescind the work assignments of different positions and to make reasonable accommodations so that qualified employees can perform the essential functions of the job.

Assist in defining enterprise cybersecurity policies, standards, guidelines and procedures to ensure a robust and current cybersecurity program.

Assist in developing and implementing strategies to balance security recommendations with business needs; define solutions that balance both business and security requirements.

Maintain, test and execute the Incident Response Plan to effectively respond to cybersecurity incidents.

Identify vulnerabilities in current system designs and recommend solutions.

Assist in performing project management duties on assigned systems projects; may be assigned full responsibility for specific systems.

Monitor vendor and third-party security reports/lists in order to assist IT staff in proactively applying security patches.

Monitor and analyze cybersecurity incident-related data and determine the appropriate response.

Provide emergency response to reduce down-time, correct errors, or initiate and monitor vendor activity surrounding critical system failures, off-hours scheduled maintenance downtime, or on an as needed basis.

Perform research, gather costing information, recommend hardware and software; gather vendor quotes and assist in budget preparation.

Provide reporting on system security status and relevant cybersecurity data.

Assist with conducting disaster recovery analysis, planning, implementation, testing and administration for systems.

Conduct security impact analyses; implement and monitor access controls.

Coordinate and communicate cybersecurity projects with all District departments.

Design and implement engaging cybersecurity awareness programs for all employees, contractors, and stakeholders.

Research and stay current with the latest developments in cybersecurity risk management techniques and technologies.

Evaluate and integrate new tools, techniques, and methodologies to enhance training effectiveness and address new cybersecurity challenges.

Collaborate with cybersecurity teams to ensure that the training content is up-to-date with the latest threat landscape.

Stay informed on relevant information security laws, regulations, and compliance standards.

Maintain effective relationships with various Departments, consultants, and vendors to provide needed support and participate in cross-department projects as directed.  

Develop and maintain working relationships with external agencies/resources, including FBI, Department of Homeland Security, OCIAC, ISACs, and other cyber threat intelligence and response resources.

Comply with safety work-related practices and attend relevant safety training.

Perform other related duties as assigned.

Disaster Service Worker:  In accordance with Government Code Section 3100, Irvine Ranch Water District employees, in the event of a disaster, are considered disaster service workers and may be asked to respond accordingly.

Any combination of training and experience that would provide the required knowledge, skills, and abilities is qualifying.  A typical way to obtain the required qualifications would be:

Education
Equivalent to a bachelor's degree from an accredited college or university in computer science, management information systems, or related field.

Experience
Five (5) years of network architectures, IT communications, and cybersecurity, with at least three (3) of those years performing in a lead or expert capacity on complex information technology systems. Experience with cybersecurity for cloud, wireless, Cisco network equipment and Checkpoint firewall software desired.  Experience with NIST CSF or ISO 27001 desired.  

Licenses and Certifications

A valid Class ‘C’ California Driver’s License may be required.
Information security certification, such as CISSP, GCIH, or CISA is desired.

• Microsoft 365 and Microsoft Azure, Windows and Linux server administration.
• Principles of cybersecurity compliance, SIEM and security solutions.
• District and mandated safety rules, regulations, and protocols.    
• Techniques for providing a high level of customer service, by effectively dealing with the public, vendors, contractors, and District staff.  
• The structure and content of the English language, including the meaning and spelling of words, rules of composition, and grammar. 
• Modern equipment and communication tools used for business functions and program, project, and task coordination, including computers and software programs relevant to work performed.

• Analyze, interpret, summarize, and present technical information and data in an effective manner.  
• Make accurate advanced mathematical and statistical computations.  
• Develop and implement effective technical training programs and presentations for staff.
• Establish and maintain a variety of filing, record keeping, and tracking systems. 
• Prepare clear and concise reports, correspondence, documentation, and other written materials.  
• Use tact, initiative, prudence, and judgment within general policy and procedural guidelines. 
• Organize work, set priorities, meet critical deadlines, and follow-up on assignments. 
• Communicate clearly and concisely, both orally and in writing, using appropriate English grammar and syntax. 
• Establish, maintain, and foster positive and effective working relationships with those contacted in the course of work.  
• Effectively use computer systems, software applications relevant to work performed, and modern business equipment to perform a variety of work tasks.

PHYSICAL DEMANDS 
Must possess mobility to work in a standard office setting and use standard office equipment, including a computer; vision to read printed materials, and a computer screen; and hearing and speech to communicate in person and over the telephone; ability to stand and walk between work areas is required. Finger dexterity is needed to access, enter, and retrieve data using a computer keyboard or calculator and to operate laboratory instruments and standard office equipment. Positions in this classification occasionally bend, stoop, kneel, reach, push, and pull drawers open and closed to retrieve and file information. Employees must possess the ability to lift, carry, push, and pull materials and objects up to 50 pounds with the use of proper equipment and/or assistance from other staff.

ENVIRONMENTAL CONDITIONS
Employees work in an office environment with moderate noise levels, controlled temperature conditions, and may expose employee to hazardous materials, and environment. Occasional visits to construction sites where noise level may be higher than typical office environment. Employees may interact with upset staff and/or public and private representatives in interpreting and enforcing departmental policies and procedures.