IT Security Analyst Sr.

At the Monterey Bay Aquarium, we are passionate about creating an inclusive workplace that celebrates and values diversity. We firmly believe that having a team of diverse backgrounds and voices, working together, increases our capacity to serve our visitors and fulfill our mission. We welcome people from all walks of life into our team and strongly encourage people of color, LGBTQ individuals, veterans, and people with disabilities to apply.

Priority deadline for applications is February 13, 2026. Due to the volume of incoming applications, the role may be closed earlier than February 13, 2026.

Job Summary

With limited oversight, assess and maintain all aspects of IT security for the Aquarium. Define security standards and exceptions, lead DR (Disaster Recovery) and IR (Incident Response), and serve as the primary owner of our managed SOC/SIEM and annual internal/external penetration tests, including use-case tuning and remediation tracking. Establish the security roadmap, processes, and KPIs, brief leadership, and ensure compliance with CPRA/CCPA, PCI DSS, and applicable breach-notification and privacy obligations. Protect data and systems across corporate IT, M365/Azure cloud/AWS, and OT/ICS environments (including life-support and facilities). Partner with Legal, HR, Finance, Facilities, and IT to embed “secure-by-design” across projects and vendors. Perform other duties as assigned.

This is a hybrid role, so the candidate must live within commuting distance of the aquarium to fulfill the on-site requirements of the job.

Core Activities

• Detection engineering & SOC management - Identify detection rules (e.g., SIEM rule tuning, playbooks, etc.) in collaboration with the managed SOC, reduce false positives, and drive mean-time-to-detect/respond improvements.
• Identity & access management - Review and confirm SSO/MFA, Conditional Access, least-privilege, and PAM, conduct quarterly access audits on significant platforms such as AD, HR, and Finance systems.
• OT/ICS security - Review and confirm network segmentation security, staff/vendor remote access, ensure monitoring capabilities are not hindered by any security rules, tools, implementations, and create incident runbooks with Facilities/Animal Care/Life Support.
• Cloud & M365 security posture - Create standards and processes for the administration of Defender (EDR/XDR), Purview/DLP, Entra ID, Secure Score, CIS baselines, and Conditional Access. Establish standards and processes for administering AWS.
• Data protection & privacy - Establish Data Classification standards, encryption (at rest/in transit), DLP requirements, retention/disposal implementation and enforcement; partner with Legal on PIAs.
• Vulnerability management - Set scanning cadence, patch SLAs, exceptions, risk acceptance, and verify pen-test remediations.
• Vendor & third-party risk - Review DPAs/Contracts/cybersecurity questionnaires and suggest language changes to reflect internal security requirements.
• Application Security/Software Development Life Cycle reviews - Threat model new apps/integrations, review data flows, authorization, and logging.
• Email security & awareness - Configure and maintain DMARC/SPF/DKIM, phishing simulations, targeted training based on failure cohorts.
• Write technical and functional documents and reports; maintain documentation on security tools and controls. This can include how-tos, infographics, whitepapers, processes and procedures, workflows, Visio diagrams, etc.
• Incident response leadership & tabletops - Lead incidents, coordinate response, forensics triage, post-mortems, and improvements.
• Resilience & ransomware readiness - Coordinate backup/restore testing, RTO/RPO validation, and DR exercises with the T&I Operations team.
• Metrics & reporting - Create and deliver monthly KPIs (e.g., MTTD/MTTR, patch compliance, phishing fail rate, control coverage) for leadership.
  
  

Preferred Knowledge, Skills & Abilities (KSAs)

• BS/BA in Computer Science, or equivalent combination of education, training, and experience
• 7 years’ experience in the IT Security field in an equivalent/similar position
• Knowledge of, and experience working in ITIL, CoBIT, NIST, CISA, CIS, and similar security platforms and IT Governance frameworks
• Knowledge of SIEM & detection engineering, tuning, rule writing, playbooks, case workflow, ATT&CK mapping
• Knowledge of DR (Disaster Recovery) and BC (Business Continuity) best practices, planning, methods, RTO/RPO planning, restore validation, and ransomware playbooks
• Knowledge of data security and data governance, including data governance & privacy, data classification, retention/disposal, encryption, CPRA/CCPA, and breach response basics
• Knowledge of AWS/Microsoft 365/Azure security, IAM, guardrails, logging/monitoring, CIS benchmarks, Entra ID, Conditional Access, Secure Score, Purview DLP/Insider Risk
• Skill in network security, segmentation, firewalls, VPN/Zero Trust, packet capture/Wireshark, DNS/DMARC
• Skill in OT/ICS security, vendor access control, change control, and monitoring constraints in life-support systems
• Skill in risk assessment frameworks, NIST CSF/800-30, CIS Controls; ability to prioritize remediation by impact/likelihood
• Skill in balancing sufficient security measures while maintaining ease of use for your customers
• Ability to build metrics & executive communication, build KPIs, brief leadership/board, write clear policies/processes/SOPs/standards
• Ability to work independently, exercise good judgment, and make data-driven decisions
• Ability to learn and research new concepts, ideas, and technologies, and stay current on the latest threats and risks to the organization and the tools necessary to protect the organization
• Ability to learn, comply, and remain current on federal and state privacy laws and policies, as well as compliance requirements.
• Ability to maintain confidentiality
• Ability to work within and maintain Monterey Bay Aquarium’s Core Values
  
  

Physical Requirements To Perform Essential Job Functions

• Typical office equipment
• Constant sitting, standing, walking, bending
• Occasional unassisted lifting up to 50 lbs
• Typical office environment, all aquarium sites, occasional off-site events and collaboration
  
  

Annual Compensation Range

$107,500-$137,000 USD annually. Starting rate will vary based on previous experience and relevant skills/knowledge set.

Equal Opportunity Employer

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.Education

Preferred: Technical/other training

Preferred: Bachelors

PDN-a0a888ec-6785-4284-8196-821949b1b9f5