Cal State University (CSU) San Francisco
1600 Holloway Avenue, San Francisco, CA 94132, USA
Working Title Information Security Officer Administrator Level (for MPP positions only) This position is an Administrator III in the California State University Management Personnel Plan (MPP), reporting to the AVP and Chief Information Officer of Information Technology Services SF State University San Francisco State is an Equal Opportunity Employer and does not discriminate against persons on the basis of race, religion, color, ancestry, age, disability, genetic information, gender, gender identity, gender expression, marital status, medical condition, National origin, sex, sexual orientation, covered veteran status, or any other protected status. Reasonable accommodations will be provided for qualified applicants with disabilities who self-disclose by contacting the Senior Human Resources Manager. Applicants may visit titleix.sfsu.edu for more information on SF State's policy prohibiting discrimination, and how to file an online report using the procedures under Executive Order 1096 Revised. Inquiries can be directed to the campus Title IX Coordinator and Discrimination, Harassment, and Retaliation Administrator by calling (415) 338-2032 or emailing vpsaem@sfsu.edu. San Francisco State is a 100% Smoke/Vapor-Free Campus. Smoking or Vaping of any tobacco/plant-based substance is not permitted on any University properties. The person holding this position may be considered a "mandated reporter" under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment. This position may be a "designated position" in the California State University's Conflict of Interest Code. The successful candidate accepting this position may be required to file Conflict of Interest forms subject to the regulations of the Fair Political Practices Commission. Department Information Technology Services Appointment Type At-Will Time Base Full-Time Work Schedule Monday through Friday; from 8:00 am to 5:00 pm Anticipated Hiring Range $12,915.00 - $13,500.00 Per Month ($154,980.00 - $162,000.00 Annually) Salary is commensurate with experience. Position Summary Under the general direction of the AVP and Chief Information Officer (CIO) and coordinating with the other Directors/Managers in Information Technology Services (ITS), the Director of Information Security and Information Security Officer (ISO) will coordinate and lead the Information Security Team at SF State. The incumbent will act as the SF State’s information security and privacy representative with respect to inquiries from customers, partners, and the public regarding SF State’s information security and privacy strategy; act as liaison to law enforcement agencies while pursuing the sources of network attacks and information thefts; balance security needs with the SF State’s strategic business plan, identify risk factors, and determine solutions to both; develop security and privacy policies and procedures that provide adequate business application protection without interfering with core business requirements; plan and test responses to security breaches, including the discussion of the event with customers, partners, or the public; oversee the selection, testing, configuration, deployment, and maintenance of security products; oversee a staff of employees responsible for security operations. Position Information Information Security Operation Manage an information security operational program that contains administrative, technical and physical safeguards designed to protect SF State information assets Document, and provide direction for mitigation of incidents involving SF State information assets Manage, develop and present security awareness training programs Manage incidents involving SF State information assets Facilitate and direct a campus vulnerability management program; manage and oversee the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the enterprise environment Provide regular executive level status reports on campus breaches, incidents, compliance, and other information security metrics Work with campus leadership, Enterprise Risk Management, and legal counsel to provide primary lead activities in supporting CO and campus litigation processes, forensic activities, eDiscovery and security audits Plan, manage, and coordinate information security and privacy risk assessments; identify, track, and report issues and concerns to management; develop guidelines to ensure SF State business processes address information security and privacy risks; develop, implement and enforce information security requirements and solutions in collaboration with ITS and Chancellor’s Office Information Security Advisory Council (ISAC); lead in the development/adoption and enforcement of information security policies, procedures and standards; conduct and complete a periodic review of required regulations and reports; manage 3 rd party information security risks Serve as primary liaison with various University departments, including but not limited to Department of Public Safety, Audit and Advisory Services, Enrollment Management, Human Resources, Enterprise Risk Management, University Counsel, Dean of Students, and Fiscal Affairs; advise and train on campus-wide security related issues/processes; serve as liaison with other campus ISOs, the Chancellor's Office and outside auditors and organizations related to information security and privacy issues; facilitate campus stakeholder meetings to ensure campus alignment on information security and privacy matters Oversee and/or assist in performing on-going security monitoring of organization information systems Manage and provide technical leadership of information security projects Manage day-to-day information security operations; assist with oversight of change requests and attend change management meetings Perform other duties or special projected as assigned Information Security Strategy Manage and provide leadership in the administration of the information security and privacy program strategy and governance Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention Develop and document procedures to comply with applicable laws, regulations, and CSU policies governing information security and privacy protection, as well as serve as the primary point of contact and liaison for the Governance, Risk, and Compliance system Suggest and lead in the development of risk management strategies to identify and mitigate threats and vulnerabilities to information assets Lead the development of, and management of the information security plan that contains safeguards designed to protect SF State information assets Refine and develop, as necessary, new campus policies, standards and procedures governing information security and privacy protection that align with and support the SF State plan and strategy Minimum Qualifications Bachelor's degree in Information Technology or similar degree (or equivalent combination of education and experience) required; Seven to ten years in progressively responsible IT roles, including enterprise-level support, information security or related field Project management experience with demonstrated success in leading complex IT projects in non-profit/higher education environment preferred Demonstrated excellent collaborative, management, leadership, communication and presentation skills Extensive knowledge related to experience with security incident response planning and resolution Demonstrated ability to develop and communicate effective recommendations for securing information assets to executives, management, and staff Demonstrated knowledge of underlying technologies (i.e. databases, operating systems, applications, networks, security and hardware) A working knowledge of information security practices and concepts including: access controls and identity management, risk management, ISO 27001/27002 standards, security information and event management (SIEM), and security operations Extensive experience with policy development, procurement contract negotiation and information security awareness and training Must be detailed and a logical thinker with Strong problem-solving, leadership, team building, and organizational skills Ability to motivate team members Must be self-motivated and maintain positive and effective working relationships Preferred Qualifications Advanced degree is highly desirable Certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Technology Infrastructure Library (ITIL) Foundation are desirable Certifications such as Certified Privacy Program Manager (CIPM) or Project Management Professional (PMP) are beneficial Experience with cyber security frameworks such as ISO 27000, NIST 800 Experience with the following security or privacy compliance programs: PCI-DSS, HIPAA, GDPR, GLBA, and FERPA is desirable May need to work weekend and/or early morning / night hours for special projects or on-call Pre-Employment Requirements This position requires the successful completion of a background check. Eligibility to Work Applicants must be able to provide proof of US Citizenship or authorization to work in the United States, within three business days from their date of hire. Benefits Threaded through our Total Compensation package is a commitment to Bridging Life's Transitions. SF State is committed to providing our employees with a comprehensive program that rewards efforts that are appreciated by your colleagues, students and the customers we serve. We offer a competitive compensation package that includes Medical, Dental, Vision, Pension, 401k, Healthcare Savings Account, Life Insurance, Disability Insurance, Vacation and Sick Leave as well as State Holidays and a dynamic Fee Waiver program, all geared towards the University's commitment to attract, motivate and retain our employee. CSUEU Position (For CSUEU Positions Only) Eligible and qualified on-campus applicants, currently in bargaining units 2, 5, 7, and 9 are given hiring preference. Additional Information SF STATE IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (i.e. H1-B VISAS). Thank you for your interest in employment with California State University (CSU). CSU is a state entity whose business operations reside within the State of California. Because of this, CSU prohibits hiring employees to perform CSU-related work outside of California with very limited exception. While this position may be eligible for occasional telework, all work is expected to be performed in the state of California, and this position is assigned to on-campus operations. CSU strongly encourages faculty, staff, and students who are accessing campus facilities to be immunized against COVID-19 or declare a medical or religious exemption from doing so. Any candidates advanced in a currently open search process are encouraged to comply with this requirement. The systemwide policy can be found at https://calstate.policystat.com/policy/9779821/latest/ and questions may be sent to hrwww@campus.edu. The Human Resources office is open Mondays through Fridays from 8 a.m. to 5 p.m., and can be reached at (415) 338-1872. Please note that this position, position requirements, application deadline and/or any other component of this position is subject to change or cancellation at any time. Advertised: Feb 20 2024 Pacific Standard Time Applications close: Closing Date/Time:
Mar 07, 2024
Working Title Information Security Officer Administrator Level (for MPP positions only) This position is an Administrator III in the California State University Management Personnel Plan (MPP), reporting to the AVP and Chief Information Officer of Information Technology Services SF State University San Francisco State is an Equal Opportunity Employer and does not discriminate against persons on the basis of race, religion, color, ancestry, age, disability, genetic information, gender, gender identity, gender expression, marital status, medical condition, National origin, sex, sexual orientation, covered veteran status, or any other protected status. Reasonable accommodations will be provided for qualified applicants with disabilities who self-disclose by contacting the Senior Human Resources Manager. Applicants may visit titleix.sfsu.edu for more information on SF State's policy prohibiting discrimination, and how to file an online report using the procedures under Executive Order 1096 Revised. Inquiries can be directed to the campus Title IX Coordinator and Discrimination, Harassment, and Retaliation Administrator by calling (415) 338-2032 or emailing vpsaem@sfsu.edu. San Francisco State is a 100% Smoke/Vapor-Free Campus. Smoking or Vaping of any tobacco/plant-based substance is not permitted on any University properties. The person holding this position may be considered a "mandated reporter" under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment. This position may be a "designated position" in the California State University's Conflict of Interest Code. The successful candidate accepting this position may be required to file Conflict of Interest forms subject to the regulations of the Fair Political Practices Commission. Department Information Technology Services Appointment Type At-Will Time Base Full-Time Work Schedule Monday through Friday; from 8:00 am to 5:00 pm Anticipated Hiring Range $12,915.00 - $13,500.00 Per Month ($154,980.00 - $162,000.00 Annually) Salary is commensurate with experience. Position Summary Under the general direction of the AVP and Chief Information Officer (CIO) and coordinating with the other Directors/Managers in Information Technology Services (ITS), the Director of Information Security and Information Security Officer (ISO) will coordinate and lead the Information Security Team at SF State. The incumbent will act as the SF State’s information security and privacy representative with respect to inquiries from customers, partners, and the public regarding SF State’s information security and privacy strategy; act as liaison to law enforcement agencies while pursuing the sources of network attacks and information thefts; balance security needs with the SF State’s strategic business plan, identify risk factors, and determine solutions to both; develop security and privacy policies and procedures that provide adequate business application protection without interfering with core business requirements; plan and test responses to security breaches, including the discussion of the event with customers, partners, or the public; oversee the selection, testing, configuration, deployment, and maintenance of security products; oversee a staff of employees responsible for security operations. Position Information Information Security Operation Manage an information security operational program that contains administrative, technical and physical safeguards designed to protect SF State information assets Document, and provide direction for mitigation of incidents involving SF State information assets Manage, develop and present security awareness training programs Manage incidents involving SF State information assets Facilitate and direct a campus vulnerability management program; manage and oversee the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the enterprise environment Provide regular executive level status reports on campus breaches, incidents, compliance, and other information security metrics Work with campus leadership, Enterprise Risk Management, and legal counsel to provide primary lead activities in supporting CO and campus litigation processes, forensic activities, eDiscovery and security audits Plan, manage, and coordinate information security and privacy risk assessments; identify, track, and report issues and concerns to management; develop guidelines to ensure SF State business processes address information security and privacy risks; develop, implement and enforce information security requirements and solutions in collaboration with ITS and Chancellor’s Office Information Security Advisory Council (ISAC); lead in the development/adoption and enforcement of information security policies, procedures and standards; conduct and complete a periodic review of required regulations and reports; manage 3 rd party information security risks Serve as primary liaison with various University departments, including but not limited to Department of Public Safety, Audit and Advisory Services, Enrollment Management, Human Resources, Enterprise Risk Management, University Counsel, Dean of Students, and Fiscal Affairs; advise and train on campus-wide security related issues/processes; serve as liaison with other campus ISOs, the Chancellor's Office and outside auditors and organizations related to information security and privacy issues; facilitate campus stakeholder meetings to ensure campus alignment on information security and privacy matters Oversee and/or assist in performing on-going security monitoring of organization information systems Manage and provide technical leadership of information security projects Manage day-to-day information security operations; assist with oversight of change requests and attend change management meetings Perform other duties or special projected as assigned Information Security Strategy Manage and provide leadership in the administration of the information security and privacy program strategy and governance Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention Develop and document procedures to comply with applicable laws, regulations, and CSU policies governing information security and privacy protection, as well as serve as the primary point of contact and liaison for the Governance, Risk, and Compliance system Suggest and lead in the development of risk management strategies to identify and mitigate threats and vulnerabilities to information assets Lead the development of, and management of the information security plan that contains safeguards designed to protect SF State information assets Refine and develop, as necessary, new campus policies, standards and procedures governing information security and privacy protection that align with and support the SF State plan and strategy Minimum Qualifications Bachelor's degree in Information Technology or similar degree (or equivalent combination of education and experience) required; Seven to ten years in progressively responsible IT roles, including enterprise-level support, information security or related field Project management experience with demonstrated success in leading complex IT projects in non-profit/higher education environment preferred Demonstrated excellent collaborative, management, leadership, communication and presentation skills Extensive knowledge related to experience with security incident response planning and resolution Demonstrated ability to develop and communicate effective recommendations for securing information assets to executives, management, and staff Demonstrated knowledge of underlying technologies (i.e. databases, operating systems, applications, networks, security and hardware) A working knowledge of information security practices and concepts including: access controls and identity management, risk management, ISO 27001/27002 standards, security information and event management (SIEM), and security operations Extensive experience with policy development, procurement contract negotiation and information security awareness and training Must be detailed and a logical thinker with Strong problem-solving, leadership, team building, and organizational skills Ability to motivate team members Must be self-motivated and maintain positive and effective working relationships Preferred Qualifications Advanced degree is highly desirable Certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Technology Infrastructure Library (ITIL) Foundation are desirable Certifications such as Certified Privacy Program Manager (CIPM) or Project Management Professional (PMP) are beneficial Experience with cyber security frameworks such as ISO 27000, NIST 800 Experience with the following security or privacy compliance programs: PCI-DSS, HIPAA, GDPR, GLBA, and FERPA is desirable May need to work weekend and/or early morning / night hours for special projects or on-call Pre-Employment Requirements This position requires the successful completion of a background check. Eligibility to Work Applicants must be able to provide proof of US Citizenship or authorization to work in the United States, within three business days from their date of hire. Benefits Threaded through our Total Compensation package is a commitment to Bridging Life's Transitions. SF State is committed to providing our employees with a comprehensive program that rewards efforts that are appreciated by your colleagues, students and the customers we serve. We offer a competitive compensation package that includes Medical, Dental, Vision, Pension, 401k, Healthcare Savings Account, Life Insurance, Disability Insurance, Vacation and Sick Leave as well as State Holidays and a dynamic Fee Waiver program, all geared towards the University's commitment to attract, motivate and retain our employee. CSUEU Position (For CSUEU Positions Only) Eligible and qualified on-campus applicants, currently in bargaining units 2, 5, 7, and 9 are given hiring preference. Additional Information SF STATE IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (i.e. H1-B VISAS). Thank you for your interest in employment with California State University (CSU). CSU is a state entity whose business operations reside within the State of California. Because of this, CSU prohibits hiring employees to perform CSU-related work outside of California with very limited exception. While this position may be eligible for occasional telework, all work is expected to be performed in the state of California, and this position is assigned to on-campus operations. CSU strongly encourages faculty, staff, and students who are accessing campus facilities to be immunized against COVID-19 or declare a medical or religious exemption from doing so. Any candidates advanced in a currently open search process are encouraged to comply with this requirement. The systemwide policy can be found at https://calstate.policystat.com/policy/9779821/latest/ and questions may be sent to hrwww@campus.edu. The Human Resources office is open Mondays through Fridays from 8 a.m. to 5 p.m., and can be reached at (415) 338-1872. Please note that this position, position requirements, application deadline and/or any other component of this position is subject to change or cancellation at any time. Advertised: Feb 20 2024 Pacific Standard Time Applications close: Closing Date/Time:
LOS ANGELES COUNTY
Los Angeles, California, United States
Position/Program Information EXAM NUMBER Q2611A-R APPLICATION FILING PERIOD We will begin receiving applications on Mon da y, April 22, 2024, at 8:00 a.m. (PT). This examination will remain open until the needs of the service are met and is subject to closure without prior notice. TYPE OF RECRUITMENT Open Competitive Job Opportunity SPECIAL SALARY INFORMATION Management Appraisal and Performance Plan (MAPP): This position is subject to the provisions of the County's Management Appraisal of Performance Plan (MAPP) and is compensated at MAPP range S10. Initial salary placement and subsequent salary adjustments will be made in accordance with MAPP guidelines and regulations. CHECK OUT OUR OUTSTANDING BENEFITS! Los Angeles County offers one of the strongest public-sector benefits packages in the nation. Click here to see a list of employee benefits. WHO WE ARE: LA County Library is one of the largest and most innovative public library systems in the United States. It offers free public resources, including books, music, multimedia materials, computers and internet access and educational and recreational services to 3.4 million residents through its 85 libraries and mobile fleet of vehicles. LA County library is dedicated to reducing barriers and increasing equity and access to public services for all. WHO WE ARE LOOKING FOR: LA County Library seeks to attract and retain a high performing and diverse workforce in which employees’ differences are respected and valued to better meet the varying needs of the diverse customers we serve. We are looking for multi-taskers who are able to work independently and as part of a team. Our ideal candidate is someone with an analytical mind and excellent communication skills, who will lead the information security function for LA County Library, as well as develop and deliver a comprehensive departmental information security strategy to optimize the department’s security posture. Essential Job Functions As a Departmental Information Security Officer I, your responsibilities will include, but are not limited to the following: Developing and maintaining the departmental Information Security Program including policies, standards, and procedures; cybersecurity control evaluation, selection, and implementation; and architectures, products and services, pursuant to County Chief Information Office architectures, standards and guidelines, and Board polices and applicable laws. Collaborating with departmental business units to conduct comprehensive information security risk assessments, and participating in regular reviews of security standards, governance, data compliance and privacy management, audit, risk assessments, physical and logical access reviews, risk assessments and data destruction solutions. Conducting vulnerability assessments to identify existing or potential weaknesses in systems and processes that could lead to compromises; facilitating remediation of identified vulnerabilities within processes, systems and applications and coordinating investigations with relevant authorities, including the Countywide Chief Privacy Officer (CPO), Countywide Cybersecurity Incident Response Committee (CCIRC) , Auditor-Controller, and law enforcement agencies as necessary. Leading and conducting routine assessments and periodic inspections of departmental information technology systems to ensure the effectiveness of security controls and recommending appropriate corrective measures to eliminate or mitigate system compromises. Actively participating in federal, State and local audits and reviews for the department. Coordinating the department's information technology-related aspects of annual or biennial Internal Control Certification Program (ICCP) audits. Providing guidance to department management and implementing necessary policies, standards, or controls to address department-specific regulatory and contractual factors. Collaborating with departmental stakeholders to align security posture with business objectives. Collaborating with application and software developers to ensure that production applications comply with established information security policies, standards and business requirements. Facilitating the development and distribution of information security and privacy awareness training and education for departmental employees in cooperation with the Chief Information Security Officer (CISO) and CPO. Promotes Countywide initiatives pertaining to information security and privacy education and awareness programs. Representing the department on County cybersecurity governance bodies, committees and workgroups. Participating in the development, review, and recommendation of Countywide information technology security policies, technical and operational standards, procedures and guidelines. Identifying and recommending industry best practices for cybersecurity, fostering communication and collaboration among County departments on countywide and departmental cybersecurity issues. Serving as a member of the CCIRC. Establishing and leading a Departmental Cybersecurity Emergency Response Team (DCERT). Developing appropriate security incident notification procedures for departmental management, CISO, CPO and CCIRC. Participating in Countywide activities and providing recommendations of software products and controls related to cybersecurity. Collaborating with responsible County entities in the development and implementation of Countywide business continuity and disaster recovery plans to ensure appropriate cybersecurity measures. Liaising between the department and the CPO regarding electronic data and physical records, privacy incident and breach response, privacy audits, and other initiatives pertaining to the County’s privacy program components and related policies. Ensuring proper departmental inventories of information technology assets and software licenses i n collaboration with information technology operations. Reviewing departmental information technology projects and information technology contrac t terms, in conjunction with County Counsel, to ensure information security sufficiency. Participating in the review of information technology facility acquisition, construction, and remodeling projects to ensure adherence to County information security policies, standards, guidelines and industry best practices as needed. Supervising and/or managing subordinate security officers, supervisors and technical staff as needed. Serving as a witness or subject-matter expert (SME) for the department in legal matters concerning cybersecurity as needed. Requirements SELECTION REQUIREMENTS: Graduation from an accredited college or university with a bachelor's* degree or higher in Computer Science, Information Security, Information Assurance, Business Administration, or a related discipline - AND - two (2) years of recent** progressively responsible*** experience in a combination of risk management, information security and cybersecurity roles - AND - two (2) years of recent** experience in Information Technology project management. LICENSE REQUIREMENTS: A valid California Class C Driver's License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions. PHYSICAL EXPECTATIONS: 2 - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved. SPECIAL REQUIREMENT INFORMATION: * In order to receive credit for your education, you must include a legible copy of the official diploma, official transcripts, or official letter from the accredited institution which shows the area of specialization with your application at the time of filing or within seven (7) calendar days from application submission. Note: Foreign studies must be evaluated by an academic credential evaluation agency and deemed to be equivalent to degrees from the United States. (See Accreditation Information under Employment Information). ** Recent experience is defined as experience within the last five (5) years. *** Progressively responsible experience is defined as a significant increase in the complexity and scope of responsibility in IT and systems functions over time. ENDORSEMENT OF COUNTY QUALIFICATIONS: County employees who wish to meet the requirements using out-of-class experience must provide official documentation such as additional responsibility bonus, out-of-class bonus, temporary assignment bonus, or reclassification study from CEO Classification with your application at the time of filing or within seven (7) calendar days from application submission. Employees do not need to submit such verification if they hold or have held a position at an appropriate level. Out-of-class duties should be accurately described in the application work history, and questionable experience will be verified through the departmental HR Manager when necessary. WITHHOLD INFORMATION: No withholds will be allowed for this examination. Required education and experience must be fully met and indicated on the application by the last day of filing. Additional Information OUR ASSESSMENT PROCESS: This examination will consist of TWO (2) parts: Part I: Multiple-choice and/or simulation assessment(s), weighted 45 % , assessing: Deductive Reasoning Professional Potential Achievement Working Relationships Analyzing Information Learning Quickly Generating New Ideas Using Time Efficiently Working to High Quality Standards Adapting to Change Coping with Uncertainty Willingness to Learn Responsibility Candidates must achieve a passing score of 70% or higher on Part I to proceed to Part II of this examination. Part II: Multiple-choice and/or simulation assessment(s), weighted 55 % , assessing: Cyber Risk covering knowledge of Cyber Risk Management, System and Application Security, Network Security, and Security Management; Cloud Computing covering knowledge of Cloud Computing Concepts, Cloud Service Models, Virtualization, and Private Clouds; Systems Analysis covering knowledge of Fundamental Systems Analysis Skills, Implementation and Support, Systems Analysis Tasks, Systems Design Tasks, and technical methods for specifying requirements. MULTIPLE-CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19. Candidates must meet the Selection Requirements and achieve a passing score of 70% or higher on each weighted part of the examination in order to be placed on the Eligible List. TRANSFER OF TEST COMPONENTS: Applicants who have taken identical components recently for other exams may have their scores automatically transferred to this examination. This examination contains test components that may be used in the future for new examinations and your test scores may be transferred. Please add the below email addresses to your email address book and list of approved senders to prevent email notifications from being filtered as spam/junk/clutter mail. JHines@hr.lacounty.gov info@governmentjobs.com talentcentral@shl.com donot-reply@amcatmail.com noreply@proctoru.com TEST PREPARATION: Study guides and other test preparation resources are available to help candidates prepare for employment tests. While the guides will help in preparing for the test, we advise you to review all related materials that you deem necessary. An interactive, Online Test Preparation System for taking practice tests may be accessed on the Department of Human Resources website at http://hr.lacounty.gov/ . Please click on "Find a Job" and then "Job Search Toolkit." Test preparation information is located under the "Employment Test Assistance" section. Additional online practice tests are available at https://www.shldirect.com/en-us/practice-tests / . Please note that these resources are intended to provide general information about the types of tests and assessments used by the County of Los Angeles. These resources do not contain details of the exam nor the specific questions you will be asked to answer during the test administration. The exam content section describes the areas assessed by the test and you are invited to study and review whatever material you believe will help you to prepare. Note: All notifications, including invitation notices, will be sent electronically to the email address provided on the application. Test scores cannot be given over the telephone. ELIGIBILITY INFORMATION: The names of candidates receiving a passing score in the examination will be placed on the eligible list for a period of twelve (12) months. VACANCY INFORMATION: The resulting eligible list will be used to fill a vacancy within the LA County Library. AVAILABLE SHIFT: Any HOW TO APPLY: Applications must be filed online only. We will begin receiving applications on Monday, April 22, 2024, at 8:00 a.m. (PT) . All application must be received BEFORE 5:00 p.m., (PT) on the last day of filing. Applications submitted by U.S. mail, fax, or in person will not be accepted. Apply online by clicking on the green " Apply " button at the top right of this posting. Plan to submit your online application well in advance of the 5:00 p.m. (PT) deadline as you may be required to verify your email address. This only needs to be done once per email address, and if you already have a job seeker account on governmentjobs.com/careers/lacounty , you can verify at any time by logging in and following the prompts. This is to enhance the security of your online application and to ensure you do not enter an incorrect email address. Fill out your application completely. The acceptance of your application depends on whether you have clearly shown that you meet th e Selection Requirements as listed on this job posting. Provide any relevant job experience in the spaces provided so we can evaluate your qualifications for the job. For each job held, give the name and address of your employer, your job title, beginning and ending dates, number of hours worked per week, and description of work performed. If your application is incomplete, it will be rejected. IMPORTANT: Please note that all information included in the application materials is subject to verification at any point during the examination and hiring process, including after an appointment has been made. Falsification of any information may result in disqualification or rescission of appointment . Utilizing verbiage from Class Specification and Selection Requirements serving as your description of duties will not be sufficient to demonstrate that you meet the requirements. Doing so may result in an incomplete application and you may be disqualified. ________________________________________________________________________ ANTI-RACISM, DIVERSITY, AND INCLUSION (ARDI): The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. The Department of Human Resources is committed to promoting Anti-racism, Diversity, and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality, diversity, and inclusion in recruitment, selection, and employment practices. SOCIAL SECURITY NUMBER: Please include your Social Security Number for record control purposes. Federal law requires that all employed persons have a Social Security Number. NO SHARING OF USER ID AND PASSWORD: All applicants must file their application online using their own user ID and password. Using a family member's or friend's user ID and password may erase a candidate's original application record. COMPUTER AND INTERNET ACCESS AT PUBLIC LIBRARIES: For candidates who may not have regular access to a computer or the internet, applications can be completed on computers at public libraries throughout Los Angeles County. Refer to their website for updated information at Library Locator - LA County Library . TESTING ACCOMMODATION: If you require an accommodation to fairly compete in any part of the assessment process, you will be given the opportunity to make a request when completing your application. Please note, you may be required to submit documentation from a qualified medical provider or other qualified professional to support your request for a testing accommodation. Testing Accommodations Coordinator: TestingAccommodations@hr.lacounty.gov Teletype Phone: (800) 735-2929 California Relay Services Phone: (800) 735-2922 Have any questions about anything listed above? Contact us: Department Contact Name: Jasmine Hines Department Contact Phone: (213) 738-2008 Department Contact Email: jhines@hr.lacounty.gov Exam Number: Q2611A-R For detailed information, please click here
Apr 20, 2024
Full Time
Position/Program Information EXAM NUMBER Q2611A-R APPLICATION FILING PERIOD We will begin receiving applications on Mon da y, April 22, 2024, at 8:00 a.m. (PT). This examination will remain open until the needs of the service are met and is subject to closure without prior notice. TYPE OF RECRUITMENT Open Competitive Job Opportunity SPECIAL SALARY INFORMATION Management Appraisal and Performance Plan (MAPP): This position is subject to the provisions of the County's Management Appraisal of Performance Plan (MAPP) and is compensated at MAPP range S10. Initial salary placement and subsequent salary adjustments will be made in accordance with MAPP guidelines and regulations. CHECK OUT OUR OUTSTANDING BENEFITS! Los Angeles County offers one of the strongest public-sector benefits packages in the nation. Click here to see a list of employee benefits. WHO WE ARE: LA County Library is one of the largest and most innovative public library systems in the United States. It offers free public resources, including books, music, multimedia materials, computers and internet access and educational and recreational services to 3.4 million residents through its 85 libraries and mobile fleet of vehicles. LA County library is dedicated to reducing barriers and increasing equity and access to public services for all. WHO WE ARE LOOKING FOR: LA County Library seeks to attract and retain a high performing and diverse workforce in which employees’ differences are respected and valued to better meet the varying needs of the diverse customers we serve. We are looking for multi-taskers who are able to work independently and as part of a team. Our ideal candidate is someone with an analytical mind and excellent communication skills, who will lead the information security function for LA County Library, as well as develop and deliver a comprehensive departmental information security strategy to optimize the department’s security posture. Essential Job Functions As a Departmental Information Security Officer I, your responsibilities will include, but are not limited to the following: Developing and maintaining the departmental Information Security Program including policies, standards, and procedures; cybersecurity control evaluation, selection, and implementation; and architectures, products and services, pursuant to County Chief Information Office architectures, standards and guidelines, and Board polices and applicable laws. Collaborating with departmental business units to conduct comprehensive information security risk assessments, and participating in regular reviews of security standards, governance, data compliance and privacy management, audit, risk assessments, physical and logical access reviews, risk assessments and data destruction solutions. Conducting vulnerability assessments to identify existing or potential weaknesses in systems and processes that could lead to compromises; facilitating remediation of identified vulnerabilities within processes, systems and applications and coordinating investigations with relevant authorities, including the Countywide Chief Privacy Officer (CPO), Countywide Cybersecurity Incident Response Committee (CCIRC) , Auditor-Controller, and law enforcement agencies as necessary. Leading and conducting routine assessments and periodic inspections of departmental information technology systems to ensure the effectiveness of security controls and recommending appropriate corrective measures to eliminate or mitigate system compromises. Actively participating in federal, State and local audits and reviews for the department. Coordinating the department's information technology-related aspects of annual or biennial Internal Control Certification Program (ICCP) audits. Providing guidance to department management and implementing necessary policies, standards, or controls to address department-specific regulatory and contractual factors. Collaborating with departmental stakeholders to align security posture with business objectives. Collaborating with application and software developers to ensure that production applications comply with established information security policies, standards and business requirements. Facilitating the development and distribution of information security and privacy awareness training and education for departmental employees in cooperation with the Chief Information Security Officer (CISO) and CPO. Promotes Countywide initiatives pertaining to information security and privacy education and awareness programs. Representing the department on County cybersecurity governance bodies, committees and workgroups. Participating in the development, review, and recommendation of Countywide information technology security policies, technical and operational standards, procedures and guidelines. Identifying and recommending industry best practices for cybersecurity, fostering communication and collaboration among County departments on countywide and departmental cybersecurity issues. Serving as a member of the CCIRC. Establishing and leading a Departmental Cybersecurity Emergency Response Team (DCERT). Developing appropriate security incident notification procedures for departmental management, CISO, CPO and CCIRC. Participating in Countywide activities and providing recommendations of software products and controls related to cybersecurity. Collaborating with responsible County entities in the development and implementation of Countywide business continuity and disaster recovery plans to ensure appropriate cybersecurity measures. Liaising between the department and the CPO regarding electronic data and physical records, privacy incident and breach response, privacy audits, and other initiatives pertaining to the County’s privacy program components and related policies. Ensuring proper departmental inventories of information technology assets and software licenses i n collaboration with information technology operations. Reviewing departmental information technology projects and information technology contrac t terms, in conjunction with County Counsel, to ensure information security sufficiency. Participating in the review of information technology facility acquisition, construction, and remodeling projects to ensure adherence to County information security policies, standards, guidelines and industry best practices as needed. Supervising and/or managing subordinate security officers, supervisors and technical staff as needed. Serving as a witness or subject-matter expert (SME) for the department in legal matters concerning cybersecurity as needed. Requirements SELECTION REQUIREMENTS: Graduation from an accredited college or university with a bachelor's* degree or higher in Computer Science, Information Security, Information Assurance, Business Administration, or a related discipline - AND - two (2) years of recent** progressively responsible*** experience in a combination of risk management, information security and cybersecurity roles - AND - two (2) years of recent** experience in Information Technology project management. LICENSE REQUIREMENTS: A valid California Class C Driver's License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions. PHYSICAL EXPECTATIONS: 2 - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved. SPECIAL REQUIREMENT INFORMATION: * In order to receive credit for your education, you must include a legible copy of the official diploma, official transcripts, or official letter from the accredited institution which shows the area of specialization with your application at the time of filing or within seven (7) calendar days from application submission. Note: Foreign studies must be evaluated by an academic credential evaluation agency and deemed to be equivalent to degrees from the United States. (See Accreditation Information under Employment Information). ** Recent experience is defined as experience within the last five (5) years. *** Progressively responsible experience is defined as a significant increase in the complexity and scope of responsibility in IT and systems functions over time. ENDORSEMENT OF COUNTY QUALIFICATIONS: County employees who wish to meet the requirements using out-of-class experience must provide official documentation such as additional responsibility bonus, out-of-class bonus, temporary assignment bonus, or reclassification study from CEO Classification with your application at the time of filing or within seven (7) calendar days from application submission. Employees do not need to submit such verification if they hold or have held a position at an appropriate level. Out-of-class duties should be accurately described in the application work history, and questionable experience will be verified through the departmental HR Manager when necessary. WITHHOLD INFORMATION: No withholds will be allowed for this examination. Required education and experience must be fully met and indicated on the application by the last day of filing. Additional Information OUR ASSESSMENT PROCESS: This examination will consist of TWO (2) parts: Part I: Multiple-choice and/or simulation assessment(s), weighted 45 % , assessing: Deductive Reasoning Professional Potential Achievement Working Relationships Analyzing Information Learning Quickly Generating New Ideas Using Time Efficiently Working to High Quality Standards Adapting to Change Coping with Uncertainty Willingness to Learn Responsibility Candidates must achieve a passing score of 70% or higher on Part I to proceed to Part II of this examination. Part II: Multiple-choice and/or simulation assessment(s), weighted 55 % , assessing: Cyber Risk covering knowledge of Cyber Risk Management, System and Application Security, Network Security, and Security Management; Cloud Computing covering knowledge of Cloud Computing Concepts, Cloud Service Models, Virtualization, and Private Clouds; Systems Analysis covering knowledge of Fundamental Systems Analysis Skills, Implementation and Support, Systems Analysis Tasks, Systems Design Tasks, and technical methods for specifying requirements. MULTIPLE-CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19. Candidates must meet the Selection Requirements and achieve a passing score of 70% or higher on each weighted part of the examination in order to be placed on the Eligible List. TRANSFER OF TEST COMPONENTS: Applicants who have taken identical components recently for other exams may have their scores automatically transferred to this examination. This examination contains test components that may be used in the future for new examinations and your test scores may be transferred. Please add the below email addresses to your email address book and list of approved senders to prevent email notifications from being filtered as spam/junk/clutter mail. JHines@hr.lacounty.gov info@governmentjobs.com talentcentral@shl.com donot-reply@amcatmail.com noreply@proctoru.com TEST PREPARATION: Study guides and other test preparation resources are available to help candidates prepare for employment tests. While the guides will help in preparing for the test, we advise you to review all related materials that you deem necessary. An interactive, Online Test Preparation System for taking practice tests may be accessed on the Department of Human Resources website at http://hr.lacounty.gov/ . Please click on "Find a Job" and then "Job Search Toolkit." Test preparation information is located under the "Employment Test Assistance" section. Additional online practice tests are available at https://www.shldirect.com/en-us/practice-tests / . Please note that these resources are intended to provide general information about the types of tests and assessments used by the County of Los Angeles. These resources do not contain details of the exam nor the specific questions you will be asked to answer during the test administration. The exam content section describes the areas assessed by the test and you are invited to study and review whatever material you believe will help you to prepare. Note: All notifications, including invitation notices, will be sent electronically to the email address provided on the application. Test scores cannot be given over the telephone. ELIGIBILITY INFORMATION: The names of candidates receiving a passing score in the examination will be placed on the eligible list for a period of twelve (12) months. VACANCY INFORMATION: The resulting eligible list will be used to fill a vacancy within the LA County Library. AVAILABLE SHIFT: Any HOW TO APPLY: Applications must be filed online only. We will begin receiving applications on Monday, April 22, 2024, at 8:00 a.m. (PT) . All application must be received BEFORE 5:00 p.m., (PT) on the last day of filing. Applications submitted by U.S. mail, fax, or in person will not be accepted. Apply online by clicking on the green " Apply " button at the top right of this posting. Plan to submit your online application well in advance of the 5:00 p.m. (PT) deadline as you may be required to verify your email address. This only needs to be done once per email address, and if you already have a job seeker account on governmentjobs.com/careers/lacounty , you can verify at any time by logging in and following the prompts. This is to enhance the security of your online application and to ensure you do not enter an incorrect email address. Fill out your application completely. The acceptance of your application depends on whether you have clearly shown that you meet th e Selection Requirements as listed on this job posting. Provide any relevant job experience in the spaces provided so we can evaluate your qualifications for the job. For each job held, give the name and address of your employer, your job title, beginning and ending dates, number of hours worked per week, and description of work performed. If your application is incomplete, it will be rejected. IMPORTANT: Please note that all information included in the application materials is subject to verification at any point during the examination and hiring process, including after an appointment has been made. Falsification of any information may result in disqualification or rescission of appointment . Utilizing verbiage from Class Specification and Selection Requirements serving as your description of duties will not be sufficient to demonstrate that you meet the requirements. Doing so may result in an incomplete application and you may be disqualified. ________________________________________________________________________ ANTI-RACISM, DIVERSITY, AND INCLUSION (ARDI): The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. The Department of Human Resources is committed to promoting Anti-racism, Diversity, and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality, diversity, and inclusion in recruitment, selection, and employment practices. SOCIAL SECURITY NUMBER: Please include your Social Security Number for record control purposes. Federal law requires that all employed persons have a Social Security Number. NO SHARING OF USER ID AND PASSWORD: All applicants must file their application online using their own user ID and password. Using a family member's or friend's user ID and password may erase a candidate's original application record. COMPUTER AND INTERNET ACCESS AT PUBLIC LIBRARIES: For candidates who may not have regular access to a computer or the internet, applications can be completed on computers at public libraries throughout Los Angeles County. Refer to their website for updated information at Library Locator - LA County Library . TESTING ACCOMMODATION: If you require an accommodation to fairly compete in any part of the assessment process, you will be given the opportunity to make a request when completing your application. Please note, you may be required to submit documentation from a qualified medical provider or other qualified professional to support your request for a testing accommodation. Testing Accommodations Coordinator: TestingAccommodations@hr.lacounty.gov Teletype Phone: (800) 735-2929 California Relay Services Phone: (800) 735-2922 Have any questions about anything listed above? Contact us: Department Contact Name: Jasmine Hines Department Contact Phone: (213) 738-2008 Department Contact Email: jhines@hr.lacounty.gov Exam Number: Q2611A-R For detailed information, please click here
SAN BERNARDINO SUPERIOR COURT
San Bernardino, California, United States
Description The San Bernardino Superior Court, County of San Bernardino, seeks a Cybersecurity Analyst. Are you passionate about safeguarding digital infrastructures from cyber threats? Join our dynamic team as a cybersecurity analyst , where you will tackle cutting-edge challenges and protect our organization's invaluable assets against evolving cyber threats. Salary Update 3% COLA increase effective October 2024; an approximate bi-weekly range from $3,834-$4,899. Benefit Highlights VIEW THE 2024 BENEFITS GUIDE (Download PDF reader) . Telework/On-Site Opportunity After completing the probationary period, the position is eligible for a combination of telework and on-site work assignments OR an alternative (9/80) schedule. Telework must be completed from a pre-designated home-based location within the State of California, and employees may be required to report on-site to address business needs. Telework is at the Court's sole discretion and may be rescinded immediately, without prior notice, based on the needs of the San Bernardino County Superior Court. About the Position Under general supervision, leads and participates in the work of other employees engaged in administering, integrating, monitoring, tuning and upgrading assigned server platforms and operating systems for optimal performance, ensuring the integration of network, platform and application structures. An Infrastructure Analyst III analyzes and identifies enterprise technology solutions to meet court-wide business requirements; assesses network systems, hardware, and/or software for security vulnerabilities; participates in or leading the implementation of risk remediation efforts; assesses the output of tests and scans to develop corrective action plans; leads incident response functions; recommends cybersecurity policies and procedures to senior leadership; develops implementation strategies and coordinates with vendors and users; leads technology- related project teams; and performs related duties as assigned. Distinguishing Characteristics: Infrastructure Analyst III is the advanced professional skill level and working lead class in the Infrastructure Analyst series. Incumbents independently perform advanced, complex network system cybersecurity, administration functions, including researching, analyzing, planning, coordinating and implementing new releases, upgrades or changes to network, operating, or database systems to ensure reliable operations, connectivity, security and functionality. In addition to performing the full range of journey-level skilled duties, incumbents serve as the working lead person of technology professionals and technicians and perform the more complex duties in project management, plus oversee the work and provide training and guidance to employees. Employees in this class typically report to an Information Technology Director, Manager or Supervisor and provide lead work direction and guidance to Infrastructure Analysts and Systems Technicians assigned to infrastructure or applications. Incumbents work with limited supervision and exercise independent judgment to ensure employees complete assigned tasks and responsibilities within a broad framework of established policies, procedures and objectives. Infrastructure Analyst III is distinguished from Information Technology Supervisor in that incumbents in the former class are not full supervisors. The official classification is Infrastructure Analyst III; VIEW THE FU LL JOB DESCRIPTION . Essential Functions Leads, provides work guidance and direction, and participates in the work of unit members; participates in scheduling, assigning and monitoring work of other employees for completeness, accuracy and conformance with Court/departmental standards; provides information, instruction and training on work processes, proper uses of equipment and safe work practices; provides input to supervisor on employee work performance and behaviors; estimates personnel, equipment and material requirements for assigned jobs; may order work materials and supplies; assists in ensuring a fair and open work environment in accordance with the Court's commitment to teamwork, mutual trust and respect.Leads installations of security measures and operating software to protect systems and information infrastructure.Monitors computer networks for security issues and suspicious activities.Reports and investigates security breached and cybersecurity incidents.Educates staff and recommends security measures, including protocols, policies and procedures to senior leadership.Interprets and analyzes test results to create and implement corrective measures.Monitoring and threat detection, utilizing a variety of security tools, techniques, and log analysis.Vulnerability and patch management.Administrating of cybersecurity awareness training and phishing campaigns.Incident response and investigation; leading response and investigation efforts and working closely with other IT teams, vendors, and statewide partners to analyze and remediate the issue.Policy development and implementation.Risk management, governance and compliance.Performs complex systems administration functions for multiple enterprise server platforms and operating systems; installs, configures and maintains servers and operating system software, hardware and devices; installs, configures, tests and implements system monitoring and management software tools; installs and tests operating system patches, releases, upgrades and fixes; develops and maintains scripts to automate complex system maintenance tasks, service packs and patches.Serves as a lead cybersecurity administrator for the Court's infrastructure, with responsibility for assigned major systems; participates in the evaluation and recommendation of new releases, upgrades and changes to the overall network infrastructure; identifies, develops, submits and implements project plans to improve network reliability, security and efficiency; participates in and makes recommendations regarding new systems, vendor services and contracting; participates in conducting network capacity analysis and long-term planning.Participates in the development of statements of work for RFPs; participates in evaluating vendor solutions; coordinates Court review of vendor deliverables for accuracy and completeness, ensuring that Court needs and requirements have been met.Establishes and maintains testing environments to ensure new releases and enhancements are ready for production; with Information Technology Leadership , ensures effective integration, operation and concurrent connectivity of multiple platforms and networks; serves as project leader or team member on multi-platform/network systems installations; participates in the development and implementation of network standards and procedures.Serves as a central point of coordination with departments on significant application/hardware problems and change request issues that require assignment of resources that extend beyond Help Desk response standards; represents the department on committees and teams for major Court-wide projects and prepares analysis, reports and recommendations on such projects.Prepares a variety of work reports and records; attends meetings; gathers, reviews and analyzes operational data and performance reports to ensure Court and department goals, objectives and standards are being met; represents the department in meetings with other departments.May provide leadership/direction to other Information Technology staff beyond the infrastructure section.Performs other duties as assigned. Minimum Qualifications Graduation from an accredited four-year college or university with a major in management information systems, cybersecurity, computer science or a closely related field, and at least five (5) years of progressively responsible experience in systems, cybersecurity or network administration; or an equivalent combination of education, training and experience. Experience in a state court system is preferred. Certification as CISSP, CCSP, CCISA, CRISC, CEH, CCNA or a related certification is highly desirable. Knowledge of: Operating system architectures, characteristics, components and commands applicable to enterprise information systems and multiple platform operating systems in both physical and virtual environments; Information security and risk assessment; Information Technology compliance; Supporting users remotely and onsite at multiple sites, in an enterprise environment; Experience in applying cybersecurity fundamentals; Network architectures and theory and principles of network design and integration, including topologies and protocols; Principles, practices and methods of systems administration and maintenance, including configuration, performance tuning and diagnostic tools; Methods and techniques for performing connectivity testing and troubleshooting, including the uses of diagnostic tools and equipment; Internet/intranet technologies and design concepts and techniques, including router and firewall configuration; Principles and practices of disaster recovery and incident response; Enterprise-level security management, installation and configuration of antivirus software; Database management systems and software, including architectures, diagnostic tools, commands and utilities; Tools and utilities used in monitoring and tuning systems, database and application performance; Systems integration design concepts and practices; Enterprise-level LAN and WLAN operation; Project management tools and techniques; Court policies, procedures and practices regarding computer hardware, software and data security; Safety policies, practices, equipment and supplies applicable to the work; Applicable federal and state laws, rules and regulations; Basic principles and practices of employee supervision; Sound business communications; Court Personnel Plan policies and labor contract provisions. Resumes will not be accepted in lieu of the required application and supplemental questions. Human Resources will review applications to identify candidates who meet the minimum qualifications; therefore, it is to your benefit to include all pertinent work experience. When listing court experience, please include the dates and classification of each position held if there is more than one. Selection Process Applications will be reviewed to identify candidates with minimum qualifications and/or desirables. Only those who meet the minimum qualifications and desirables (if applicable) will proceed to the next step in the recruitment process.Candidates' supplemental question responses may be evaluated and ranked. Depending on the number of applications, assessments and/or screening interviews may be conducted. Candidates who are successful in step 2 will be placed on the eligible list and may be considered for interview. Placement on the eligible list does not guarantee an interview or employment. All candidates will be notified of their status via email at each process step. Additional steps in the selection process will include a background check and a reference check. REASONABLE ACCOMMODATIONS: The Superior Court of California, County of San Bernardino, is committed to providing reasonable accommodation to applicants as required by the Americans with Disabilities Act (ADA) and the Fair Employment and Housing Act (FEHA). Qualified individuals with disabilities who need a reasonable accommodation during the application or selection process may contact the Human Resources Office at (909) 521-3700 or via email at Careers@sb-court.org . Individuals with hearing and/or speech impairments may also contact the recruiter for this position through the use of the California Relay Service by dialing 711. Physical Characteristics The physical and mental demands described in the job description are representative of those that employees must meet to perform the essential functions of this class successfully. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. The Superior Court of California, County of San Bernardino is an Equal Opportunity Employer- M/F/D/V. SUPERIOR COURT OF CALIFORNIA COUNTY OF SAN BERNARDINO BENEFITS SUMMARY The San Bernardino Superior Court offers a range of benefit programs for employees and their eligible dependents. These include medical, dental, vision, and life insurance, as well as a variety of voluntary benefits. Programs and benefit amounts vary and are based on bargaining unit, family size, hire date, plan selection, and number of hours worked.A summary of benefits is provided below. Health and Welfare Benefits MEDICAL: The Court offers a variety of comprehensive health plan options to fit individual employee needs. The Court contributes up to $200.00 in benefit plan dollars each pay period to help full-time employees pay for health premiums. In addition, the health plan subsidy the court contributes toward the employee cost is 57% of lowest cost HMO plan based on level of coverage. DENTAL: The dental subsidy is equivalent to 100% of the employee only DPPO coverage plan (but not less than twenty dollars {$20.00} per pay period.) VISION: Court-paid plan for employees. No co-pay/deductible for eye exams; frames and standard lenses or contact lenses (in lieu of standard lenses) every twelve (12) months. SHORT-TERM DISABILITY: Court-paid benefit that provides partial income replacement in the event that an employee is unable to work due to a non-work related disability. LIFE INSURANCE: Court-paid basic life insurance benefit of $50,000. Additional supplemental life and AD&D insurance benefits may be purchased voluntarily. MEDICAL REIMBURSEMENT ACCOUNT: Flexible Spending Account (FSA) that helps participating employees lower their taxable income. Under this plan, employees elect to set aside pre-tax money each pay period to pay for eligible out-of-pocket medical expenses for themselves and their eligible dependents that are not paid by insurance or reimbursed by any other benefit plan. DEPENDENT CARE ASSISTANCE PLAN: This is a type of Flexible Spending Account (FSA) that helps participating eligible employees lower their taxable income. Under this plan, employees may set aside pre-tax dollars to pay for qualified childcare or dependent care expenses that are necessary for the employee and/or spouse to continue working. Leave Allowances VACATION: After completion of the requisite hours of continuous service (based on the bargaining unit), employees are eligible to use accrued vacation allowance. Depending on length of service, employees may accrue from 80 to 160 hours annually. ADMINISTRATIVE LEAVE: Forty (40) hours of additional leave to be used during the calendar year, prorated depending on start date. HOLIDAY: Fourteen (14) paid recognized holidays and the accrual of two (2) floating holidays annually. SICK LEAVE: Employees in regular positions accrue approximately 3.39 hours of sick leave per pay period to use during instances of authorized absence due to illness, injury, or medically related appointments. BEREAVEMENT LEAVE: ALL employees are eligible to receive a maximum of thirty-two (32) hours of paid leave per occurrence for bereavement leave due to the death of a person in the immediate family. Retirement and Deferred Compensation Plans RETIREMENT: The Court is a 1937 Act employer. More detailed information may be found by contacting SBCERA at (909) 885-7980 or toll-free at 1-877-722-3721 or by visiting the website at San Bernardino County Retirement Association. The Court does not pay into the Social Security system; however, it does contribute to Medicare. Retirement benefits subject to change. DEFERRED COMPENSATION: Employees are eligible to participate in the Court's 457 Deferred Compensation Plan. This is the supplemental retirement plan that permits employees to defer a certain portion of their pre or post tax salary, within certain Internal Revenue Service (IRS) limits, to an account maintained by an investment service provider. Participating employees in the pre-tax option postpone paying taxes on the deferred portion of their income. Additional Benefits TUITION BENEFIT: Employees with at least twelve (12) months of Court service will be allowed a maximum of $600.00 each fiscal year. These monies may be used for job related education or career development, book fees or to reimburse membership dues in professional organizations. CAR ALLOWANCE: Use of Court Vehicle. COMMUTER SERVICES: This program assists with providing information on carpools, rideshare matching, and public transportation options. The Court offers incentives for employees eligible to participating in Ridesharing activities. FLEXIBLE WORK SCHEDULE: The Court recognizes the importance of work/life balance. Employees may request alternative work scheduling or flexible work schedules when classifications meet the requirements. The Human Resources Department reserves the right to modify the benefit programs in accordance with the Personnel Rules and Regulations. Closing Date/Time: 5/5/2024 11:59 PM Pacific
Apr 13, 2024
Full Time
Description The San Bernardino Superior Court, County of San Bernardino, seeks a Cybersecurity Analyst. Are you passionate about safeguarding digital infrastructures from cyber threats? Join our dynamic team as a cybersecurity analyst , where you will tackle cutting-edge challenges and protect our organization's invaluable assets against evolving cyber threats. Salary Update 3% COLA increase effective October 2024; an approximate bi-weekly range from $3,834-$4,899. Benefit Highlights VIEW THE 2024 BENEFITS GUIDE (Download PDF reader) . Telework/On-Site Opportunity After completing the probationary period, the position is eligible for a combination of telework and on-site work assignments OR an alternative (9/80) schedule. Telework must be completed from a pre-designated home-based location within the State of California, and employees may be required to report on-site to address business needs. Telework is at the Court's sole discretion and may be rescinded immediately, without prior notice, based on the needs of the San Bernardino County Superior Court. About the Position Under general supervision, leads and participates in the work of other employees engaged in administering, integrating, monitoring, tuning and upgrading assigned server platforms and operating systems for optimal performance, ensuring the integration of network, platform and application structures. An Infrastructure Analyst III analyzes and identifies enterprise technology solutions to meet court-wide business requirements; assesses network systems, hardware, and/or software for security vulnerabilities; participates in or leading the implementation of risk remediation efforts; assesses the output of tests and scans to develop corrective action plans; leads incident response functions; recommends cybersecurity policies and procedures to senior leadership; develops implementation strategies and coordinates with vendors and users; leads technology- related project teams; and performs related duties as assigned. Distinguishing Characteristics: Infrastructure Analyst III is the advanced professional skill level and working lead class in the Infrastructure Analyst series. Incumbents independently perform advanced, complex network system cybersecurity, administration functions, including researching, analyzing, planning, coordinating and implementing new releases, upgrades or changes to network, operating, or database systems to ensure reliable operations, connectivity, security and functionality. In addition to performing the full range of journey-level skilled duties, incumbents serve as the working lead person of technology professionals and technicians and perform the more complex duties in project management, plus oversee the work and provide training and guidance to employees. Employees in this class typically report to an Information Technology Director, Manager or Supervisor and provide lead work direction and guidance to Infrastructure Analysts and Systems Technicians assigned to infrastructure or applications. Incumbents work with limited supervision and exercise independent judgment to ensure employees complete assigned tasks and responsibilities within a broad framework of established policies, procedures and objectives. Infrastructure Analyst III is distinguished from Information Technology Supervisor in that incumbents in the former class are not full supervisors. The official classification is Infrastructure Analyst III; VIEW THE FU LL JOB DESCRIPTION . Essential Functions Leads, provides work guidance and direction, and participates in the work of unit members; participates in scheduling, assigning and monitoring work of other employees for completeness, accuracy and conformance with Court/departmental standards; provides information, instruction and training on work processes, proper uses of equipment and safe work practices; provides input to supervisor on employee work performance and behaviors; estimates personnel, equipment and material requirements for assigned jobs; may order work materials and supplies; assists in ensuring a fair and open work environment in accordance with the Court's commitment to teamwork, mutual trust and respect.Leads installations of security measures and operating software to protect systems and information infrastructure.Monitors computer networks for security issues and suspicious activities.Reports and investigates security breached and cybersecurity incidents.Educates staff and recommends security measures, including protocols, policies and procedures to senior leadership.Interprets and analyzes test results to create and implement corrective measures.Monitoring and threat detection, utilizing a variety of security tools, techniques, and log analysis.Vulnerability and patch management.Administrating of cybersecurity awareness training and phishing campaigns.Incident response and investigation; leading response and investigation efforts and working closely with other IT teams, vendors, and statewide partners to analyze and remediate the issue.Policy development and implementation.Risk management, governance and compliance.Performs complex systems administration functions for multiple enterprise server platforms and operating systems; installs, configures and maintains servers and operating system software, hardware and devices; installs, configures, tests and implements system monitoring and management software tools; installs and tests operating system patches, releases, upgrades and fixes; develops and maintains scripts to automate complex system maintenance tasks, service packs and patches.Serves as a lead cybersecurity administrator for the Court's infrastructure, with responsibility for assigned major systems; participates in the evaluation and recommendation of new releases, upgrades and changes to the overall network infrastructure; identifies, develops, submits and implements project plans to improve network reliability, security and efficiency; participates in and makes recommendations regarding new systems, vendor services and contracting; participates in conducting network capacity analysis and long-term planning.Participates in the development of statements of work for RFPs; participates in evaluating vendor solutions; coordinates Court review of vendor deliverables for accuracy and completeness, ensuring that Court needs and requirements have been met.Establishes and maintains testing environments to ensure new releases and enhancements are ready for production; with Information Technology Leadership , ensures effective integration, operation and concurrent connectivity of multiple platforms and networks; serves as project leader or team member on multi-platform/network systems installations; participates in the development and implementation of network standards and procedures.Serves as a central point of coordination with departments on significant application/hardware problems and change request issues that require assignment of resources that extend beyond Help Desk response standards; represents the department on committees and teams for major Court-wide projects and prepares analysis, reports and recommendations on such projects.Prepares a variety of work reports and records; attends meetings; gathers, reviews and analyzes operational data and performance reports to ensure Court and department goals, objectives and standards are being met; represents the department in meetings with other departments.May provide leadership/direction to other Information Technology staff beyond the infrastructure section.Performs other duties as assigned. Minimum Qualifications Graduation from an accredited four-year college or university with a major in management information systems, cybersecurity, computer science or a closely related field, and at least five (5) years of progressively responsible experience in systems, cybersecurity or network administration; or an equivalent combination of education, training and experience. Experience in a state court system is preferred. Certification as CISSP, CCSP, CCISA, CRISC, CEH, CCNA or a related certification is highly desirable. Knowledge of: Operating system architectures, characteristics, components and commands applicable to enterprise information systems and multiple platform operating systems in both physical and virtual environments; Information security and risk assessment; Information Technology compliance; Supporting users remotely and onsite at multiple sites, in an enterprise environment; Experience in applying cybersecurity fundamentals; Network architectures and theory and principles of network design and integration, including topologies and protocols; Principles, practices and methods of systems administration and maintenance, including configuration, performance tuning and diagnostic tools; Methods and techniques for performing connectivity testing and troubleshooting, including the uses of diagnostic tools and equipment; Internet/intranet technologies and design concepts and techniques, including router and firewall configuration; Principles and practices of disaster recovery and incident response; Enterprise-level security management, installation and configuration of antivirus software; Database management systems and software, including architectures, diagnostic tools, commands and utilities; Tools and utilities used in monitoring and tuning systems, database and application performance; Systems integration design concepts and practices; Enterprise-level LAN and WLAN operation; Project management tools and techniques; Court policies, procedures and practices regarding computer hardware, software and data security; Safety policies, practices, equipment and supplies applicable to the work; Applicable federal and state laws, rules and regulations; Basic principles and practices of employee supervision; Sound business communications; Court Personnel Plan policies and labor contract provisions. Resumes will not be accepted in lieu of the required application and supplemental questions. Human Resources will review applications to identify candidates who meet the minimum qualifications; therefore, it is to your benefit to include all pertinent work experience. When listing court experience, please include the dates and classification of each position held if there is more than one. Selection Process Applications will be reviewed to identify candidates with minimum qualifications and/or desirables. Only those who meet the minimum qualifications and desirables (if applicable) will proceed to the next step in the recruitment process.Candidates' supplemental question responses may be evaluated and ranked. Depending on the number of applications, assessments and/or screening interviews may be conducted. Candidates who are successful in step 2 will be placed on the eligible list and may be considered for interview. Placement on the eligible list does not guarantee an interview or employment. All candidates will be notified of their status via email at each process step. Additional steps in the selection process will include a background check and a reference check. REASONABLE ACCOMMODATIONS: The Superior Court of California, County of San Bernardino, is committed to providing reasonable accommodation to applicants as required by the Americans with Disabilities Act (ADA) and the Fair Employment and Housing Act (FEHA). Qualified individuals with disabilities who need a reasonable accommodation during the application or selection process may contact the Human Resources Office at (909) 521-3700 or via email at Careers@sb-court.org . Individuals with hearing and/or speech impairments may also contact the recruiter for this position through the use of the California Relay Service by dialing 711. Physical Characteristics The physical and mental demands described in the job description are representative of those that employees must meet to perform the essential functions of this class successfully. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. The Superior Court of California, County of San Bernardino is an Equal Opportunity Employer- M/F/D/V. SUPERIOR COURT OF CALIFORNIA COUNTY OF SAN BERNARDINO BENEFITS SUMMARY The San Bernardino Superior Court offers a range of benefit programs for employees and their eligible dependents. These include medical, dental, vision, and life insurance, as well as a variety of voluntary benefits. Programs and benefit amounts vary and are based on bargaining unit, family size, hire date, plan selection, and number of hours worked.A summary of benefits is provided below. Health and Welfare Benefits MEDICAL: The Court offers a variety of comprehensive health plan options to fit individual employee needs. The Court contributes up to $200.00 in benefit plan dollars each pay period to help full-time employees pay for health premiums. In addition, the health plan subsidy the court contributes toward the employee cost is 57% of lowest cost HMO plan based on level of coverage. DENTAL: The dental subsidy is equivalent to 100% of the employee only DPPO coverage plan (but not less than twenty dollars {$20.00} per pay period.) VISION: Court-paid plan for employees. No co-pay/deductible for eye exams; frames and standard lenses or contact lenses (in lieu of standard lenses) every twelve (12) months. SHORT-TERM DISABILITY: Court-paid benefit that provides partial income replacement in the event that an employee is unable to work due to a non-work related disability. LIFE INSURANCE: Court-paid basic life insurance benefit of $50,000. Additional supplemental life and AD&D insurance benefits may be purchased voluntarily. MEDICAL REIMBURSEMENT ACCOUNT: Flexible Spending Account (FSA) that helps participating employees lower their taxable income. Under this plan, employees elect to set aside pre-tax money each pay period to pay for eligible out-of-pocket medical expenses for themselves and their eligible dependents that are not paid by insurance or reimbursed by any other benefit plan. DEPENDENT CARE ASSISTANCE PLAN: This is a type of Flexible Spending Account (FSA) that helps participating eligible employees lower their taxable income. Under this plan, employees may set aside pre-tax dollars to pay for qualified childcare or dependent care expenses that are necessary for the employee and/or spouse to continue working. Leave Allowances VACATION: After completion of the requisite hours of continuous service (based on the bargaining unit), employees are eligible to use accrued vacation allowance. Depending on length of service, employees may accrue from 80 to 160 hours annually. ADMINISTRATIVE LEAVE: Forty (40) hours of additional leave to be used during the calendar year, prorated depending on start date. HOLIDAY: Fourteen (14) paid recognized holidays and the accrual of two (2) floating holidays annually. SICK LEAVE: Employees in regular positions accrue approximately 3.39 hours of sick leave per pay period to use during instances of authorized absence due to illness, injury, or medically related appointments. BEREAVEMENT LEAVE: ALL employees are eligible to receive a maximum of thirty-two (32) hours of paid leave per occurrence for bereavement leave due to the death of a person in the immediate family. Retirement and Deferred Compensation Plans RETIREMENT: The Court is a 1937 Act employer. More detailed information may be found by contacting SBCERA at (909) 885-7980 or toll-free at 1-877-722-3721 or by visiting the website at San Bernardino County Retirement Association. The Court does not pay into the Social Security system; however, it does contribute to Medicare. Retirement benefits subject to change. DEFERRED COMPENSATION: Employees are eligible to participate in the Court's 457 Deferred Compensation Plan. This is the supplemental retirement plan that permits employees to defer a certain portion of their pre or post tax salary, within certain Internal Revenue Service (IRS) limits, to an account maintained by an investment service provider. Participating employees in the pre-tax option postpone paying taxes on the deferred portion of their income. Additional Benefits TUITION BENEFIT: Employees with at least twelve (12) months of Court service will be allowed a maximum of $600.00 each fiscal year. These monies may be used for job related education or career development, book fees or to reimburse membership dues in professional organizations. CAR ALLOWANCE: Use of Court Vehicle. COMMUTER SERVICES: This program assists with providing information on carpools, rideshare matching, and public transportation options. The Court offers incentives for employees eligible to participating in Ridesharing activities. FLEXIBLE WORK SCHEDULE: The Court recognizes the importance of work/life balance. Employees may request alternative work scheduling or flexible work schedules when classifications meet the requirements. The Human Resources Department reserves the right to modify the benefit programs in accordance with the Personnel Rules and Regulations. Closing Date/Time: 5/5/2024 11:59 PM Pacific