Cyber Security Risk Analyst Jobs in California (NOW HIRING)

CYBER SECURITY MANAGER

The Organization

North Los Angeles County Regional Center “NLACRC” is a private, non-profit agency that is contracted with the State of California, Department of Developmental Services, to provide services to individuals with intellectual and developmental disabilities. NLACRC is one of the largest regional centers in California and has proudly served the San Fernando Valley, Santa Clarita Valley, and Antelope Valley since 1974. We serve individuals across the lifespan from infants and toddlers, school age children, transition-age youth, to adults and aging adults.

Scope

The Cybersecurity Manager leads the organization’s enterprise information security program, ensuring the confidentiality, integrity, and availability of critical information assets. This role is responsible for defining and executing cybersecurity strategy, governance, risk management, and compliance initiatives aligned with regulatory requirements and organizational objectives.

Partnering closely with IT leadership, the Cybersecurity Manager drives the development and maturity of security frameworks, policies, and incident response capabilities while embedding security into all technology operations and business processes.

This role serves as the primary authority on cybersecurity risk and controls, providing oversight, guidance, and approval for security decisions across systems, networks, and cloud environments.

Supervision

Receives general supervision from the IT Director and other members of the IT Department.

The Position and Job Summary

(These are examples of the types of duties that may be performed. Additional duties may be added, and some tasks will be completed as needed.)

1. Cybersecurity Strategy & Program Leadership

• Lead and evolve the enterprise cybersecurity program aligned with business goals and risk tolerance
• Develop and manage a multi-year cybersecurity roadmap with measurable outcomes
• Report cybersecurity posture, risks, and maturity to executive leadership
• Establish KPIs/KRIs to track program effectiveness

1. Governance, Risk & Compliance (GRC)

• Own and maintain the Information Security Management System (ISMS) aligned with ISO 27001
• Lead ISO 27001 certification readiness, audits, and continuous improvement
• Oversee HITRUST and HIPAA compliance, ensuring audit readiness and control effectiveness
• Conduct enterprise risk assessments and manage remediation lifecycle
• Develop and enforce security policies, standards, and procedures

1. Security Architecture & Microsoft Security Ecosystem

• Drive improvements in Microsoft Secure Score and security posture
• Oversee security across:

• Identity (Entra ID / Azure AD)
• Endpoint (Defender)
• Email & Collaboration (M365 Security)
• Cloud Security (Azure Security)

• Govern Microsoft Purview for data protection, DLP, and compliance

1. Security Operations & Incident Management

• Provide oversight for:

• Vulnerability management
• Threat detection and monitoring
• Incident response and escalation
• Lead incident investigations and root cause analysis (RCA)
• Ensure security is integrated into:
• System design
• Change management
• Infrastructure standards

1. Vendor Risk & Audit Management

• Manage third-party cybersecurity risk assessments
• Lead external audits, penetration testing, and compliance reviews
• Act as the primary liaison for auditors, regulators, and stakeholders
• Coordinate remediation across business and IT teams

1. Leadership & Organizational Enablement

• Lead, mentor, and develop cybersecurity team members
• Drive security awareness and training programs across the organization
• Support budgeting, vendor selection, and strategic investments
• Foster a culture of security accountability

Employment Standards

• Executive-level communication and stakeholder engagement
• Strategic thinking and risk-based decision making
• Deep understanding of regulatory environments (HIPAA, HITRUST, ISO)
• Strong leadership and cross-functional collaboration
• Ability to translate technical risk into business impact

Education & Experience

• Bachelor’s degree in IT, Computer Science, or related field
• 7+ years in cybersecurity, risk, or information security (healthcare preferred)
• 4+ years of leadership experience managing teams and programs
• 5+ years of hands-on HIPAA compliance experience

Preferred Certifications

• CISSP, CISM, CRISC, HCISPP
• Microsoft Azure / Security certifications

Essential Requirements

A valid California Driver's License and transportation, or acceptable substitute, may be required based on assigned duties.

NLACRC Offers an Excellent Benefits Package

We offer employees a variety of health and dental plans:

• Health Insurance - NLACRC pays the full cost of coverage for certain Medical plans for employee only. We also provide a generous contribution to additional plans that the employee may select for employee only or employee and dependents costs.
• Dental Insurance – NLACRC pays the full cost of the Dental DMO Plan for employees and eligible dependents. We also offer a Dental PPO plan with a low employee monthly contribution for employees and eligible dependents
• Pre-Tax Flexible Spending Account for eligible health care expenses
• Pre-Tax Dependent Care Flexible Spending Account for eligible dependent care expenses
• No cost Life, Accidental Death & Disability, Long Term Disability Insurance for employees
• No cost Vision plan for employees and eligible dependents
• Retirement plan - NLACRC is a member of CalPERS which is a defined benefit plan that provides a monthly retirement allowance for eligible employees
• NLACRC offers two (2) deferred compensation plans - 457 and 403(b)
• Participate in the Public Service Loan Forgiveness program
• Paid Time Off – Eligible for 3 weeks of accrued vacation in the first year, 8 hours per month sick time, education, wellness, and sabbatical time
• Holidays – NLACRC offers 12 paid holidays throughout the year
• Most positions are offered a hybrid – remote option

Please note that benefit costs are pro-rated for part-time employees.

Professional Development Opportunities & Growth

NLACRC values the professional development of staff! Variety of career paths for entry-level management positions for those seeking leadership opportunities in the social services field.

Diversity, Equity, and Inclusion

At NLACRC, we value and celebrate diversity! In September 2021, NLACRC launched an initiative to enhance and strengthen our commitment to diversity and belonging.

Compensation

Annual Salary Range: $133,000.14 - $168,000.00.

NLACRC is an equal opportunity employer. Further, NLARC will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.