IT Security Analyst Sr.

At the Monterey Bay Aquarium we are passionate about creating an inclusive workplace that celebrates and values diversity. We firmly believe that having a team of diverse backgrounds and voices working together increases our capacity to serve our visitors and fulfill our mission. We welcome people from all walks of life into our team and strongly encourage people of color LGBTQ individuals veterans and people with disabilities to apply.

Priority deadline for applications is January 9 2026. Were sharing this role ahead of the holidays to give candidates time to apply while our Talent Acquisition team will be out for the holidays from December 24 to January 9. Applications will be reviewed once the team has returned to work and interviews are expected to begin shortly after.

Job Summary:

With limited oversight assess and maintain all aspects of IT security for the Aquarium. Define security standards and exceptions lead DR (Disaster Recovery) and IR (Incident Response) and serve as the primary owner of our managed SOC/SIEM and annual internal/external penetration tests including use-case tuning and remediation tracking. Establish the security roadmap processes and KPIs brief leadership and ensure compliance with CPRA/CCPA PCI DSS and applicable breach-notification and privacy obligations. Protect data and systems across corporate IT M365/Azure cloud/AWS and OT/ICS environments (including life-support and facilities). Partner with Legal HR Finance Facilities and IT to embed secure-by-design across projects and vendors. Perform other duties as assigned.

This is a hybrid role so the candidate must live within commuting distance of the aquarium to fulfill the on-site requirements of the job.

Core Activities:

• Detection engineering & SOC management Identify detection rules (e.g. SIEM rule tuning playbooks etc.) in collaboration with the managed SOC reduce false positives and drive mean-time-to-detect/respond improvements.
• Identity & access management Review and confirm SSO/MFA Conditional Access least-privilege and PAM conduct quarterly access audits on significant platforms such as AD HR and Finance systems.
• OT/ICS security Review and confirm network segmentation security staff/vendor remote access ensure monitoring capabilities are not hindered by any security rules tools implementations and create incident runbooks with Facilities/Animal Care/Life Support.
• Cloud & M365 security posture Create standards and processes for the administration of Defender (EDR/XDR) Purview/DLP Entra ID Secure Score CIS baselines and Conditional Access. Establish standards and processes for administering AWS.
• Data protection & privacy Establish Data Classification standards encryption (at rest/in transit) DLP requirements retention/disposal implementation and enforcement; partner with Legal on PIAs.
• Vulnerability management Set scanning cadence patch SLAs exceptions risk acceptance and verify pen-test remediations.
• Vendor & third-party risk Review DPAs/Contracts/cybersecurity questionnaires and suggest language changes to reflect internal security requirements.
• Application Security/Software Development Life Cycle reviews Threat model new apps/integrations review data flows authorization and logging.
• Email security & awareness Configure and maintain DMARC/SPF/DKIM phishing simulations targeted training based on failure cohorts.
• Write technical and functional documents and reports; maintain documentation on security tools and controls. This can include how-tos infographics whitepapers processes and procedures workflows Visio diagrams etc.
• Incident response leadership & tabletops Lead incidents coordinate response forensics triage post-mortems and improvements.
• Resilience & ransomware readiness Coordinate backup/restore testing RTO/RPO validation and DR exercises with the T&I Operations team.
• Metrics & reporting Create and deliver monthly KPIs (e.g. MTTD/MTTR patch compliance phishing fail rate control coverage) for leadership.

Preferred Knowledge Skills & Abilities (KSAs):

• BS/BA in Computer Science or equivalent combination of education training and experience
• 7 years experience in the IT Security field in an equivalent/similar position
• Knowledge of and experience working in ITIL CoBIT NIST CISA CIS and similar security platforms and IT Governance frameworks
• Knowledge of SIEM & detection engineering tuning rule writing playbooks case workflow ATT&CK mapping
• Knowledge of DR (Disaster Recovery) and BC (Business Continuity) best practices planning methods RTO/RPO planning restore validation and ransomware playbooks
• Knowledge of data security and data governance including data governance & privacy data classification retention/disposal encryption CPRA/CCPA and breach response basics
• Knowledge of AWS/Microsoft 365/Azure security IAM guardrails logging/monitoring CIS benchmarks Entra ID Conditional Access Secure Score Purview DLP/Insider Risk
• Skill in network security segmentation firewalls VPN/Zero Trust packet capture/Wireshark DNS/DMARC
• Skill in OT/ICS security vendor access control change control and monitoring constraints in life-support systems
• Skill in risk assessment frameworks NIST CSF/800-30 CIS Controls; ability to prioritize remediation by impact/likelihood
• Skill in balancing sufficient security measures while maintaining ease of use for your customers
• Ability to build metrics & executive communication build KPIs brief leadership/board write clear policies/processes/SOPs/standards
• Ability to work independently exercise good judgment and make data-driven decisions
• Ability to learn and research new concepts ideas and technologies and stay current on the latest threats and risks to the organization and the tools necessary to protect the organization
• Ability to learn comply and remain current on federal and state privacy laws and policies as well as compliance requirements.
• Ability to maintain confidentiality
• Ability to work within and maintain Monterey Bay Aquariums Core Values

Physical Requirements to Perform Essential Job Functions:

• Typical office equipment
• Constant sitting standing walking bending
• Occasional unassisted lifting up to 50 lbs

• Typical office environment all aquarium sites occasional off-site events and collaboration

Annual Compensation Range:

$107500-$137000 USD annually. Starting rate will vary based on previous experience and relevant skills/knowledge set.

Required Experience:

Senior IC