Become a part of the Team!
Management reserves the right to add, modify, change, or rescind the work assignments of different positions and to make reasonable accommodations so that qualified employees can perform the essential functions of the job.
Strategy & Planning
- Leads Cybersecurity division operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
- Participates as a member of the Information Technology management team in governance processes of the organization's security strategies.
- Leads strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
- Creates, and maintains the enterprise's security awareness training program in collaboration with peers and Director
- Creates and maintains the enterprise's security documents (policies, standards, baselines, guidelines, and procedures).
- Coordinates with Emergency Operations to create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
- Participates in IT strategy and planning for the Department.
- Works with other divisions of the IT Department to define and communicate City plans, procedures, policies, and standards for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
- Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Collaborates with all IT divisions to select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
- Oversees the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
- Acts as an advocate and primary liaison for the City's security vision via regular written and in-person communications with the Director, department and division heads, and end users.
- Ensures the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories.
- Ensures compliance with NIST Special Publication 800-53 (current version), Payment Card Industry (PCI) DSS, HIPAA, and other security standards as may apply to the City.
- Ensures the enforcement of enterprise security documents.
- Supervises all investigations into problematic activity and provide on-going communication with the Director.
- Supervises the design and execution of vulnerability assessments, penetration tests and security audits in accordance with applicable standards, City and Department policy and in accordance with City procurement policies.
- Oversees and ensures regular security awareness training for all employees to attain consistently high levels of compliance with enterprise security documents.
- Engages in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
- Effective supervisory practices and techniques, including hiring, training, evaluating performance, and employee discipline.
- Municipal security development principles.
- Cybersecurity frame works and mitigation strategies.
- Processes related to information back-up, and security monitoring.
- Techniques related to strategic planning, resource allocation, financial management, and the coordination of people and resources.
- Policy and procedural development and goal setting techniques.
- Project and time management principles and practices.
- Pertinent Federal, State and local laws, rules, and regulations.
- Functional and political sensitivities of public service; problem solving, consensus building, and negotiation techniques.
- Supervisory principles and practices.
- Effective techniques and methods to promote mentoring, leadership, teamwork, and empowerment.
- Effective written and verbal communication principles.
- Prioritize and execute tasks in a high-pressure environment.
- Operate, manage, and maintain the City's technological security resources including computer, information, business, and telecommunication systems.
- Analyze, diagnose, and resolve system security problems and concerns.
- Assists in the development of comprehensive strategic plans for present and future security needs.
- Analyze technical and administrative obstacles, identify solutions, build consensus, project outcomes, and take or recommend appropriate actions.
- Establish, implement, and enforce division and citywide policies and procedures.
- Continuously improve security methods, operations, and service delivery of the division.
- Read and interpret technical documents.
- Communicate clearly and effectively both verbally and in writing; prepare and present complex technical and administrative reports.
- Exercise sound judgment, tact, creativity, resourcefulness, and leadership with the public, City officials, businesses, and other City departments; maintain and exhibit discretion, honesty, and integrity when handling sensitive situations.
- Work under pressure and meet deadlines.
- Encourage and demonstrate an enthusiastic, resourceful, cooperative and effective service attitude with co-workers, staff, and the public.
- Establish and maintain effective relationships with those contacted in the course of work.
- Equivalent to an accredited four-year college or university degree with major coursework in computer science, business information systems, or a related field.
- Four (4) years increasingly responsible large-scale technical project management experience.
- One (1) year of administrative and/or lead supervisory experience.
- Applicable professional qualification, such as vendor specific certifications like Microsoft and Cisco, and/or vender neutral certifications in project management, six sigma, ITIL and cybersecurity.
- Highly desired cybersecurity certifications such as, but not limited to, (ISC)2 CISSP, ISACA CISM, CISA, CRISC, CompTIA Security+, GIAC Security Leadership Certification are highly desirable.
- Possession of, or ability to obtain, a valid California Driver's License by time of appointment.