State of California
Information Security Analyst
State of California, Sacramento, California, United States, 95828
This position is located in the city of Sacramento .
Under the general direction of the Information Technology Manager I, Information Security Office (ISO) in the Information Technology Services Division (ITSD), the Information Technology Specialist I performs duties in support of the Department of Rehabilitation's (DOR) Information Security and Privacy Programs. In this capacity, the incumbent acts as a lead on complex information security and privacy activities, works independently as a technical specialist, and is part of a team that develops and maintains the Department's ISO and Privacy policies and procedures. Maintains and conducts security awareness training and risk assessments. Responds to and investigates security and privacy incidents that threaten the confidentiality, integrity, and availability of DOR's information assets. This position requires strong organizational skills, knowledge of State and Federal security requirements, experience performing risk analysis and management, ability to identify and respond to threats, and the ability to investigate security and privacy incidents. The incumbent must possess strong written and verbal communication skills and knowledge of State and departmental administrative processes.
Under Government Code 14200, this position is a hybrid, in-office/telework position, and may be subject to change. Incumbent must live and work in California. Incumbent can be required to report to the office, or any designated location at any time. Telework agreements can be modified and/or cancelled at any time.
Multiple vacancies may exist .
Essential Functions Security Incidents: Investigate, report, and resolve information security incidents, including: investigate, contain, and mitigate incidents; coordinate with stakeholders when incidents occur; maintain consistency with response plans; and report events using established criteria. Communicate recovery activities to internal stakeholders, executive staff, and management teams, while ensuring the impact of the incident is understood. Incorporate lessons learned and update strategies, as needed. Develop, maintain, and periodically test department response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery, Technology recovery plan and Disaster Recovery).
Audits and Analyses: Protect DOR's network assets by researching emerging threats, reviewing firewall log files, intrusion detection and prevention logs, and system event logs. Manage the department security information event management system (SIEM) by triaging alerts, performing threat hunts, configuring detection rules, and documenting procedures. Perform network vulnerability assessments and routine audits of hardware and software to identify security gaps and risks. Establish and manage a baseline of network operations and expected data flows for users and systems to support in the detection of security incidents. Establish incident alert thresholds to detect and analyze events to better understand attack targets, methods, and impact of those events. Monitor the network's physical environment, personnel activity, and external service provider activity to detect potential cybersecurity events, including identification of unauthorized individuals, connections, devices, and software. Maintain detection processes and procedures by verifying adequate identification of anomalous events. Review and respond to advisory notifications from the Multi-State Information Sharing and Analysis Center, including other security organizations, and determine appropriate action.
Security Policy, Standards and Procedures: In collaboration with the ISO, develop and maintain DOR information security and privacy policy, ensuring security and privacy roles and responsibilities are identified, coordinated, and aligned with internal roles and external partners. Support the Risk Manager in maintaining the department risk management program by gathering information from business units, creating reports, and enforcing security controls. Ensure legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed. Enforce a minimum level of security across the organization via a baseline configuration of IT/industrial control systems. Verify all users, including privileged users, third-party stakeholders (e.g., suppliers, customers, and partners), senior executives, and physical and information security personnel understand their role and responsibilities. Provide input and deliver information security training to departmental staff.
You will find additional information about the job in the Duty Statement .
Minimum Requirements
You will find the Minimum Requirements in the Class Specification. INFORMATION TECHNOLOGY SPECIALIST I Additional Documents
Job Application Package Checklist Duty Statement Position Details
Job Code #: JC-489486
Position #(s): 813-008-1402-014
Working Title: Information Security Analyst
Classification: INFORMATION TECHNOLOGY SPECIALIST I $6,513.00 - $8,729.00 A $7,163.00 - $9,599.00 B $7,864.00 - $10,537.00 C New to State candidates will be hired into the minimum salary of the classification or minimum of alternate range when applicable.
# of Positions: Multiple
Work Location: Sacramento County
Telework: Hybrid
Job Type: Permanent, Full Time
Department Information If you are interested in becoming a part of a diverse and inclusive workforce where talent, experience, and expertise are valued, the Department of Rehabilitation (DOR) invites you to apply for this employment opportunity.
Join us in our Sacramento location within walking distance of Golden 1 Center, Downtown Commons (DOCO), State Capitol Park, the American River, seasonal farmers markets, public transportation, and a large variety of shopping locations and eateries. If you strive to make a difference, we invite you to seek a career with DOR!
DOR administers the largest vocational rehabilitation program in the country. We have a three-pronged mission to provide services and advocacy that assist people with disabilities to live independently, become employed and have equality in the communities in which they live and work. DOR provides consultation, counseling, and vocational rehabilitation, and works with community partners to assist the consumers we serve.
DOR is committed to recruiting and retaining a talented and skilled workforce that reflects the diversity of communities that exist in California and values fairness and inclusion. Diversity encompasses characteristics including, but not limited to, race, color, ethnicity, national origin, language, religion, age, disability, sexual orientation, gender, gender identity and expression, socioeconomic status, veteran status, criminal history, and family structures.
Our work at DOR is guided by the following core values:
We believe in the talent and potential of individuals with disabilities. We invest in the future through creativity, ingenuity, and innovation. We ensure our decisions and actions are informed by interested individuals and groups. We pursue excellence through continuous improvement. We preserve the public's trust through compassionate and responsible provision of services.
VISION STATEMENT:
Employment, independence, and equality for all Californians with disabilities.
MISSION STATEMENT:
DOR works in partnership with consumers and other stakeholders to provide services and advocacy resulting in employment, independent living, and equality for individuals with disabilities.
People with disabilities are encouraged to apply.
Department Website: http://www.dor.ca.gov
Special Requirements If mailing in an application, include JC#489486 on your State Application (STD678) in the "Examination(s) or Job Title(s) for which you are applying" section found under the "Questions" tab of your CalCareer application template . Applicants who do not submit the required information may not be considered for this job.
It is a requirement to submit work experience, dates, and hours worked, contact names and phone numbers of supervisors on the state application in order of current and old work experience. Resumes or other documents cannot substitute a state application. Applicants who fail to submit a completed STD.678 may not be considered.
Do not submit any document(s) with your social security number on it Do not submit your exam result(s) along with your application. Do not submit the "Equal Employment Opportunity" questionnaire (page 5) with your completed application. This page is for examination use only.
Upon hire, applicant may be required to provide copies of transcripts or diploma.
Statement of Qualifications: APPLICATIONS RECEIVED WITHOUT A STATEMENT OF QUALIFICATIONS (SOQ) WILL NOT BE CONSIDERED. NOTE: Resumes, cover letters, and other materials will not be accepted in place of the required SOQ.
• Applicant must answer the questions listed below in numerical order. • SOQ shall not exceed One page in length, single-spaced, 12 point Arial font, and be in justified paragraph format. • The document shall be titled "Statement of Qualifications - (Your Full Name)." • When completing the SOQ, please include all relevant experience, education, and training for the statement below.
1. Explain a complex security incident you investigated. What tools and methodologies did you use, and how did you communicate your findings to stakeholders?
2. Reflect on a mistake or oversight you made in a security-related task. What did you learn from the experience, and did it change your approach to the task?
Application Instructions Completed applications and all required documents must be received or postmarked by the Final Filing Date in order to be considered. Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application. Final Filing Date: 8/31/2025 Who May Apply Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply.
Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process. Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).
How To Apply Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at www.CalCareers.ca.gov. When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:
Address for Mailing Application Packages
You may submit your application and any applicable or required documents to:
Department of Rehabilitation N/A Attn: Personnel Unit#008, PAS-250346/JC-489486 721 Capitol Mall
Sacramento , CA 95814
Address for Drop-Off Application Packages
You may drop off your application and any applicable or required documents at:
Department of Rehabilitation N/A Personnel Unit#008, PAS-250346/JC-489486 721 Capitol Mall
Sacramento , CA 95814
08:00 AM - 05:00 PM
Required Application Package Documents
The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:
Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at www.CalCareers.ca.gov. All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position. Resume is optional. It may be included, but is not required. Statement of Qualifications - Please see Special Requirements for instructions.
Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.
Desirable Qualifications
In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:
Benefits There are many benefits to joining our team! We offer competitive pay, advancement opportunities, upward mobility, work-life-balance, and for many positions, flexible hours and remote work options. The State of California offers a competitive and comprehensive benefits package, subject to eligibility, such as:
Pension through CALPERS Medical Benefits, including health , dental , and vision insurance Medical benefits into retirement Deferred Compensation options: 401k and 457b Leave benefit options (Vacation/Sick or Annual Leave) Paid Holidays ScholarShare (College Saving Account) Pre-Tax Parking Commute Program School Loan forgiveness under the federal Public Service Loan Forgiveness Disability Insurance Programs Alternate Work Schedules Employee Assistance Program Employee Wellness Services
For the latest information on the attractive benefits offered by the state of California, explore the Health Benefits Summary provided by CalHR .
Contact Information The Hiring Unit Contact is available to answer questions regarding the position or application process. Department Website: http://www.dor.ca.gov Hiring Unit Contact: Jessica Cervantes (916) 558-5628 Jessica.Cervantes@dor.ca.gov
Please direct requests for Reasonable Accommodations to the interview scheduler at the time the interview is being scheduled. You may direct any additional questions regarding Reasonable Accommodations or Equal Employment Opportunity for this position(s) to the Department's EEO Office. EEO Contact: Office of Civil Rights (916) 558-5850 Civil.Rights@dor.ca.gov California Relay Service: 1-800-735-2929 (TTY), 1-800-735-2922 (Voice) TTY is a Telecommunications Device for the Deaf, and is reachable only from phones equipped with a TTY Device.
Examination Information To o tain list eligibility for the Information Technology Specialist I position(s), you must first take the online exam :
https://www.calcareers.ca.gov/CalHrPublic/Exams/ExamBulletin.aspx?ExamControlId=1750
Equal Opportunity Employer The State of California is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.
It is an objective of the State of California to achieve a drug-free work place. Any applicant for state employment will be expected to behave in accordance with this objective because the use of illegal drugs is inconsistent with the law of the State, the rules governing Civil Service, and the special trust placed in public servants.
Under the general direction of the Information Technology Manager I, Information Security Office (ISO) in the Information Technology Services Division (ITSD), the Information Technology Specialist I performs duties in support of the Department of Rehabilitation's (DOR) Information Security and Privacy Programs. In this capacity, the incumbent acts as a lead on complex information security and privacy activities, works independently as a technical specialist, and is part of a team that develops and maintains the Department's ISO and Privacy policies and procedures. Maintains and conducts security awareness training and risk assessments. Responds to and investigates security and privacy incidents that threaten the confidentiality, integrity, and availability of DOR's information assets. This position requires strong organizational skills, knowledge of State and Federal security requirements, experience performing risk analysis and management, ability to identify and respond to threats, and the ability to investigate security and privacy incidents. The incumbent must possess strong written and verbal communication skills and knowledge of State and departmental administrative processes.
Under Government Code 14200, this position is a hybrid, in-office/telework position, and may be subject to change. Incumbent must live and work in California. Incumbent can be required to report to the office, or any designated location at any time. Telework agreements can be modified and/or cancelled at any time.
Multiple vacancies may exist .
Essential Functions Security Incidents: Investigate, report, and resolve information security incidents, including: investigate, contain, and mitigate incidents; coordinate with stakeholders when incidents occur; maintain consistency with response plans; and report events using established criteria. Communicate recovery activities to internal stakeholders, executive staff, and management teams, while ensuring the impact of the incident is understood. Incorporate lessons learned and update strategies, as needed. Develop, maintain, and periodically test department response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery, Technology recovery plan and Disaster Recovery).
Audits and Analyses: Protect DOR's network assets by researching emerging threats, reviewing firewall log files, intrusion detection and prevention logs, and system event logs. Manage the department security information event management system (SIEM) by triaging alerts, performing threat hunts, configuring detection rules, and documenting procedures. Perform network vulnerability assessments and routine audits of hardware and software to identify security gaps and risks. Establish and manage a baseline of network operations and expected data flows for users and systems to support in the detection of security incidents. Establish incident alert thresholds to detect and analyze events to better understand attack targets, methods, and impact of those events. Monitor the network's physical environment, personnel activity, and external service provider activity to detect potential cybersecurity events, including identification of unauthorized individuals, connections, devices, and software. Maintain detection processes and procedures by verifying adequate identification of anomalous events. Review and respond to advisory notifications from the Multi-State Information Sharing and Analysis Center, including other security organizations, and determine appropriate action.
Security Policy, Standards and Procedures: In collaboration with the ISO, develop and maintain DOR information security and privacy policy, ensuring security and privacy roles and responsibilities are identified, coordinated, and aligned with internal roles and external partners. Support the Risk Manager in maintaining the department risk management program by gathering information from business units, creating reports, and enforcing security controls. Ensure legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed. Enforce a minimum level of security across the organization via a baseline configuration of IT/industrial control systems. Verify all users, including privileged users, third-party stakeholders (e.g., suppliers, customers, and partners), senior executives, and physical and information security personnel understand their role and responsibilities. Provide input and deliver information security training to departmental staff.
You will find additional information about the job in the Duty Statement .
Minimum Requirements
You will find the Minimum Requirements in the Class Specification. INFORMATION TECHNOLOGY SPECIALIST I Additional Documents
Job Application Package Checklist Duty Statement Position Details
Job Code #: JC-489486
Position #(s): 813-008-1402-014
Working Title: Information Security Analyst
Classification: INFORMATION TECHNOLOGY SPECIALIST I $6,513.00 - $8,729.00 A $7,163.00 - $9,599.00 B $7,864.00 - $10,537.00 C New to State candidates will be hired into the minimum salary of the classification or minimum of alternate range when applicable.
# of Positions: Multiple
Work Location: Sacramento County
Telework: Hybrid
Job Type: Permanent, Full Time
Department Information If you are interested in becoming a part of a diverse and inclusive workforce where talent, experience, and expertise are valued, the Department of Rehabilitation (DOR) invites you to apply for this employment opportunity.
Join us in our Sacramento location within walking distance of Golden 1 Center, Downtown Commons (DOCO), State Capitol Park, the American River, seasonal farmers markets, public transportation, and a large variety of shopping locations and eateries. If you strive to make a difference, we invite you to seek a career with DOR!
DOR administers the largest vocational rehabilitation program in the country. We have a three-pronged mission to provide services and advocacy that assist people with disabilities to live independently, become employed and have equality in the communities in which they live and work. DOR provides consultation, counseling, and vocational rehabilitation, and works with community partners to assist the consumers we serve.
DOR is committed to recruiting and retaining a talented and skilled workforce that reflects the diversity of communities that exist in California and values fairness and inclusion. Diversity encompasses characteristics including, but not limited to, race, color, ethnicity, national origin, language, religion, age, disability, sexual orientation, gender, gender identity and expression, socioeconomic status, veteran status, criminal history, and family structures.
Our work at DOR is guided by the following core values:
We believe in the talent and potential of individuals with disabilities. We invest in the future through creativity, ingenuity, and innovation. We ensure our decisions and actions are informed by interested individuals and groups. We pursue excellence through continuous improvement. We preserve the public's trust through compassionate and responsible provision of services.
VISION STATEMENT:
Employment, independence, and equality for all Californians with disabilities.
MISSION STATEMENT:
DOR works in partnership with consumers and other stakeholders to provide services and advocacy resulting in employment, independent living, and equality for individuals with disabilities.
People with disabilities are encouraged to apply.
Department Website: http://www.dor.ca.gov
Special Requirements If mailing in an application, include JC#489486 on your State Application (STD678) in the "Examination(s) or Job Title(s) for which you are applying" section found under the "Questions" tab of your CalCareer application template . Applicants who do not submit the required information may not be considered for this job.
It is a requirement to submit work experience, dates, and hours worked, contact names and phone numbers of supervisors on the state application in order of current and old work experience. Resumes or other documents cannot substitute a state application. Applicants who fail to submit a completed STD.678 may not be considered.
Do not submit any document(s) with your social security number on it Do not submit your exam result(s) along with your application. Do not submit the "Equal Employment Opportunity" questionnaire (page 5) with your completed application. This page is for examination use only.
Upon hire, applicant may be required to provide copies of transcripts or diploma.
Statement of Qualifications: APPLICATIONS RECEIVED WITHOUT A STATEMENT OF QUALIFICATIONS (SOQ) WILL NOT BE CONSIDERED. NOTE: Resumes, cover letters, and other materials will not be accepted in place of the required SOQ.
• Applicant must answer the questions listed below in numerical order. • SOQ shall not exceed One page in length, single-spaced, 12 point Arial font, and be in justified paragraph format. • The document shall be titled "Statement of Qualifications - (Your Full Name)." • When completing the SOQ, please include all relevant experience, education, and training for the statement below.
1. Explain a complex security incident you investigated. What tools and methodologies did you use, and how did you communicate your findings to stakeholders?
2. Reflect on a mistake or oversight you made in a security-related task. What did you learn from the experience, and did it change your approach to the task?
Application Instructions Completed applications and all required documents must be received or postmarked by the Final Filing Date in order to be considered. Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application. Final Filing Date: 8/31/2025 Who May Apply Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply.
Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process. Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).
How To Apply Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at www.CalCareers.ca.gov. When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:
Address for Mailing Application Packages
You may submit your application and any applicable or required documents to:
Department of Rehabilitation N/A Attn: Personnel Unit#008, PAS-250346/JC-489486 721 Capitol Mall
Sacramento , CA 95814
Address for Drop-Off Application Packages
You may drop off your application and any applicable or required documents at:
Department of Rehabilitation N/A Personnel Unit#008, PAS-250346/JC-489486 721 Capitol Mall
Sacramento , CA 95814
08:00 AM - 05:00 PM
Required Application Package Documents
The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:
Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at www.CalCareers.ca.gov. All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position. Resume is optional. It may be included, but is not required. Statement of Qualifications - Please see Special Requirements for instructions.
Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.
Desirable Qualifications
In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:
Benefits There are many benefits to joining our team! We offer competitive pay, advancement opportunities, upward mobility, work-life-balance, and for many positions, flexible hours and remote work options. The State of California offers a competitive and comprehensive benefits package, subject to eligibility, such as:
Pension through CALPERS Medical Benefits, including health , dental , and vision insurance Medical benefits into retirement Deferred Compensation options: 401k and 457b Leave benefit options (Vacation/Sick or Annual Leave) Paid Holidays ScholarShare (College Saving Account) Pre-Tax Parking Commute Program School Loan forgiveness under the federal Public Service Loan Forgiveness Disability Insurance Programs Alternate Work Schedules Employee Assistance Program Employee Wellness Services
For the latest information on the attractive benefits offered by the state of California, explore the Health Benefits Summary provided by CalHR .
Contact Information The Hiring Unit Contact is available to answer questions regarding the position or application process. Department Website: http://www.dor.ca.gov Hiring Unit Contact: Jessica Cervantes (916) 558-5628 Jessica.Cervantes@dor.ca.gov
Please direct requests for Reasonable Accommodations to the interview scheduler at the time the interview is being scheduled. You may direct any additional questions regarding Reasonable Accommodations or Equal Employment Opportunity for this position(s) to the Department's EEO Office. EEO Contact: Office of Civil Rights (916) 558-5850 Civil.Rights@dor.ca.gov California Relay Service: 1-800-735-2929 (TTY), 1-800-735-2922 (Voice) TTY is a Telecommunications Device for the Deaf, and is reachable only from phones equipped with a TTY Device.
Examination Information To o tain list eligibility for the Information Technology Specialist I position(s), you must first take the online exam :
https://www.calcareers.ca.gov/CalHrPublic/Exams/ExamBulletin.aspx?ExamControlId=1750
Equal Opportunity Employer The State of California is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.
It is an objective of the State of California to achieve a drug-free work place. Any applicant for state employment will be expected to behave in accordance with this objective because the use of illegal drugs is inconsistent with the law of the State, the rules governing Civil Service, and the special trust placed in public servants.