Information Technology Security Officer - City of Carson, CA : Job Details

Salary : $12,140.27 - $15,494.27 MonthlyLocation : CITY OF CARSON, CAJob Type: FULL-TIMEJob Number: 2400105Department: INFORMATION TECHNOLOGY & SECURITYOpening Date: 10/29/2024THE POSITIONThe Information Technology position is an on-site job, which means it requires you to work from our office location. Remote work is not available for this role. The schedule for this position is a 4/10 work schedule, which means you will work four days a week, ten hours each day. This allows for a three-day weekend every week, providing you with a great work-life balance.Job Summary:The purpose of this classification is to ensure the security operation of the City's data, computer systems, servers, and network connections. Employees in this classification are responsible for developing, planning, organizing, managing, implementing, maintaining, and performing cybersecurity risk analysis of systems; scrutinizing network traffic; establishing vulnerability scans; checking server and firewall logs; conducting user activity audits, and troubleshooting, as well as also analyzing and resolving security breaches and vulnerability issues in a timely and efficient manner This position will assist with developing IT security policies. Work is performed under general direction of the Director of Information and Technology with considerable latitude for the use of initiative and independent judgment. ESSENTIAL DUTIES Essential Duties and Responsibilities:(These functions are representative and may not be present in all positions in the class. Management reserves the right to add, modify, change or rescind related duties and work assignments.)

• Plans, organizes, manages, and participates in the development, implementation, and monitoring of the City's information security programs, information technology risk management programs, and information security policies; supervises and reviews the work of professionals and serves as a subject matter expert in information security.
• Develops and executes a cyber security strategy that is aligned with internal stakeholders, organizational priorities, facilitates city operations, and meets industry standards.
• Directs and participates in the identification of security risks, development and implementation of security management practices, and the measurement and monitoring of security protection measures.
• Ensures compliance with regulatory requirements such as Criminal Justice Information Services (CJIS), Payment Card Industry Data Security Standards (PCI), Health Insurance Portability and Accountability Act (HIPAA), California Privacy Protection Agency, and federal, state, and local laws.
• Monitors agency infrastructure, devices, and information systems for security integrity; provides planning and guidance to information technology staff on vulnerability management and security incident response procedures.
• Oversees portfolio of cyber risk and security applications and procedures, implements new security processes and related technologies to ensure a continuous improvement of the City's cyber security posture.
• Oversees assigned staff in performing their responsibilities and provides guidance as necessary.
• Analyzes information, situations, problems, policies, and procedures to identify, recommend, and implement solutions systemically.
• Formulates, recommends, and executes enterprise-wide policies and procedures for detecting, deterring, and mitigating information security threats.
• Serves as a subject matter expert and internal consultant on data security implications for proposed information technology projects and programs and makes recommendations to align new technologies to security standards.
• Prepares oral and written reports for executive leadership, the City Manager's Office, and City Council.
• Develops cyber security, cyber risk, and security awareness training programs for City staff; monitors training effectiveness by documenting and reporting data point trends on user awareness and vulnerability assessments.
• Builds and maintains positive relationships with City stakeholders.
• Attends City/Industry-related functions.
• Performs other duties as required

QUALIFICATIONS Qualification Guidelines:A typical way to obtain the requisite qualifications to perform the duties of this class is as follows:Education and/or Experience:Option A:Bachelor's degree in Business Administration, Computer Information Systems, Information Technology or closely related field from an accredited college or university and five (5) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment. Option BMaster's degree in Computer Science or closely related field is highly desirable from an accredited college or university and four (4) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment. Knowledge of:

• Computers and Electronics: Electric circuit boards, processors, chips, and computer hardware and software
• Principles, methods, and practices of systems/network administration and maintenance.
• Agency policies and procedures and practices regarding data security.
• Network security design principles, practices, and related tools and software.

Skills and/or Ability to:

• Ability to objectively assess situations or circumstances using all the relevant information, apply experience, evaluate the problem objectively, calculate risks, and make an ethical and informed decision.
• Manage the performance of staff by coaching for performance.
• Motivating, developing, and directing people as they work.
• Acknowledge, value and support diversity of thought, opinion and approach with customers and colleagues regardless of background, culture and organizational level.
• Execute work that adheres to the City's stated principles of Diversity, Equity, and Inclusion including, but not limited to, your duty to act to ensure fair and equitable treatment of all persons and historically underrepresented groups.
• Fostering an inclusive and supportive environment in which everyone in the City has an opportunity to thrive.
• Incorporating an equity perspective to day-to-day work in all responsibilities, decisions and actions of providing public service.
• Effectively communicating information and ideas in writing, as well as through speech, so others will understand.
• Persuasion: Convincing others to approach things differently.
• Working independently and with minimal supervision.
• Speech recognition: Identifying and understanding the speech of another person.
• Project analysis; weighing the costs/benefits of a potential action.

License and/or Certificate:Possession of a valid California Class C driver's license. Employees in this classification will be enrolled in the Department of Motor Vehicles (DMV) Government Employer Pull Notice Program which confirms possession of a valid driver's license and reflects driving record.Possession of at least one of the following certifications is required:Certification as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Certified Information Security Manager (CISM), Certified Risk and Information Systems Control (CRISC), or equivalent information security certification. WORKING CONDITIONS Physical Requirements and Working Conditions:Employee accommodation(s) for physical or mental disabilities will be considered on a case-by-case basis. Positions in this class normally:

• Require vision (which may be corrected) to read small print.
• Require mobility of arms to reach and dexterity of hands to grasp and manipulate small objects.
• Perform work which is primarily sedentary.
• Is subject to the internal environmental conditions of modern and aged public buildings, facilities and physical structures and HVAC systems.
• May be required to work at a computer terminal for prolonged periods.
• May be required to work evenings and/or weekends.

RECRUITMENT PROCESSApplications will be screened and evaluated for relevant training and experience. Applications must be complete, and include any and all required documents. Only those applicants determined to be among the most qualified may be invited to participate in the recruitment process, which will consist of the following sections:

• Oral exam, weighted 100%

The Human Resources Department reserves the right to adjust, modify, delete and/or change the above exam types and/or weights. Supplemental questionnaires are used to evaluate applicant's indicated abilities with the ideal candidate profile. Applicants must achieve a cut-off score of 70% or above on written, performance and oral exams to be placed on the eligibility list. Passing any/all of the examination sections does not guarantee an invitation to the selection interview. The Human Resources Department reserves the right to invite those amongst the highest scoring to the next phase of the recruitment.Revisions to a testing component during a recruitment process can be made at the discretion of the Human Resources Department. Applicants will be notified by email if a revision is made. An eligibility list will be established in accordance with the City's Personnel Rules, Rule VI, Employment List Procedures. OTHER INFORMATION:The City of Carson is an Equal Opportunity Employer. Special assistance with the application and examination process is available, upon request, for persons with disabilities. Call Human Resources for assistance at (310) ###-####.APPOINTMENT:Any offer of employment, or acceptance of an employment offer, is contingent upon passing live scan, background check and other tests. All new employees are required to take a loyalty oath.The provisions of this bulletin do not constitute an expressed or implied contract. Any provisions contained herein may be modified or revoked without notice. All statements made on the job application are subject to investigation and/or verification. Inaccurate and/or false statements will be cause for disqualification, removal from the eligibility list or discharge from employment.IMPORTANT NOTICE: THIS POSITION IS OPEN CURRENT CITY OF CARSON EMPLOYEES:Please do not use your City of Carson email address as part of this application. You must indicate a personal email address in order to receive communications and/or notices from Human Resources throughout the recruitment process. For more information, please click on the link below.01 1. The following supplemental questions will be used to assist us in screening your application. You are required to answer each of the following questions truthfully and completely. This questionnaire will be used to determine if you meet the minimum qualifications for this job. Your responses to this questionnaire may also be used to evaluate your qualifications beyond the minimum requirements, as part of the application screening process. As such, please take the time necessary to answer the questions thoroughly. Applications submitted without a completed supplemental questionnaire, or those that say see resume or application, may not be considered. It is imperative that your responses to the questionnaire provide a true and accurate reflection of your background. Additionally, your answers MUST be supported by the information you have entered in your general application. Responses which cannot be substantiated by information contained in your application will be deemed invalid. Falsification, exaggeration and misrepresentation will result in your disqualification. Your responses will be evaluated as submitted. Do you agree to answer the following questions truthfully and completely AND understand that falsification or overstatement of your qualifications is grounds for disqualification of your application?

• Yes
• No

02 Which one of the following statements best describes the highest education you earned?Please note: Proof of education (AA degree or higher) must be attached at the time of submission with your application.

• I earned a high school/GED certificate.
• I earned an Associates degree.
• I earned a Bachelor's degree.
• I earned a Master's/Graduate degree.

03 Do you possess any of the following certifications? (Please check all that apply)

• Certified Information Security Manager (CISM)
• Certified Information System Security Professional (CISSP)
• Global Information Assurance Certification (GIAC)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Computer Hacking Forensic Investigator (CHFI)
• Certified Risk and Information System Control (CRISC)

04 Indicate your full-time professional experience in computer security administration, including contingency planning, security frameworks, and cybersecurity toolsets.

• No Experience
• Less than 2 years
• 2 to 3 years
• 3 to 5 years
• More than 5 years

05 Do you have experience in design, implementation and operational support of cybersecurity governance solutions, tools, technologies and processes?

• Yes
• No

06 Please describe your experience, agency in which you performed related tasks, and your specific role. 07 Did you submit all of the required documents?

• Yes
• No

Required Question