6 jobs found

Definition and Class Characteristics Nevada County is seeking an Information Systems Manager to lead the Technical Operations Division serving all County departments. Nevada County takes pride in recruiting individuals who align with our core values of integrity and ethics, service, and commitment, and who actively desire to enhance our performance as a strategic partner and trusted provider of technology services. This position requires proven leadership skills and commitment to continuous improvement in a collaborative team-based environment. The Information Systems Manager directs and is responsible for the activities of the Desktop Services, Network Operations, and Server Operations teams, and is granted extensive leeway for the exercise of independent judgment and initiative in continuing to provide excellent, award-winning services. This position has access to confidential information, and must abide by HIPAA, CJIS, and cybersecurity policies and practices. In partnership with other IS Managers and the CIO, this position establishes and monitors multi-year strategic vision for continuous enhancement and improvement of core services. When given the opportunity to meet our incredible staff, you will quickly realize how rewarding an IT career with the County of Nevada can be. This position fills a vacancy created by an internal promotion, and offers a great deal of variety and opportunity for growth, as it touches nearly every County service area, directly helping support our community. Responsibilities and essential duties may include: Managing the employees and activities of the Technical Operations Division Desktop Services - PC standards, installation, and support. Service Desk. A/V event support. Network Operations - all LAN/WAN services, firewall administration, ISP, telephony. Server Operations - Identity management, Cloud services, server administration, backup and DR, security system administration. Responsible for overseeing and leading multiple support and development efforts, such as upgrades, enhancements, changes, and testing. Monitoring employee time/attendance, reviewing and approving timesheets. Responsible for facilitating staff, vendor, agency, and /or 3rd party partner and vendor meetings. Preparing content and attend project meetings including with external vendor and community partners. Strategic responsibilities and objectives may include: Strategic planning with other IS Managers and Agency Leadership to ensure shared success for business partners. Aligning team objectives with department and agency objectives. Monitoring standards, technologies and trends in infrastructure technologies and cybersecurity. Preparing and handling budget for Information Systems. Communicating with other departments, using feedback to enhance systems and processes. Providing project management oversight and guidance. Maintaining a positive work atmosphere by acting and communicating in a manner that promotes positive relationships between customers, co-workers, and management. Ideal candidates for the IS Manager position are well-rounded, possessing a strong customer service attitude and leadership skills. Candidates possess: Experience managing employees and activities in an information technology area. Experience planning, assigning, and reviewing work in an IT environment and ensuring all standards, specifications, and deadlines are met. Experience in setting incremental goals and objectives for employees, and in performing interim and annual performance evaluations. Excellent oral and written communication skills and ability to present in a group setting. Detail oriented behaviors. Demonstrate strong planning and organizational skills and ability to handle multiple assignments at once. Understand and demonstrate the application of modern cybersecurity best practices Nevada County supports flexible work schedules and the possibility of working remotely several days per week. You will be working with our award-winning group of Network Analysts, Desktop Technicians and Applications Analysts who, in addition to being skilled professionals in a wide array of technologies, maintain life-work balance through a variety of activities from mountain biking and backpacking to painting, swimming, music and working with animals. This is a full-time position, and the County of Nevada offers an extensive benefit package including, but not limited to CalPERS retirement, medical, dental and vision insurance, life insurance, and flexible spending accounts. Why Nevada County? Our leadership values employee development and engagement, promotes open and visible communication, strives to be a hard-working organization, and recognizes personal contributions and growth. Nevada County Information Systems is an award-winning department in innovation and collaboration including placing in the top 3 of National Digital Counties for the last 9 years, along with many other State and National awards! We also offer full-time employees, vacation, holiday, and sick leave, orthodontics coverage, 457 options, flex-scheduling and the possibility of teleworking. If you want to join a high performing, award winning IT organization, and live in a world class outdoor recreation community ( www.gonevadacounty.com ), please consider applying. To read more about our Culture, Values, and Leadership Expectations, please follow these links to our Public Website: ( 2023 IGS Behavior and Culture Values and 2023 IGS Leadership Expectations ) Read the full job description here . Benefits Guide The Benefits Guide is a comprehensive document for employees of the County of Nevada. Information contained in this summary of benefits is not a binding document. Refer to specific unit summaries and agreements (MOUs) for additional benefit information for each employee group. Health Insurance The County sponsored plan for 2023 is the PERS Gold PPO, but you can also choose plans from providers such as Anthem, Blue Shield, and PORAC (if you are a member) to suit your needs. 2023 Health Insurance Plans Anthem Select HMO Anthem Traditional HMO Blue Shield CalPERS Access+ HMO PERS Gold PPO (County sponsored plan) PERS Platinum PPO PORAC (Available to PORAC members only) Flexible Spending Accounts The County offers employees the option to contribute to a pre-tax medical FSA and dependent Care FSA. Life Insurance Voya and Colonial is the County's life insurance provider. We offer the following products through Voya and Colonial: Basic Accidental Death and Dismemberment Basic Term Life Optional Accidental Death and Dismemberment plans Optional Dependent Term Life Optional Term Life Dental & Vision Insurance Nevada County employees can opt to receive dental and vision insurance without opting for health insurance coverage as well. This will give employees more flexibility to match their choice of insurance plans to their specific needs. Delta Dental is the dental provider offered through Nevada County and VSP Vision Care is our vision care provider. Retirement The County is a member of the CalPERS retirement system and provides the opportunity for voluntary contributions to a 457 deferred compensation account through Nationwide by way of pre-tax and Roth payroll deductions. CalPERS Miscellaneous tiers: Tier 1 (Classic-former employee originally hired on or before 12/13/12 and are returning to Nevada County) 2.7% @ 55 Tier 2 (Hired by a CalPERS employer between 12/14/12-12/31/12 and coming to Nevada County with less than 6 months between separation from former CalPERS employer and hire date with Nevada County) 2%@60 Tier 3 (Hired by first CalPERS employer on or after 1/1/13 or having a break in service of more than six months between another CalPERS employer and Nevada County) 2%@62 CalPERS Safety tiers: Tier 1 (Classic-former employees originally hired on or before 12/13/12 and are returning to Nevada County) 3% @ 50. Tier 2 (Hired by a CalPERS employer between 7/2411-12/31/12 and coming to Nevada County with less than 6-months between separation from former CalPERS employer and hire date with Nevada County) 3% @ 55. Tier 3 (Hired by any CalPERS employer on or after 1/1/13) 2.7% @ 57. We encourage you to visit the CalPERS home page, www.calpers.ca.gov , to search related information about the retirement plans noted here so that you fully understand what your retirement formula means to you. NEVADA COUNTY IS AN EQUAL OPPORTUNITY EMPLOYER Any information on this page or documents and links are subject to change without notice. Nevada County Human Resources Department 950 Maidu Avenue, Nevada City, CA 95959 (530) 265-7010 option 2 Human.resources@nevadacountyca.gov www.nevadacountyca.gov Closing Date/Time: Continuous

Position Description Tacoma Public Utilities (TPU) is seeking an experienced and eager Assistant Emergency Manager to join the Tacoma Public Utilities (TPU) Emergency Management (EM) team. This position will be part of an energetic and enthusiastic team and will support the development of emergency response processes and agency readiness across TPU’s divisions. The ideal candidate will have documented experience in emergency management, programmatic management, and leadership and communications skills. Under the direction of the TPU Emergency Manager, this position will collaborate with other TPU division and City Emergency Managers, and will develop and manage a comprehensive disaster management program, which includes disaster planning. Examples of essential functions performed include: Assignments are broad in scope and allow for a high degree of personal discretion in their execution Provides administrative and technical expertise and coordination to prepare TPU to be able to successfully handle all disasters; recommends adoption of and implements program policies and procedures, work objectives, goals, disaster organization structure, standard operating procedures, disaster program documents, response and mitigation, and coordinates and provides training. Responds to emergency incidents at TPU and supports stakeholders as a liaison on an on-call basis Attends emergency management training and conferences to keep current on trends and developments in the field of disaster and emergency management Develops, coordinates, reviews, and updates emergency response plans Develops reports related to assigned activities and services Coordinate, develop, lead, and/or assist TPU Emergency Managers with related Training/Education/Exercises in all aspects Participate in Exercises (includes: T&D Power Outage Response, UTS Cybersecurity, Generation Dam Safety, TPU, COT, Pierce County, other city, county, State, DOE, and Homeland Security exercises) and support the After Action Reporting Support TPU’s Corrective Action Plan/Program Serve as the backup TPU Emergency Management liaison with outside agencies or tribes as assigned and support TPU Emergency Managers Serve as the primary backup TPU Emergency Manager in all aspects Actively participate, support, and lead, as appropriate during incidents or disasters Be proficient in the Incident Command Structure (ICS); develop Situation Reports, create and update job aids and role books. Qualifications Minimum Education* Bachelor's degree in emergency management, homeland security, business or public administration or directly related field Minimum Experience* 2 years of experience in emergency management *Equivalency: 1 year of experience = 1 year of education Licensing, Certifications and Other Requirements FEMA Incident Command System 100, 200, 300, 400, 700 & 800 Training Washington State Driver's License Desired Qualifications: Homeland Security Exercise and Evaluation Program (HSEEP) Certification (must be completed within 1 year of employment) FEMA Master Exercise Practitioner Certification FEMA Basic Academy Certification FEMA Professional Development Series (IS: 120, 230, 235, 240, 241, 242, 244) FEMA Continuity Excellence Series Knowledge & Skills Knowledge of Theory, principles, practices, techniques, technology, and systems in the field of emergency management (planning, training, exercising, evaluation, continuous improvement, Project and/or program management, analytical processes, and report preparation techniques Organizational and management practices as applied to the analysis, evaluation, developments, and implementation of programs, policies, and procedures Research and reporting methods, techniques, and procedures Record keeping principles and procedures Practices of researching program issues, evaluating alternatives, making sound recommendations and preparing and presenting effective reports Modern office practices, methods, and computer equipment and applications related to the work Ability to Plan and coordinate with professional and technical teams Define issues, analyze problems, evaluate alternatives and develop sound, independent conclusions and recommendations Design, conduct and evaluate emergency operations exercises Analyze, interpret, summarize and present administrative and technical information and data in an effective manner Interpret, apply, explain and ensure compliance with Federal, State, and local policies, procedures, laws, and regulations Prepare clear and concise reports, correspondence, policies, procedures and other written materials and effective presentations related to area of assignment. Organize and prioritize a variety of projects and multiple tasks in and effective and timely manner; organize own work, set priorities, and meet critical time deadlines. Develop and maintain strong and effective working relationships with stakeholders Ability to utilize Smartsheet Selection Process & Supplemental Information This recruitment is being managed by Joanna Hambrick, if you would like to be notified of similar opportunities or stay connected with things going on at Tacoma Public Utilities and the City of Tacoma, connect with me on LinkedIn ! City of Tacoma Commitment to Diversity and Inclusion Tacoma's diversity is its greatest asset. Tacoma embraces its multi-cultural and multi-ethnic character. Communities of color and immigrant communities are fundamental to Tacoma's entrepreneurial spirit, workforce, and long-term success. In Tacoma, equity and empowerment are top priorities, meaning that all Tacoma residents must have equitable opportunities to reach their full potential and share in the benefits of community progress. One of our goals is for the City of Tacoma workforce to reflect the community it serves. We actively work to eliminate racial and other disparities and welcome candidates with diverse backgrounds and/or multicultural skill sets and experiences. Our goal is for Tacoma to be an inclusive and equitable place to live, work, and play . The City of Tacoma is an Equal Opportunity Employer and values diversity in its workplace. Applicants are considered for positions without regard to race, color, religion, sex, national origin, ancestry, age, marital or veteran status, disability, sexual orientation, gender identity, or any other basis prohibited by federal, state, and local laws. Tacoma Public Utilities Tacoma Power is an almost 100% hydroelectric, municipally-owned public power utility, located in Tacoma. We serve approximately 170,000 customers as one of the three operating divisions of Tacoma Public Utilities, alongside Tacoma Water and Tacoma Rail. As one of the most livable, walkable cities in the country, you'll find that Tacoma is a great fit for all interests with places to bike, run, hike, and explore, the perks of a big city, and the charm of a small town. Tacoma Water has a proud tradition of operating and maintaining one of the country's oldest municipally owned water systems. We provide high-quality water at very competitive prices. We provide direct service to more than 300,000 people throughout Pierce and King counties. Our mission is to provide clean, reliable water now and in the future. Tacoma Water is the second largest water utility in Washington State, with a service area that spans 117 square miles and an abundant and reliable water supply. Tacoma Rail has provided rail transportation as a public entity since 1914. With 16 locomotives, more than 100 employees and about 140 miles of track, Tacoma Rail provides key freight connections for customers in the greater Tacoma Washington area, handling in excess of 100,000 freight shipments per year . One of Tacoma Rail's keys to success is providing a safe work environment for our employees. We believe that our employees are our most valuable asset and that every accident or injury is preventable. We promote a culture that makes safety our highest priority. Apply Interested individuals should apply online and attach a detailed resume and cover letter that includes job experience, major responsibilities and accomplishments related to this position. Applications will be reviewed as they are received for interview consideration. Reference checks will be conducted on final candidates and appointment is subject to passing a background check. Communication from the City of Tacoma: We primarily communicate via e-mail during the application process. E-mails from cityoftacoma.org and/or governmentjobs.com must be placed on your safe domain list to ensure that you receive notifications in a timely manner. As a precaution, you may also want to check your junk e-mail folders. If you have any additional questions regarding this position, please contact the Human Resources Department at 253.591.5400 before 4pm on the closing date of this posting. The City of Tacoma provides excellent medical, dental and vision plans for the whole family; paid holidays and paid leave; participation in the Tacoma Public Employees' Retirement System (alternate plan for Police/Fire); continuing education and advancement opportunities and a growing variety of City-sponsored health and wellness opportunities and incentives. Medical Coverage: For eligible employees and their families, including domestic partners and dependent children age 26 or younger. Dental Coverage: For eligible employees and their families, including domestic partners and dependent children age 26 or younger. Vision Coverage: For eligible employees and their eligible dependents. Paid Leave: City employees are entitled to received paid holidays, sick/vacation leave or personal time off (PTO), depending upon union affiliation and appointment type. Insurance Plans: Employees are covered by a long-term disability plan. Short-term and expanded long-term disability insurance plans are also available to employees. The State Industrial Insurance Act also covers employees. Deferred Compensation: Income can be set aside on a pretax basis and invested for supplementation of normal retirement income. Retirement: All employees of the City, except members of the Police and Fire services, Tacoma Rail and certain project employees, are included in the Tacoma Employees' Retirement System. Information on the Tacoma Employees' Retirement System can be found at www.cityoftacoma.org or by calling (253) 502-8200. Other Employment Information Direct Deposit: Employees are paid on a bi-weekly schedule by direct deposit. Salary Increases: Based on satisfactory job performance, the City provides for a regular progression of salary increases for most classifications according to the salary schedule. Union Affiliation: Many job classifications are covered by union security provisions which require union membership, dues, or payment of equivalent service fees. Note: The provisions of this job announcement do not constitute an expressed or implied contract. Any provision contained herein may be modified and/or revoked without notice. Closing Date/Time: 6/6/2023 5:00 PM Pacific

CHIEF INFORMATION SECURITY OFFICER (Technology Services Deputy Director) Salary may be negotiable within the range listed above, based on position requirements and successful candidate's qualifications, subject to appropriate authorization. OPEN TO THE PUBLIC This recruitment will establish an open eligible list that will be used to fill current and future Technology Services Deputy Director positions. The eligible list established may also be used to fill positions in similar and/or lower classifications throughout the County of Orange. DEADLINE TO APPLY This recruitment will be open for a minimum of five (5) business days and will remain open on a continuous basis until 11:59 P.M. (PST) on the day the County's needs are met. Applicants are encouraged to apply immediately. First round of consideration: Monday, March 27, 2023, 11:59pm PST. OFFICE OF INFORMATION TECHNOLOGY The mission of Orange County Information Technology (OCIT) is to provide innovative, reliable, and secure technology solutions that support County departments in delivering quality public services. OCIT provides IT solutions across County departments for voice communications, network services, application support, service desk, desktop support, as well as data center services. Click here for more information on OCIT Click here for more information on the County of Orange. THE OPPORTUNITY The Chief Information Security Officer (CISO) position reports directly to the Assistant Chief Information Officer (ACIO) and manages the design, development, implementation, operation and maintenance of Countywide information security programs which are designed to protect the confidentiality, integrity, and availability of all voice, data network, application and computer infrastructure and their associated information assets. The CISO is responsible for building a comprehensive security program and an accountable, information security-conscious culture and a security infrastructure built on policies and procedures that are compliant with applicable Federal, State, and local laws, ordinances, and guidelines. The CISO will provide strategic and operational IT leadership Countywide and will establish, support, and continuously improve enterprise Information Security technology, policies, practices, and standards. This requires a specific knowledge of security operations, security management, and the use of threat intelligence into cybersecurity practice, policies and procedures. This position must be able to translate technical cybersecurity issues/concerns into possible business implications that are meaningful to executive management and the Board of Supervisors. Additionally, the CISO oversees vulnerability assessments and penetration testing, performs incident response and security analysis, provides forensic investigation, assists with internal and external audits, disaster recovery and business continuity, manages the Security Operations Center (SOC), and supports County departments in eDiscovery. In addition, the CISO will perform, but is not limited to, the following duties: Providing guidance and direction to County Departments on Cybersecurity practices and procedures Creating and implementing a strategy for the deployment of information security technologies Performing IT security risk assessments and reporting on ways to minimize threats Monitoring security vulnerabilities and cybersecurity threats in network and host environments Managing development and implementation of cybersecurity threat intelligence services Overseeing integration of cybersecurity operations management into network management practices Tracking the latest IT security innovations and keeping abreast of the latest cybersecurity technologies Ensuring business continuity, compliance, and governance is met Developing and implementing business continuity plans to ensure service is continuous when a change strategy is introduced, or a security breach occurs or in the event that the disaster recovery plan needs to be triggered Communicating with key County stakeholders about IT security threats Develop and improve cyber incident response management Overseeing the investigation of reported security breaches Implementing an effective process for the report of security incidents Managing the IT security team, security experts and advisors Complying with the latest regulations and compliance requirements Managing the daily operation and implementation of the IT security strategies Protecting the intellectual property of the County at all times Devising risk-based strategies and implementing IT solutions to minimize the risk of cyber-attacks Reviewing, analyzing, and overseeing the processing of the release of information in compliance with the California Public Records Act and eDiscovery activities associated with internal and external investigations Developing and maintaining relationships with other government jurisdictions to include local intelligence fusion centers and law enforcement partners DESIRABLE QUALIFICATIONS & CORE COMPETENCIES The ideal candidate will possess a Bachelor's degree in information security, computer science, information systems, computer engineering, or a related field and possess a minimum of seven (7) years of experience in comprehensive security program management in planning, administering, and ensuring effective and secure large-scale information security operations covering applications, servers, voice and data network, Internet, or other systems. In addition, the ideal candidate will possess extensive knowledge and/or experience in the following core competencies: Information Technology Knowledge | I nformation Security Experience Understanding and application of security and privacy technologies and current best practices Understanding and application of cybersecurity, risk management and control frameworks (such as National Institute of Standards and Technology (NIST) Cybersecurity Framework, NIST Risk Management Framework, and NIST 800-53 controls) Administering operations, services, and activities of comprehensive information systems security programs Understanding and application of advanced principles and best practices of system security design, development, analysis, and testing Understanding and application of advanced methods and techniques of evaluating information security and developing appropriate solutions; converged voice and data network security; architecture and design Utilizing functional structures of various operating systems components and associated security features Developing strategies for secure, cloud-based services Possessing advanced project management principles and techniques including project budgeting, quality assessment and control and resource management Working knowledge of regulatory requirements including Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), and Criminal Justice Information Services (CJIS) Leadership | Supervisory Skills Leading a high performance, results oriented team to implement organizational goals while balancing competing needs and objectives Leading information security training for employees, contractors, partners, and other third parties as appropriate Supervising various levels of managerial, supervisory, technical, and support staff as well as partnering with other Agencies, such as Human Resources, County Counsel, Risk Management, etc. Monitoring compliance with the organization's information security policies and procedures among employees, contractors, partners, and other third parties and resolve potential issues as needed Leading complex IT teams comprised of both direct and contracted vendors effectively Strategic Thinking and Planning | Organizational and Analytical Skills Planning and leading the execution of challenging projects to ensure that projects are resourced, budgeted, scheduled, planned, and implemented in a timely manner Interpreting and analyzing complex data to identify critical issues Thinking logically and organizing thoughts and work priorities to accomplish work efficiently Oral | Written Communication Skills Developing and implementing written materials, policies, and procedures for Administrative Services staff Implementing and acting as an advocate for security best practices and security awareness Preparing and orally presenting training and support information to various groups Developing clear requirements for internal information technology staff and third-party vendors Communicating, coordinating, and collaborating effectively with all organizational levels, and the public SPECIAL REQUIREMENT Candidate shall possess a Certified Information Systems Security Professional (CISSP) certificate. They may also have one (1) or more of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Advanced Security Practitioner Certification (CASP), Certified Chief Information Security Officer (C-CISO), or Certified in Healthcare Compliance (CHPC). SPECIAL REQUIREMENT | BACKGROUND INVESTIGATION Part of the selection process for positions within the County of Orange supporting the Probation Department requires that all candidates undergo an extensive background investigation process, to the satisfaction of the Department. Candidates must successfully clear prior to the start of their employment. All employment offers are contingent upon successful completion of a background investigation. MINIMUM QUALIFICATIONS Please click here to learn about the minimum qualifications, including the physical and mental requirements as well as the environmental conditions for the Technology Services Deputy Director classification. RECRUITMENT PROCESS Human Resource Services (HRS) screens all applications to identify the qualified candidates for the position based on the skills required to meet the needs of the County. After the initial screening, the qualified candidates will be referred to the next step and notified of all further procedures applicable to their status in the competition. Structured Oral Interview (SOI) (Weighted 100%) Applicants will be interviewed and rated by an oral interview panel of job knowledge experts. Each applicant's rating will be based on responses to a series of structured questions designed to elicit the candidate's qualifications for the job. Based on the Department's needs, the selection procedures listed above may be modified. Applicants will be notified of any changes in the selection procedures. Eligible List Once the assessment has been completed, HRS will establish an eligible list of candidates. Candidates placed on the eligible list may be referred to a selection interview to be considered for present and future vacancies. Veterans Employment Preference Policy (VEPP) The County is committed to providing a mechanism to give preferential consideration in the employment process to veterans and their eligible spouses and will provide eligible participants the opportunity to receive interviews in the selection process for employment and paid internship openings. Please click here (Download PDF reader) to review the policy. ADDITIONAL INFORMATION Please see below for important information regarding COVID-19 related recommendations. Effective April 3, 2023, it is strongly recommended that County employees working in health care settings and correctional facilities follow vaccination and booster guidelines provided by the California Department of Public Health (CDPH) and the Centers for Disease Control and Prevention (CDC). Please click here to see the latest guidance for more details. EMAIL NOTIFICATION Email is the primary form of notification during the recruitment process. Please ensure your correct email address is included in our application and use only one email account. NOTE: User accounts are established for one person only and should not be shared with another person. Multiple applications with multiple users may jeopardize your status in the recruitment process for any positions for which you apply. Candidates will be notified regarding their status as the recruitment proceeds via email through the GovernmentJobs.com site. Please check your email folders, including spam/junk folders, and/or accept emails ending with "governmentjobs.com" and "ocgov.com." If your email address should change, please update your profile at www.governmentjobs.com . FREQUENTLY ASKED QUESTIONS Click here for additional Frequently Asked Questions. For specific information pertaining to this recruitment, contact Aniko Ruha at aniko.ruha@ocgov.com or (714) 834-7370. EEO INFORMATION Orange County, as an equal employment opportunity employer, encourages applicants from diverse backgrounds to apply. Closing Date/Time: Continuous

Ride BART to a satisfying career that lets you both: 1) make a difference to Bay Area residents, and 2) enjoy excellent pay, benefits and employment stability. BART is looking for people who like to be challenged, work in a fast paced environment, and have a passion for connecting riders to work, school and other places they need to go. BART offers a competitive salary, comprehensive health benefits, paid time off, and the CalPERS retirement program. Conditions of Employment All San Francisco Bay Area Rapid Transit District (BART) employees are required to be fully vaccinated against COVID-19 as a condition of employment. You will be required to show proof of your completed COVID-19 vaccination prior to receiving a final offer, unless you receive a COVID-19 Vaccination reasonable accommodation due to a medical condition or a religious exemption due to an approved sincerely held religious belief that prohibits you from receiving a vaccine. BART will review requests for a reasonable accommodation or religious exemption on a case-by-case basis. Documentation may be required. For questions, please contact BART Human Resources, Leave Management at HRDP@bart.gov . Department Office of the CIO, Desktop and Network Services Pay and Benefits BART offers comprehensive compensation and benefits programs. Benefits include CalPERS pension; excellent medical (effective January 1, 2023 current employee cost $160.96 monthly for most plans), vision, and dental coverage; supplemental insurances; paid holidays and vacation; as well as two investment programs, one of which is entirely funded by BART. BART does not participate in Social Security. Complimentary BART passes for employee and qualifying dependents. Pay Rate Non-Represented Pay Band 7 Annual Salary: $113,621.00 (Minimum) - $172,136.00 (Maximum) Note: The initial salary offer will be between $113,621.00/year - $159,559.47/year to commensurate with education and experience. Posted Date March 10, 2023 Closing Date Open Until Filled The first batch application review will begin on April 3, 2023. Please note that any job announcement may be canceled at any time. Reports To Manager of Cyber Security Days Off Saturday and Sunday Who May Apply All current BART employees and qualified individuals who are not yet BART employees. Current Assignment This announcement will recruit one (1) position within the BART Office of the Chief Information Officer (OCIO). The BART Cybersecurity Division, within the OCIO, offers an exciting and challenging role administering some of the latest security tools in a highly virtualized environment. As a Regional Government office, BART is responsible for networks in 5 Bay Area Counties and the safety of our weekday riders. BART’s Cybersecurity Division has a wide variety of security responsibilities that include Business Networks, SCADA Networks, Police Networks, and Anti-Terrorism security measures. BART is looking for highly motivated, intelligent specialists that are excited to contribute, learn and grow in our organization. In the Cybersecurity Division, you’ll get hands on experience with the latest in Software Defined Networking, Virtualization, Hyperconvergance, Intrusion Detection/Prevention, Network Access Control, Vulnerability Scanning, Data Loss Prevention, Cloud Fencing, End Point Security, Forensics, Security Automation, and much more. BART is looking for highly experienced security professionals that want to focus their careers on working with cutting edge security tools. An ideal candidate is a former or current enterprise network engineer with a deep understanding of routing, switching and firewalls. The Cybersecurity Division offers a collaborative environment with a major emphasis on ensuring that our Cybersecurity Engineers get the training, support and certifications they need to better combat the evolving threat landscape. Essential Job Functions 1. Under general supervision develops and implements the design of a complex unified cyber security program. 2. Monitors and Tunes the District’s Unified Cyber Security Program. 3. Provides highly technical security expertise and support related to alarms and monitoring devices that participate in District Security Objectives (DSO’s); Oversees and resolves business and support issues related to RAILS. 4. Manages the various security projects including performing impact diagnostics on existing technology projects. 5. Evaluates business and technical security requirements; driving the selection, prototyping and implementation of applications and technical solutions; and effectively communicating inherent security risks to non-technical users and administrators 6. Implements and tunes algorithms used to monitor both machine and human behavior. 7. Develops and maintains inventory lists generated from advanced forensic investigation. 8. Coordinates and implements enterprise design and remediation solutions based on gathered statistics. 9. Collects automated progress metrics for all technology projects. 10. Coordinates with law enforcement to maintain District security. 11. Responsible for analyzing and testing attack and penetration of Internet infrastructure and Web-based applications utilizing manual and automated tools. 12. Performs other duties as assigned within the scope of the qualifications. Minimum Qualifications Minimum: A Bachelor’s Degree in Computer Science, Information Security or related field. Experience: Three (3) years of (full-time equivalent) verifiable professional experience in an Information Security Operations and/or design role, which must have included Cyber Intelligence, Cyber Defense, Digital Surveillance, or related experience. Substitution: Additional professional experience as outlined above may be substituted for the education on a year-for-year basis. A college degree and information security related certification (s) and detailed hands-on network experience developing enterprise cyber security programs is highly preferred. Other Requirements: Professional Certification such as CISSP, CISM, GSEC, GIAC, CEH, CPT are strongly preferred. Knowledge of: Network security design. Transportation and Rail-specific security concerns. (SCADA, CBTC). Advanced Threat Protection and Sandboxing solutions. Detection/Prevention Systems: Anomaly-based, signature-based, and host-based. Cybersecurity Standards, Practices & Solutions. Related federal, state and local laws, codes and regulations. Information security tools such as Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect, Nikto or similar. Information Systems and Information Security which address organizational design, structure and administration practices, system development and maintenance procedures, system software and hardware controls, security and access controls, computer operations, environmental protection and detection, and backup and recovery procedures. Information system architecture and security controls, such as firewall and border router configurations, operating systems configurations, wireless architectures, databases, specialized appliances and information security policies and procedures. Modern 911 Dispatch Technology including PSAP 911, NG9-1-1, CLETS and related Relational Database Administration (DBA) in Oracle, SQL, or similar data systems. Technical knowledge of Unix, Linux and Windows operating systems. Technical knowledge of IDS/IPS, vulnerability assessment tools, remote access methodologies, log management tools, firewalls, cryptography and digital certificates. Surveillance, Access Control and related Alarm Systems. Methods and techniques of networking protocols and remote access. Cyber security issues and impact, and can readily identify potential threats. Unix shell prowess, scripting languages, regular expressions. Programming languages such as Java, C, C++, C#, and .NET. Industry Standards, eg, ISO 17799/27001, NIST Publications and other Industry Related Security Standards. Skill in: Performing manual techniques to exploit vulnerabilities in the OWASP top 10 including but not limited to cross-site Scripting, SQL injections, session hi-jacking and buffer overflows to obtain controlled access to target systems. Performing network traffic forensic analysis, utilizing packet capturing software, to isolate malicious network behavior, inappropriate network use or identification of insecure network protocols. TCP/IP Networking. Managing interfaces between disparate alarm systems. Monitoring Automatic Vehicle Location (AVL) equipment and statistics. Analyzing and testing attack and penetration of Internet infrastructure and Web-based applications utilizing manual and automated tools. Preparing clear and concise reports and documentation. Executing troubleshooting tasks. Application source code security review. Communicating clearly and concisely, both orally and in writing. Establishing and maintaining effective working relationships with those contacted in the course of work. Creating training materials. Training employees to maintain situational awareness. Coordinating with District management, local law, enforcement and federal laws enforcement. Selection Process Applications will be screened to assure that minimum qualifications are met. Those applicants who meet minimum qualifications will then be referred to the hiring department for the completion of further selection processes. The selection process for this position may include a skills/performance demonstration, a written examination, and a panel and/or individual interview. The successful candidate must have an employment history demonstrating reliability and dependability; provide copies of certificates, diplomas or other documents as required by law, including those establishing his/her right to work in the U. S; pass a pre-employment medical examination which may include a drug and alcohol screen, and which is specific to the essential job functions and requirements. Pre-employment processing will also include a background check. (Does not apply to current full-time District employees unless specific job requires additional evaluations). Application Process External applicants may only apply online, at www.bart.gov/jobs. Applicants needing assistance with the online application process may receive additional information by calling (510) 464-6112. Current employees are strongly encouraged to apply online, either at www.bart.gov/jobs, or on WebBART. All applicants are asked to complete the application in full, indicating dates of employment, all positions held, hours worked, and a full description of duties. Online applicants are invited to electronically attach a resume to the application form to provide supplemental information, but should not consider the resume a substitute for the application form itself. Applications must be complete by the closing date and time listed on the job announcement. When you have successfully applied for this position you will receive an auto reply e-mail acknowledging that your application was received for this position. Please retain a copy of the e-mail for your records. If you receive an auto reply that does not specifically reference this position, please email Employment Help at employment@bart.gov for assistance. To verify submission of your application, click on the 'My Career Tools' link at the top of the 'Careers Home Page' after submitting your application to view the list of applications you have submitted (including application date and status). If you have further questions, please email the Employment Help at employment@bart.gov , between the hours of 8:15am - 5:00pm, Monday- Friday. Equal Employment Opportunity The San Francisco Bay Area Rapid Transit District is an equal opportunity employer. Applicants shall not be discriminated against because of race, color, sex, sexual orientation, gender identity, gender expression, age (40 and above), religion, national origin (including language use restrictions), disability (mental and physical, including HIV and AIDS), ancestry, marital status, military status, veteran status, medical condition (cancer/genetic characteristics and information), or any protected category prohibited by local, state or federal laws. The BART Human Resources Department will make reasonable efforts in the examination process to accommodate persons with disabilities or for religious reasons. Please advise the Human Resources Department of any special needs in advance of the examination by emailing at least 5 days before your examination date at employment@bart.gov . Qualified veterans may be eligible to obtain additional veteran's credit in the selection process for this recruitment (effective Jan. 1, 2013). To obtain the credit, veterans must attach to the application a DD214 discharge document or proof of disability and complete/submit the Veteran's Preference Application no later than the closing date of the posting. For more information about this credit please go to the Veteran's Preference Policy and Application link at www.bart.gov/jobs. Other Information Please be prepared to present documentation in support of any required licenses, degrees, or certifications upon request. Working Conditions Environmental: Office environment; exposure to computer screens. Physical Conditions: May require maintaining physical condition necessary for sitting for prolonged periods of time.

The Cybersecurity Analyst reports to the Manager, Network Engineering, and is responsible for the oversight and implementation of the Districts rail network infrastructure and provides technical and engineering design support for complex cross-functional network and cybersecurity projects within the District. Manages and develops connectivity solutions utilizing the district’s fiber optic infrastructure; develops and implements standards and procedures for the District’s PTC, PCEP, and other rail network systems; develops security policy, compliance and design strategy for the security of the District’s enterprise network and systems; works to improve the security posture of district owned sites & facilities, as well as develop threat modeling, coordination of application security requirements, and strategic application security remediation using a wide variety of hardware and software tools. ESSENTIAL FUNCTIONS&DUTY   Lead the security compliance efforts and conduct periodic audits, regular penetration testing, and remediation in accordance with TSA, DHS, and CISA requirements. Take charge ensuring data security, mitigating cyber security risks, and safeguarding SMCTD's computer networks, Operations (Train) Network and related systems against security intrusions. Responsible for coordinating and managing SMCTD's cyber security activities, upgrade cyber security measures and controls and actively combat security intrusions. Plans, analyzes, and implements system security measures and controls related to SMCTD's computer networks and other technology systems. Aligns information security activities with business risk priorities through prioritization of security risk and mitigation activities. Research and resolve sensitive and confidential data security issues and provide leadership or technical assistance in projects involving protection of confidential data against unauthorized access. Provide hands-on support for a broad spectrum of technologies, including security software running on Windows and Linux systems, network devices, virtual machines, Cloud Infrastructure as well as software-as-service (SaaS) services. Collaborate with internal and external stakeholders in implementing and supporting technical projects, and for operational support of production platforms. Researches and evaluates new technologies and cybersecurity management tools; develop and deliver training materials such as online OT cybersecurity awareness training and provide accurate and prompt status reports as required EXAMPLES OF DUTIES Develops, implements, and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled, or/and processed by the organization. Identifies, evaluates, and reports on cybersecurity risk related to assets. Performs an inventory of information assets, maintains the asset repository; manages the data classification project. Ensures organizational compliance in accordance with agency information security policies, standards, and procedures; responsible for the exception process, authorizes and documents all exceptions, and maintains a repository of all exceptions. Manages systems and network security and remote access methodologies such as Firewalls, IDS/IPS, VPN, and MFA. Perform packet analysis using tools such as NMAP, Ethereal a Wireshark; review device logs, provide event correlation, and forensic analysis; conducts regular vulnerability scanning and recommends remediation steps Reviews annually and coordinates any changes to the Incident Response Plan and the overall IT Security Policies/Standards. Responsible for oversight compliance with PCI Compliance and regulations. (Includes conduct annual PCI compliance exercise, security patching process and validation). Acts as a Focal point for all information security related audit work (internal & external). Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations. Maintain relationships with local, state, and federal law enforcement and other related government agencies to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Provides support and consulting to the Executive Officer, IT while staying current on relevant security regulations, laws, and technologies. Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. Perform all job duties and responsibilities in a safe manner to protect oneself, fellow employees, and the public from injury or harm.  Promote safety awareness and follow safety procedures to reduce or eliminate accidents. Provide 24/7 on-call construction and maintenance support. Perform all job duties and responsibilities in a safe manner to protect one’s self, fellow employees and the public from injury or harm.  Promote safety awareness and follow safety procedures in an effort to reduce or eliminate accidents. Perform other duties as assigned.

POSITION OVERVIEW PN#27158 INFORMATION SECURITY OFFICER - ISO (EXE LEV) DESCRIPTION OF DUTIES / ESSENTIAL FUNCTIONS Under the general direction of the City of Houston (COH) Chief Information Security Officer (CISO), duties, functions and responsibilities of this position include: Expand and implement the existing Houston Airport System (HAS) information security risk management strategy and rolling 3-year IT Security Master Plan; ensure IT Security Plan alignment with the COH Cybersecurity Master Plan and controls address the confidentiality, integrity and availability of HAS systems, data and information Direct an ongoing, proactive risk assessment program for all new and existing HAS systems and remains familiar with HAS's goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk Oversee all ongoing activities related to the development, implementation and maintenance of HAS's information security policies and procedures by ensuring these policies and procedures encompass the overall security of Information Technology (IT) and Operational Technology (OT) systems Responsible for communicating risks and recommendations to mitigate risks to the COH CISO, COH CIO and HAS Director in cost/benefit terms so decisions can be made to ensure the security of information systems and information entrusted to HAS Ensure HAS vulnerabilities are managed and mitigated per COH Cyber Division policy Assist with the development of HAS specific, role-based information security awareness training programs, and works with COH Cyber Division, HAS divisions and programs to present to staff as appropriate Work with COH CISO to ensure proper protections, technical and physical controls are in place to protect HAS assets based on cyber industry standards (e.g., NIST 800-53) Work with COH CISO on a design and plan to allow COH Security Operations Center (SOC) visibility into HAS operations Assist with the development and implementation of an HAS business continuity/disaster recovery plan to offset the impact caused by intentional and unintentional acts Responsible for collecting, analyzing, and escalating security events; aligning with the COH Cyber Division on facilitating proper incident response Responsible for consuming threat intelligence received from the COH Cyber Division to mitigate identified threats to HAS IT and OT assets Evaluate security incidents and determines what response, if any, is needed and coordinates with COH CISO and COH Cyber Division on proper responses when critical systems, sensitive data or sensitive information are compromised Assist the COH CISO with HAS insider threat investigations Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by COH CISO, and obtaining certifications relevant to job duties Act as the primary liaison to COH IT Security Working Group and makes recommendations to the COH CISO; assists in the implementation of citywide changes to work methods and procedures to make security measures more effective Assist in the collection and correlation of data for regulatory or other cyber security related audits or RFI's (Request for Information) Provide Governance and support for Industrial Internet of Things (Edge, Cloud, etc.) Assist in the collection and correlation of data for regulatory or other cyber security related audits or RFI's (Request for Information) Provide Governance and support for Industrial Internet of Things (Edge, Cloud, etc.) WORKING CONDITIONS There are no major sources of discomfort, i.e., essentially normal office environment with acceptable lighting, temperature and air conditions. Significant time spent using computer display, keyboard, and mouse. **Must be able to pass a criminal background check, obtain and maintain federally mandated security clearances where required.** MINIMUM REQUIREMENTS EDUCATION B.A. or B.S. degree in Management and Information Systems (MIS), Computer Science, Engineering or a closely related field. EXPERIENCE At least 5 years of experience implementing IT Security plans and controls of a department or enterprise IT environment that includes three (3) years managing a technology team. Strong understanding of the department's core business functions and business strategy. PREFERENCES Preference will be given to applicants that possess: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) GIAC Security Essentials (GSEC) Project Management Professional (PMP) A strong understanding of both industry and federal government security standards and best practices, such as National Institute of Science and Technology (NIST), Control Objectives for Information and Related Technology (COBIT) for Information Security, and SANS Critical Controls Experience developing a cyber strategy to address the security of IT and OT environment including design, process, and controls with consideration of future regulatory compliance Subject matter expertise and coordinating, accumulating, writing/updating of appropriate technological processes and procedures to maintain a secure and operational environment Ability to interface, as required, with HAS workstation users, HAS server and desktop teams, HAS application support and HAS hardware/software vendors; coordinates projects with users for deadline requirements Ability to assist the COH CISO in research, design and implementation of cyber security solutions Knowledge and experience with Windows, Active Directory, group policy, DNS, encryption, patch management, anti-virus, system configuration management Knowledge and experience with LAN, WAN, VPN, routers, firewalls, servers, IDS/IPS, SIEM and DLP Solid expertise in formal/structured IT security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications Experience with a wide variety of operating systems: Windows Server, Windows 10, Windows 7, Linux etc. Knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis models Knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies Solid knowledge and understanding of networking and TCP/IP Well-developed interpersonal skills. Ability to get along with diverse personalities; tactful, mature and flexible Ability to establish creditability and be decisive but also to recognize and support the organization's preference and priorities Ability to maintain the highest standard of confidentiality is required with zero tolerance High energy level, comfortable performing multifaceted projects in conjunction with normal activities Results oriented with the ability to balance other business considerations Ability to speak and present information effectively to groups of varying sizes Proven experience working in a rapidly changing, high intensity environment Avid, proactive learner and ability to work well in a team-based environment Strong interpersonal and writing skills Superior attention to detail **Preference will also be given to eligible veteran applicants provided such persons possess the qualifications necessary for competent discharge of the duties involved in the position applied for, such persons are among the most qualified candidates for the position, and all other factors in accordance with Executive Order 1-6.** GENERAL INFORMATION SELECTION/SKILLS TESTS REQUIRED None However, the department may administer skills assessment test. SAFETY IMPACT POSITION No If yes, this position is subject to random drug testing and if a promotional position, candidate must pass an assignment drug test. SALARY INFORMATION Factors used in determining the salary offered include the candidate's qualifications as well as the pay rates of other employees in this classification. Pay Grade 34 APPLICATION PROCEDURES Only online applications will be accepted for this City of Houston job and must be received by the Human Resources Department during active posting period. Applications must be submitted online at: www.houstontx.gov . To view your detailed application status, please log-in to your online profile by visiting: http://agency.governmentjobs.com/houston/default.cfm or call (832) 393-6027. If you need special services or accommodations, call (832) 393-6027. (TTY 7-1-1) If you need login assistance or technical support call 855-524-5627. Due to the high volume of applications received, the Hiring Department will contact you directly, should you be selected to advance in our recruitment process. All new and rehires must pass a pre-employment drug test and are subject to a physical examination and verification of information provided. EEO Equal Employment Opportunity The City of Houston is committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, genetic information, veteran status, gender identity, or pregnancy. Closing Date/Time: