DEPARTMENTAL INFORMATION SECURITY OFFICER I

Position/Program Information

EXAM NUMBER
Q2611A-R

APPLICATION FILING PERIOD


We will begin receiving applications on Mon day, April 22, 2024, at 8:00 a.m. (PT).

This examination will remain open until the needs of the service are met and is subject to closure without prior notice.

TYPE OF RECRUITMENT
Open Competitive Job Opportunity

SPECIAL SALARY INFORMATION
Management Appraisal and Performance Plan (MAPP): This position is subject to the provisions of the County's Management Appraisal of Performance Plan (MAPP) and is compensated at MAPP range S10. Initial salary placement and subsequent salary adjustments will be made in accordance with MAPP guidelines and regulations.

CHECK OUT OUR OUTSTANDING BENEFITS!

Los Angeles County offers one of the strongest public-sector benefits packages in the nation. Click here to see a list of employee benefits.

WHO WE ARE:

LA County Library is one of the largest and most innovative public library systems in the United States. It offers free public resources, including books, music, multimedia materials, computers and internet access and educational and recreational services to 3.4 million residents through its 85 libraries and mobile fleet of vehicles. LA County library is dedicated to reducing barriers and increasing equity and access to public services for all.

WHO WE ARE LOOKING FOR:

LA County Library seeks to attract and retain a high performing and diverse workforce in which employees’ differences are respected and valued to better meet the varying needs of the diverse customers we serve. We are looking for multi-taskers who are able to work independently and as part of a team. Our ideal candidate is someone with an analytical mind and excellent communication skills, who will lead the information security function for LA County Library, as well as develop and deliver a comprehensive departmental information security strategy to optimize the department’s security posture.

Essential Job Functions

As a Departmental Information Security Officer I, your responsibilities will include, but are not limited to the following:

• Developing and maintaining the departmental Information Security Program including policies, standards, and procedures; cybersecurity control evaluation, selection, and implementation; and architectures, products and services, pursuant to County Chief Information Office architectures, standards and guidelines, and Board polices and applicable laws.
  
• Collaborating with departmental business units to conduct comprehensive information security risk assessments, and participating in regular reviews of security standards, governance, data compliance and privacy management, audit, risk assessments, physical and logical access reviews, risk assessments and data destruction solutions.
  
• Conducting vulnerability assessments to identify existing or potential weaknesses in systems and processes that could lead to compromises; facilitating remediation of identified vulnerabilities within processes, systems and applications and coordinating investigations with relevant authorities, including the Countywide Chief Privacy Officer (CPO), Countywide Cybersecurity Incident Response Committee (CCIRC) , Auditor-Controller, and law enforcement agencies as necessary.
  
• Leading and conducting routine assessments and periodic inspections of departmental information technology systems to ensure the effectiveness of security controls and recommending appropriate corrective measures to eliminate or mitigate system compromises.
  
• Actively participating in federal, State and local audits and reviews for the department. Coordinating the department's information technology-related aspects of annual or biennial Internal Control Certification Program (ICCP) audits.
  
• Providing guidance to department management and implementing necessary policies, standards, or controls to address department-specific regulatory and contractual factors.
  
• Collaborating with departmental stakeholders to align security posture with business objectives.
  
• Collaborating with application and software developers to ensure that production applications comply with established information security policies, standards and business requirements.
  
• Facilitating the development and distribution of information security and privacy awareness training and education for departmental employees in cooperation with the Chief Information Security Officer (CISO) and CPO. Promotes Countywide initiatives pertaining to information security and privacy education and awareness programs.
  
• Representing the department on County cybersecurity governance bodies, committees and workgroups. Participating in the development, review, and recommendation of Countywide information technology security policies, technical and operational standards, procedures and guidelines. Identifying and recommending industry best practices for cybersecurity, fostering communication and collaboration among County departments on countywide and departmental cybersecurity issues.
  
• Serving as a member of the CCIRC. Establishing and leading a Departmental Cybersecurity Emergency Response Team (DCERT). Developing appropriate security incident notification procedures for departmental management, CISO, CPO and CCIRC.
  
• Participating in Countywide activities and providing recommendations of software products and controls related to cybersecurity. Collaborating with responsible County entities in the development and implementation of Countywide business continuity and disaster recovery plans to ensure appropriate cybersecurity measures.
  
• Liaising between the department and the CPO regarding electronic data and physical records, privacy incident and breach response, privacy audits, and other initiatives pertaining to the County’s privacy program components and related policies.
  
• Ensuring proper departmental inventories of information technology assets and software licenses i n collaboration with information technology operations.
  
• Reviewing departmental information technology projects and information technology contrac t terms, in conjunction with County Counsel, to ensure information security sufficiency.
  
• Participating in the review of information technology facility acquisition, construction, and remodeling projects to ensure adherence to County information security policies, standards, guidelines and industry best practices as needed.
  
• Supervising and/or managing subordinate security officers, supervisors and technical staff as needed.
  
• Serving as a witness or subject-matter expert (SME) for the department in legal matters concerning cybersecurity as needed.
  

Requirements

SELECTION REQUIREMENTS:
Graduation from an accredited college or university with a bachelor's* degree or higher in Computer Science, Information Security, Information Assurance, Business Administration, or a related discipline -AND- two (2) years of recent** progressively responsible*** experience in a combination of risk management, information security and cybersecurity roles -AND- two (2) years of recent** experience in Information Technology project management.

LICENSE REQUIREMENTS:
A valid California Class C Driver's License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.

PHYSICAL EXPECTATIONS:
2 - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved.

SPECIAL REQUIREMENT INFORMATION:
*In order to receive credit for your education, you must include a legible copy of the official diploma, official transcripts, or official letter from the accredited institution which shows the area of specialization with your application at the time of filing or within seven (7) calendar days from application submission. Note: Foreign studies must be evaluated by an academic credential evaluation agency and deemed to be equivalent to degrees from the United States. (See Accreditation Information under Employment Information).

** Recent experience is defined as experience within the last five (5) years.

*** Progressively responsible experience is defined as a significant increase in the complexity and scope of responsibility in IT and systems functions over time.

ENDORSEMENT OF COUNTY QUALIFICATIONS:

County employees who wish to meet the requirements using out-of-class experience must provide official documentation such as additional responsibility bonus, out-of-class bonus, temporary assignment bonus, or reclassification study from CEO Classification with your application at the time of filing or within seven (7) calendar days from application submission. Employees do not need to submit such verification if they hold or have held a position at an appropriate level. Out-of-class duties should be accurately described in the application work history, and questionable experience will be verified through the departmental HR Manager when necessary.

WITHHOLD INFORMATION:

No withholds will be allowed for this examination. Required education and experience must be fully met and indicated on the application by the last day of filing.

Additional Information

OUR ASSESSMENT PROCESS:

This examination will consist of TWO (2) parts:

Part I: Multiple-choice and/or simulation assessment(s), weighted 45%, assessing:

• Deductive Reasoning
  
• Professional Potential
  
• Achievement
  
• Working Relationships
  
• Analyzing Information
  
• Learning Quickly
  
• Generating New Ideas
  
• Using Time Efficiently
  
• Working to High Quality Standards
  
• Adapting to Change
  
• Coping with Uncertainty
  
• Willingness to Learn
  
• Responsibility
  

Candidates must achieve a passing score of 70% or higher on Part I to proceed to Part II of this examination.

Part II: Multiple-choice and/or simulation assessment(s), weighted 55% , assessing:

• Cyber Risk covering knowledge of Cyber Risk Management, System and Application Security, Network Security, and Security Management;
• Cloud Computing covering knowledge of Cloud Computing Concepts, Cloud Service Models, Virtualization, and Private Clouds;
• Systems Analysis covering knowledge of Fundamental Systems Analysis Skills, Implementation and Support, Systems Analysis Tasks, Systems Design Tasks, and technical methods for specifying requirements.

MULTIPLE-CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19.

Candidates must meet the Selection Requirements and achieve a passing score of 70% or higher on each weighted part of the examination in order to be placed on the Eligible List.

TRANSFER OF TEST COMPONENTS:

• Applicants who have taken identical components recently for other exams may have their scores automatically transferred to this examination.
• This examination contains test components that may be used in the future for new examinations and your test scores may be transferred.

Please add the below email addresses to your email address book and list of approved senders to prevent email notifications from being filtered as spam/junk/clutter mail.

• JHines@hr.lacounty.gov
• info@governmentjobs.com
• talentcentral@shl.com
• donot-reply@amcatmail.com
• noreply@proctoru.com

TEST PREPARATION:


Study guides and other test preparation resources are available to help candidates prepare for employment tests. While the guides will help in preparing for the test, we advise you to review all related materials that you deem necessary.

• An interactive, Online Test Preparation System for taking practice tests may be accessed on the Department of Human Resources website at http://hr.lacounty.gov/ . Please click on "Find a Job" and then "Job Search Toolkit." Test preparation information is located under the "Employment Test Assistance" section.
• Additional online practice tests are available at https://www.shldirect.com/en-us/practice-tests / .

Please note that these resources are intended to provide general information about the types of tests and assessments used by the County of Los Angeles. These resources do not contain details of the exam nor the specific questions you will be asked to answer during the test administration. The exam content section describes the areas assessed by the test and you are invited to study and review whatever material you believe will help you to prepare.

Note: All notifications, including invitation notices, will be sent electronically to the email address provided on the application. Test scores cannot be given over the telephone.

ELIGIBILITY INFORMATION:

The names of candidates receiving a passing score in the examination will be placed on the eligible list for a period of twelve (12) months.

VACANCY INFORMATION:
The resulting eligible list will be used to fill a vacancy within the LA County Library.

AVAILABLE SHIFT: Any

HOW TO APPLY:
Applications must be filed online only. We will begin receiving applications on Monday, April 22, 2024, at 8:00 a.m. (PT). All application must be received BEFORE 5:00 p.m., (PT) on the last day of filing. Applications submitted by U.S. mail, fax, or in person will not be accepted. Apply online by clicking on the green " Apply " button at the top right of this posting.

Plan to submit your online application well in advance of the 5:00 p.m. (PT) deadline as you may be required to verify your email address. This only needs to be done once per email address, and if you already have a job seeker account on governmentjobs.com/careers/lacounty , you can verify at any time by logging in and following the prompts. This is to enhance the security of your online application and to ensure you do not enter an incorrect email address.

Fill out your application completely. The acceptance of your application depends on whether you have clearly shown that you meet th e Selection Requirements as listed on this job posting. Provide any relevant job experience in the spaces provided so we can evaluate your qualifications for the job. For each job held, give the name and address of your employer, your job title, beginning and ending dates, number of hours worked per week, and description of work performed. If your application is incomplete, it will be rejected.

IMPORTANT: Please note that all information included in the application materials is subject to verification at any point during the examination and hiring process, including after an appointment has been made. Falsification of any information may result in disqualification or rescission of appointment. Utilizing verbiage from Class Specification and Selection Requirements serving as your description of duties will not be sufficient to demonstrate that you meet the requirements. Doing so may result in an incomplete application and you may be disqualified.

________________________________________________________________________

ANTI-RACISM, DIVERSITY, AND INCLUSION (ARDI):

The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. The Department of Human Resources is committed to promoting Anti-racism, Diversity, and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality, diversity, and inclusion in recruitment, selection, and employment practices.

SOCIAL SECURITY NUMBER:

Please include your Social Security Number for record control purposes. Federal law requires that all employed persons have a Social Security Number.

NO SHARING OF USER ID AND PASSWORD:

All applicants must file their application online using their own user ID and password. Using a family member's or friend's user ID and password may erase a candidate's original application record.

COMPUTER AND INTERNET ACCESS AT PUBLIC LIBRARIES:

For candidates who may not have regular access to a computer or the internet, applications can be completed on computers at public libraries throughout Los Angeles County. Refer to their website for updated information at Library Locator - LA County Library .

TESTING ACCOMMODATION:

If you require an accommodation to fairly compete in any part of the assessment process, you will be given the opportunity to make a request when completing your application. Please note, you may be required to submit documentation from a qualified medical provider or other qualified professional to support your request for a testing accommodation.

Testing Accommodations Coordinator: TestingAccommodations@hr.lacounty.gov
Teletype Phone: (800) 735-2929
California Relay Services Phone: (800) 735-2922

Have any questions about anything listed above? Contact us:

Department Contact Name: Jasmine Hines
Department Contact Phone: (213) 738-2008
Department Contact Email: jhines@hr.lacounty.gov
Exam Number: Q2611A-R

For detailed information, please click here

Los Angeles, California United States View Map