The California Department of General Services (DGS), the state’s business manager, is seeking a chief information security officer (IT manager I) to be responsible for the management and oversight of DGS’ information security program ensuring protection of DGS’ information assets and compliance with security and privacy regulations.
According to the job posting and duty statement, the chief information security officer (CISO), reporting to the chief information officer, has duties including:
- Performing periodic updates to enterprise IT security policies and internal procedures, maturing processes in order to optimize the use of security tools, and preparing for and facilitating control agency compliance audits and security assessments.
- Developing and maintaining the Information Security Risk Management Program, performing ongoing risk assessments, and preparing periodic reports for the DGS CIO, director, agency information officer, agency information security officer, and the California Department of Technology Office of Information Security.
- Administering, directing, guiding and reviewing the work of subordinate staff in order to meet program goals by establishing performance expectations, assigning workload, assessing the quality of work and providing direction.
The position has a monthly salary range of $8,591 to $11,512, and the application deadline is Nov. 3.
The California Energy Commission (CEC) is seeking an information security officer (IT specialist II) to be responsible for the commission’s information security framework, policies and training to ensure the security and integrity of mission-critical systems and data. The commission is the state’s primary energy policy and planning agency.
According to the job posting, the incumbent demonstrates a high level of organizational skills using “methodologies, processes and best practices based on the Federal Information Processing Standards (FIPS), National Institute of Standards and Technology (NIST), State Administrative Manual (SAM), the California Department of Technology (CDT), California Natural Resources Agency (CNRA) policies, and the CNRA Security Operations Center (SOC).”
Duties of the position include:
- Creating, developing, implementing and maintaining all information security policies and standards; monitoring and reporting the implementation of and compliance with state and agency policies and coordinating annual and quarterly reporting, including preparing confidential reports; and conducting ongoing risk assessments to identify potential vulnerabilities that could threaten the security, confidentiality and integrity of CEC information assets.
- Serving as the department’s coordinator with the CNRA Information Security Office and the CNRA Security Operation Center (SOC). The ISO collaborates with program managers, executive staff, and program management on information security activities, organizational issues, governance and strategic planning.
- Leading information security incidents, detection, prevention and reporting of security vulnerabilities and attacks. Tracking and leading all IT remediation efforts. Configuring, maintaining and reporting security monitoring tools, results and statistics.
- Coordinating information systems assessments and audits with state and federal agencies, including the California Department of Technology, the California Military Department and other government and private organizations.
Additional details about the role are available in the duty statement. The position has a monthly salary range of $7,893 to $10,894, and the application deadline is Nov. 9.
The California Victim Compensation Board (CalVCB) is seeking an information security officer (IT manager I) to develop, manage and oversee CalVCB’s information security program ensuring protection of mission-critical systems and data.
CalVCB is a state program that provides financial assistance to victims of crime and helps them restore their lives.
According to the job posting and duty statement, “The ISO also operates as a high-level technical specialist responsible for CalVCB’s information security framework, architecture, security operations, and training.” The ISO “will also ensure that CalVCB’s Information Security and Privacy Policies are in alignment with the California Information Practices Act, as well as federal privacy laws and regulations, State Administrative Manual (SAM) Section 5300 and the Statewide Information Management Manual and the Information Security Program Management Standard (SIMM 5305-A). The ISO also oversees IT budgeting, purchasing and asset management activities.
Desirable qualifications for the role include:
- A Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
- Technical competence with configuring, operating and maintaining information security tools.
- Deep knowledge of NIST and FIPS security standards and practices and their practical application.
- Experience with IT leadership, management and workforce planning; and IT budgeting, cost-tracking, purchasing and asset management.
- Experience with backup, recovery and disaster preparedness.
The position has a monthly salary range of $8,591 to $11,512, and the application deadline is Oct. 27.