CLOSING DATE/TIME:  OPEN UNTIL FILLED

Under general direction, serves in a technical expert capacity for the District's cybersecurity and risk assessment program; leads the District's cybersecurity team; assumes responsibility for the development and management of security policies for District infrastructure, communications, and software systems and devices; monitors systems, tests for vulnerability and takes proactive or reactive actions to protect the District's assets; and performs related duties as assigned.

This is a CONFIDENTIAL professional program-management classification responsible for planning and directing the design, development, implementation and management of a comprehensive cybersecurity program for the District's technology operations. Incumbents are responsible for performing diverse, specialized and complex work involving significant accountability and decision-making by exercising primary responsibility for cybersecurity related operations. Incumbents serve as a professional level resource for organizational, managerial, and operational analyses and studies, employee will normally require access to highly sensitive and confidential information. Performance of the work requires the use of considerable independence, initiative, and discretion within broad guidelines.

Required Skills

Use modern, state-of-the-art methods to design and implement critical systems proactive and reactive security measures and protocols. Plan, organize and execute cybersecurity related initiatives in order of priority and criticality. Monitor security measure effectiveness and recommend changes to optimize system resistance to security threats and breaches. Analyze and define user requirements and recommend efficient, secure and cost-effective architectures. Prepare concise technical guides, system documentation and specifications for technical staff. Audit department operations to identify technology system risks and prepare reports identifying solution measures. Ensure solutions and actions taken support the District’s cybersecurity goals and objectives. Stay current with best management practices for cybersecurity programs, diagnostic tools, and mitigation measures.Conduct comprehensive research on a diverse range of cybersecurity topics. Effectively lead the work of project teams to accomplish technology program goals and objectives. Conduct analysis and feasibility studies; analyze complex problems, evaluate alternatives, and make sound recommendations. Demonstrate several key security practices in access control, application security, network security, security architecture, and security strategy. Apply critical thinking techniques for a broad range of situations. Prepare clear, concise, and accurate reports and technical documentation. Independently organize work, set priorities, meet critical deadlines, and follow-up on assignments. Use tact, initiative, prudence, and independent judgment within general policy, procedural, and legal guidelines. Effectively use computer systems, software applications relevant to work performed, and modern business equipment to perform a variety of work tasks. Communicate clearly and concisely, both orally and in writing, using appropriate English grammar and syntax. Establish, maintain, and foster positive and effective working relationships with those contacted in the course of work.

Required Experience

Education: Equivalent to a bachelor’s degree from an accredited college or university with major coursework in information technology, computer science, cybersecurity, or a closely related field.

Experience:  Five (5) years of progressively responsible professional experience in cybersecurity program design, development and management;  two (2) years of professional experience in mobile device management and desktop/client deployments; designing, implementing, securing, and managing medium to large Windows Active Directory 2012+ domains utilizing Group Policy and Windows Software/Server Update Services (WSUS).

Licenses/Certifications: THE MOST COMPETITIVE APPLICANTS WILL HOLD ONE OR MORE OF THE FOLLOWING CERTIFICATIONS:  (ISC)2: Certified Information Systems Security Professional(CISSP), Systems Security Certified Practitioner(SSCP), Certified Cloud Security Professional(CCSP) GIAC: Defensible Security Architecture (GDSA)/Certified Detection Analyst (GCDA)/Critical Controls Certification (GCCC), Global Industrial Cyber Security Professional(GICSP)/GIAC Response and Industrial Response (GRID)/Critical Infrastructure Protection (GCIP), Forensic Analyst (GCFA)/ Network Forensic Analyst (GNFA)/Cyber Threat Intelligence (GCTI) ISACA: Certified Information Systems Auditor(CISA) Cisco: Certified Network Professional (CCNP) Routing & Switching or Security, Certified Internetwork Expert (CCIE) Security Fortinet: Network Security Expert (NSE) 4 Microsoft: MCSA: Windows Server 2012/2016, MCSE: Core Infrastructure

Required: A valid California driver’s license and the ability to maintain insurability under the District’s Vehicle Insurance Policy.

NOTE: District policy allows department management to use all or a portion of the selection process identified within this job flyer, but may not add additional steps after the flyer has been posted. Only the most competitive applicants may advance to an oral interview. Employees who are not meeting the expectations in their current position will not be advanced in the selection process. 

Use modern, state-of-the-art methods to design and implement critical systems proactive and reactive security measures and protocols. Plan, organize and execute cybersecurity related initiatives in order of priority and criticality. Monitor security measure effectiveness and recommend changes to optimize system resistance to security threats and breaches. Analyze and define user requirements and recommend efficient, secure and cost-effective architectures. Prepare concise technical guides, system documentation and specifications for technical staff. Audit department operations to identify technology system risks and prepare reports identifying solution measures. Ensure solutions and actions taken support the District’s cybersecurity goals and objectives. Stay current with best management practices for cybersecurity programs, diagnostic tools, and mitigation measures.Conduct comprehensive research on a diverse range of cybersecurity topics. Effectively lead the work of project teams to accomplish technology program goals and objectives. Conduct analysis and feasibility studies; analyze complex problems, evaluate alternatives, and make sound recommendations. Demonstrate several key security practices in access control, application security, network security, security architecture, and security strategy. Apply critical thinking techniques for a broad range of situations. Prepare clear, concise, and accurate reports and technical documentation. Independently organize work, set priorities, meet critical deadlines, and follow-up on assignments. Use tact, initiative, prudence, and independent judgment within general policy, procedural, and legal guidelines. Effectively use computer systems, software applications relevant to work performed, and modern business equipment to perform a variety of work tasks. Communicate clearly and concisely, both orally and in writing, using appropriate English grammar and syntax. Establish, maintain, and foster positive and effective working relationships with those contacted in the course of work.