City Information Security Officer, Information Technology Department
The City of San Jos Information Technology Department seeks to hire an interim City Information Security Officer (CISO) to create the Cybersecurity Office for one of the largest communities in the nation. The person selected will execute a workplan, coach staff, begin implementing necessary processes, and help finalize policies, purchasing, and contracting practices. The engagement will conclude with the successful hiring of and transition of the Office to a full-time CISO. The Interim CISO will work directly with the City's CIO to execute this work plan.
Key Responsibilities include:
Coordinate with multiple stakeholders within the City and vendors outside of the City to ensure that the City's security policy and procedures are comprehensive, taking into account the most current security demands and risks.
Coordinate with multiple City departments to mitigate and resolve security needs for coming audits.
Provide leadership and processes development necessary for IT staff and City departments to maintain Payment Card Industry (PCI-DSS) compliance.
Educate City personnel about applicable security regulations, practices, and laws. Work with key' staff in all departments to ensure that the City complies with statutory and regulatory requirements regarding security, information access, and privacy.
Advise on Citywide security standards for contracts and project engagements.
Manage the design, development, implementation, operation, and maintenance of Citywide information security programs.
Build a comprehensive security strategy and program to obtain a secure infrastructure built on policies and procedures that are compliant with applicable Federal, State, and local laws, ordinances, and guidelines.
Complete Security RFPs for a Readiness Assessment of City Technology Environment.
Coordinate with City and ITD staff to document the overall City technology environment in preparation for the security assessment RFP that will be issued in-FY 17-18.
Provide leadership in all aspects of information security, including information security governance, privacy risk management, asset management, modern access controls, advanced security tools, security awareness and training, etc.
This position is a temporary, un-benefitted management position, with a current end date of 10/20/2017. This end date may be extended contingent upon Budget approval. The City Information Security Officer will report directly to the City's Chief Information Officer, in the Information Technology Department.
Competencies
The ideal candidate will possess the following competencies, as demonstrated in past and current employment history. Desirable competencies for this position include:
Job Expertise - Demonstrates knowledge of and experience with applicable professional/technical principles and practices, Citywide and departmental procedures/policies and federal and state rules and regulations.
Leadership - Leads by example; demonstrates high ethical standards; remains visible and approachable and interacts with others on a regular basis; promotes a cooperative work environment, allowing others to learn from mistakes; provides motivational supports and direction.
Management - Evaluates priorities to ensure essential needs are handled satisfactorily. Demonstrates diplomacy and tact in guiding difficult initiatives through to completion. Sets clear goals for the work unit and develops employees.
Project Management - Ensures support for projects and implements agency goals and strategic objectives.
Problem Solving - Approaches a situation or problem by defining the problem or issue; determines the significance of problem; collects information; uses logic and intuition to arrive at decisions or solutions to problems that achieve the desired outcome.
Planning - Acts to align own unit's goals with the strategic direction of the organization; defines tasks and milestones to achieve objectives, while ensuring the optimal use of resources to meet those objectives.
Teamwork & Interpersonal Skills - Develops effective relationships with co-workers and supervisors by helping others accomplish tasks and using collaboration and conflict resolution skills.
Communication Skills - Effectively conveys information and expresses thoughts and facts clearly, orally and in writing; demonstrates effective use of listening skills; displays openness to other people's ideas and thoughts.
Fiscal Management - Understands the relationship of the budget and resources to the strategic plan; complies with administrative controls over funds, contracts, and procurements
Minimum Qualifications
1) Education: A bachelor's degree in Computer Science or a related discipline
2)
Experience: Six (6) years of increasingly responsible experience in the information and systems security fields, including managing critical system implementations within a complex organization, and significant experience managing supporting policies, contracting, and vendor relationships.
3) Employment Eligibility: Federal law requires all employees to provide verification of their eligibility to work in this country. Please be informed that the City of San Jose will NOT sponsor, represent or sign any documents related to visa applications/transfers for H1-B or any other type of visa which requires an employer application.
Certification in audit and/or risk management such as Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and/or Certified Information Systems Security Professional (CISSP) is highly desirable.
Selection Process
The selection process will consist of an evaluation of the applicant's training and experience based on the application and responses to the Job Specific Questions. Only the candidates whose backgrounds best match the position will be invited to proceed in the selection process. Additional phases of the selection process will consist of one or more interviews, one of which may include a practical/writing exercise.
This recruitment may be used to fill multiple positions in this, or other divisions or departments. If you are interested in employment in this classification, you should apply to ensure you are considered for additional opportunities that may utilize the applicants from this recruitment.
You will be prompted to answer the following job-specific questions during the online application process. Please note that there is a 4,000-character limit, including spaces, for each text response.
1) Do you have a bachelor's degree in Computer Science or a related field? (Yes/No)
2) Do you have Six (6) years of increasingly responsible experience in the information and systems security fields, including managing critical system implementations within a complex organization, and significant experience managing supporting policies, contracting, and vendor relationships. (Yes/No)
3) Do you possess any cybersecurity, information security, and/or risk management certifications? If yes, please attach a scanned copy of the certification(s) you possess in the File Attachments part of the application process. (Yes/No)
4) Please describe your top two (2) cybersecurity initiatives that you have completed. How did you implement and operationalize a proactive cybersecurity program. Please provide details including each project's business purpose, scope of system, size of project team, length of project, outcomes, and at least two reference contacts who can speak about the work delivered.
You must answer all job-specific questions in order to be considered for this vacancy or your application will be deemed incomplete and withheld from further consideration.
If you have questions about the duties of these positions, the selection or hiring processes, please contact Devika Tandan at devika.tandan@sanjoseca.gov or (408) 793 - 6911.
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
Key Responsibilities include:
Coordinate with multiple stakeholders within the City and vendors outside of the City to ensure that the City's security policy and procedures are comprehensive, taking into account the most current security demands and risks.
Coordinate with multiple City departments to mitigate and resolve security needs for coming audits.
Provide leadership and processes development necessary for IT staff and City departments to maintain Payment Card Industry (PCI-DSS) compliance.
Educate City personnel about applicable security regulations, practices, and laws. Work with key' staff in all departments to ensure that the City complies with statutory and regulatory requirements regarding security, information access, and privacy.
Advise on Citywide security standards for contracts and project engagements.
Manage the design, development, implementation, operation, and maintenance of Citywide information security programs.
Build a comprehensive security strategy and program to obtain a secure infrastructure built on policies and procedures that are compliant with applicable Federal, State, and local laws, ordinances, and guidelines.
Complete Security RFPs for a Readiness Assessment of City Technology Environment.
Coordinate with City and ITD staff to document the overall City technology environment in preparation for the security assessment RFP that will be issued in-FY 17-18.
Provide leadership in all aspects of information security, including information security governance, privacy risk management, asset management, modern access controls, advanced security tools, security awareness and training, etc.
This position is a temporary, un-benefitted management position, with a current end date of 10/20/2017. This end date may be extended contingent upon Budget approval. The City Information Security Officer will report directly to the City's Chief Information Officer, in the Information Technology Department.
Competencies
The ideal candidate will possess the following competencies, as demonstrated in past and current employment history. Desirable competencies for this position include:
Job Expertise - Demonstrates knowledge of and experience with applicable professional/technical principles and practices, Citywide and departmental procedures/policies and federal and state rules and regulations.
Leadership - Leads by example; demonstrates high ethical standards; remains visible and approachable and interacts with others on a regular basis; promotes a cooperative work environment, allowing others to learn from mistakes; provides motivational supports and direction.
Management - Evaluates priorities to ensure essential needs are handled satisfactorily. Demonstrates diplomacy and tact in guiding difficult initiatives through to completion. Sets clear goals for the work unit and develops employees.
Project Management - Ensures support for projects and implements agency goals and strategic objectives.
Problem Solving - Approaches a situation or problem by defining the problem or issue; determines the significance of problem; collects information; uses logic and intuition to arrive at decisions or solutions to problems that achieve the desired outcome.
Planning - Acts to align own unit's goals with the strategic direction of the organization; defines tasks and milestones to achieve objectives, while ensuring the optimal use of resources to meet those objectives.
Teamwork & Interpersonal Skills - Develops effective relationships with co-workers and supervisors by helping others accomplish tasks and using collaboration and conflict resolution skills.
Communication Skills - Effectively conveys information and expresses thoughts and facts clearly, orally and in writing; demonstrates effective use of listening skills; displays openness to other people's ideas and thoughts.
Fiscal Management - Understands the relationship of the budget and resources to the strategic plan; complies with administrative controls over funds, contracts, and procurements
Minimum Qualifications
1) Education: A bachelor's degree in Computer Science or a related discipline
2)
Experience: Six (6) years of increasingly responsible experience in the information and systems security fields, including managing critical system implementations within a complex organization, and significant experience managing supporting policies, contracting, and vendor relationships.
3) Employment Eligibility: Federal law requires all employees to provide verification of their eligibility to work in this country. Please be informed that the City of San Jose will NOT sponsor, represent or sign any documents related to visa applications/transfers for H1-B or any other type of visa which requires an employer application.
Certification in audit and/or risk management such as Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and/or Certified Information Systems Security Professional (CISSP) is highly desirable.
Selection Process
The selection process will consist of an evaluation of the applicant's training and experience based on the application and responses to the Job Specific Questions. Only the candidates whose backgrounds best match the position will be invited to proceed in the selection process. Additional phases of the selection process will consist of one or more interviews, one of which may include a practical/writing exercise.
This recruitment may be used to fill multiple positions in this, or other divisions or departments. If you are interested in employment in this classification, you should apply to ensure you are considered for additional opportunities that may utilize the applicants from this recruitment.
You will be prompted to answer the following job-specific questions during the online application process. Please note that there is a 4,000-character limit, including spaces, for each text response.
1) Do you have a bachelor's degree in Computer Science or a related field? (Yes/No)
2) Do you have Six (6) years of increasingly responsible experience in the information and systems security fields, including managing critical system implementations within a complex organization, and significant experience managing supporting policies, contracting, and vendor relationships. (Yes/No)
3) Do you possess any cybersecurity, information security, and/or risk management certifications? If yes, please attach a scanned copy of the certification(s) you possess in the File Attachments part of the application process. (Yes/No)
4) Please describe your top two (2) cybersecurity initiatives that you have completed. How did you implement and operationalize a proactive cybersecurity program. Please provide details including each project's business purpose, scope of system, size of project team, length of project, outcomes, and at least two reference contacts who can speak about the work delivered.
You must answer all job-specific questions in order to be considered for this vacancy or your application will be deemed incomplete and withheld from further consideration.
If you have questions about the duties of these positions, the selection or hiring processes, please contact Devika Tandan at devika.tandan@sanjoseca.gov or (408) 793 - 6911.
. Apply now!Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
