The Junior Security Analyst supports cybersecurity initiatives by monitoring security alerts, implementing SIEM solutions, deploying security hardware, and documenting responses.
About Nava
Nava is a consultancy and public benefit corporation working to make government services simple and effective. Since 2015, federal, state, and local agencies have trusted Nava to help solve highly scrutinized technology modernization challenges.
As a client services company, we guide agencies constrained by legacy systems to a future with sharp user experiences built on secure, reliable, fault-tolerant cloud infrastructure. We bill for our time, offering our expertise and problem-solving approach to help our government partners enhance their digital products and services. People are at the heart of our work, from members of the public who rely on benefit programs to government agency staff. Through human-centered design and modern engineering best practices, we help our government partners understand user needs and deliver on their missions more effectively. This focus gives everyone at Nava the opportunity to do work that is meaningful, impactful, and deeply connected to public good.
Position summary
The Junior Security Analyst will play a critical role in Nava PBC’s Information Technology department, supporting the organization’s cybersecurity initiatives. The primary focus will be assisting with deploying security hardware, implementing advanced monitoring systems, and responding to security alerts. This role involves working with tools like CrowdStrike and hardware security keys to enhance the company’s endpoint protection and centralized security monitoring capabilities.
What you'll do
- Incident Monitoring and Response
- Review alerts from the SIEM platform and CrowdStrike modules to identify and triage potential security incidents
- Escalate critical security events to senior team members for immediate response
- Contribute to post-incident reviews, documenting incident timelines, and remediation actions
- Continuously update knowledge of CrowdStrike services and security trends to improve detection capabilities
- Recommend and improve the overall security position of the organization
- SIEM Solution Implementation and Support
- Assist in configuring CrowdStrike modules and integrating them with the chosen SIEM platform
- Validate log sources from endpoints, firewalls, and other security systems, ensuring complete data ingestion
- Develop and test custom correlation rules to identify threats and anomalies in the organization’s environment
- Collaborate with Crowdstrike analysts to create and fine-tune alert thresholds to minimize false positives
- Hardware Security Key Deployment
- Inventory existing endpoint devices and verify compatibility with hardware security key solutions
- Configure and register hardware security keys with employee accounts using CrowdStrike or other integrated systems
- Develop training materials and assist in training employees on hardware security key use and troubleshooting through documentation and virtual support
- Monitor and document the deployment process, identifying and addressing implementation challenges
- Provide ongoing support and escalate unresolved issues to senior IT staff
- Documentation and Reporting
- Prepare deployment and operational documentation for the YubiKey rollout and SIEM implementation
- Compile weekly reports on security incidents, deployment progress, and system health metrics
- Assist in creating user-friendly guides and FAQs for end users regarding security solutions
- Update and maintain incident response and system configuration documentation
- Internal Tools Support
- Identify and document all existing API integrations, including data flows, endpoints, and authentication methods
- Assist in configuring secure API connections using tokens, certificates, or other authentication mechanisms as required
- Participate in testing and validation of API integrations to ensure functionality and compliance with security requirements
- Update documentation and maintain inventories of API credentials, integration details, and associated security controls
- Collaborate with engineering and IT teams to troubleshoot API issues and implement security improvements
Required skills
- Familiarity with endpoint security tools like CrowdStrike Falcon or similar platforms
- Understanding of multi-factor authentication (MFA) methods and tools, such as YubiKey
- Basic knowledge of Security Information and Event Management (SIEM) solutions
- Strong analytical and problem-solving skills
- Effective written and verbal communication, especially in technical documentation
Other requirements
All roles at Nava require the following:
Legal authorization to work in the United States
Ability to meet any other requirements for government contracts for which candidates are hired
Work authorization that doesn’t require visa sponsorship, now or in the future
May be subject to a government background check or security clearance, depending on the contract
Perks working with Nava
Health coverage — comprehensive medical, dental, and vision plans to support your overall health needs
Insurance coverage — Nava provides disability, life, and accidental death insurance at no cost
Time off — vacation, holidays (including Juneteenth), and floating holidays to rest and recharge
Company holidays — enjoy 12 paid federal holidays each year on top of your regular PTO
Annual bonus — when Nava meets its goals, eligible employees receive a performance-based annual bonus
Parental leave — paid time off for new parents, plus weekly meals delivered to your home
Wellness program — full platform offering physical, mental, & emotional health resources & support tools
Virtual care — see doctors online with no copay through UnitedHealthcare’s virtual visit program
Sabbatical leave — earn extended paid leave after continuous service for personal growth or rest
401(k) match — Nava matches 4% of your salary to support your retirement savings plan
Flexible work — remote-first environment with flexibility built around your schedule and responsibilities
Home office setup — company laptop & setup assistance provided via Staples for remote work needs
Utility support — monthly reimbursement to help offset eligible home office utility expenses
Learning opportunities — internal training programs and resources to help grow your professional skills
Development opportunities — LinkedIn Learning access & an annual allowance for courses, tuition, & certs
Referral bonus — get rewarded when you refer great people who join the Nava team
Commuter benefits — pre-tax commuter programs to support in-office travel when applicable
Supportive culture — A collaborative and remote-friendly team environment where people genuinely care
Location
We have fully remote options if you reside in one of the following states:
Alabama, Arizona, California, Colorado, DC, Florida, Georgia, Illinois, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Missouri, Nevada, North Carolina, New Jersey, New York, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, Texas, Tennessee, Utah, Virginia, Washington, Wisconsin
*If you are not living in one of the states listed above, unfortunately, you will not be considered for a position at this time.
Stay in touch
Sign up for our newsletter to find out about career opportunities, new partnerships, and news from the broader civic tech community.
Please contact the recruiting team at [email protected] if you would like to request reasonable accommodation during the application or interviewing process.
We participate in E-Verify. Upon hire, we will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. This role requires you to work from the contiguous United States.
Top Skills
APIs
Crowdstrike
SIEM
Yubikey
Similar Jobs
Artificial Intelligence • eCommerce • Information Technology • Internet of Things • Automation
The Marketing BI Analyst will provide data and analytics support for marketing, build KPIs, automate reporting, and collaborate with teams to influence marketing strategy through data-driven insights.
Top Skills:
Adobe AnalyticsAWSAzureEmrGCPHadoopHiveMapreducePower BIPythonSparkSQL
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
As a Staff Product Designer, you'll lead design strategy, collaborate with teams, engage directly with customers, and shape product experiences across various industries.
Top Skills:
Ai ToolsFigma
Productivity • Sales • Software
The Sales Manager will lead a team focused on the monday Dev product, coaching staff and driving sales for an Agile software solution.
Top Skills:
Agile DevelopmentSaaS
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
