County of Alameda

Chief Information Security Officer (#1848)

Bargaining Unit: Unrep - General Mgmt (U15)
$84.82-$113.25 Hourly / $6,785.60-$9,060.00 BiWeekly /
$14,702.13-$19,630.00 Monthly / $176,425.60-$235,560.00 Yearly

DESCRIPTION
Under the general direction of the Chief Information Officer or designee plans, develops, organizes, and directs Alameda County's enterprise information security program, that includes security awareness, risk assessment, business impact analysis, disaster recovery, incident response, and business operations, and performs other duties as required.

DISTINGUISHING FEATURES

This is a single-position classification located in the Information Technology Department and reports to the Chief Information Officer (CIO), Chief Technology Officer (CTO), or Assistant Chief Information Officer (Assistant CIO).  The incumbent is responsible for building and maintaining a comprehensive security strategy program built on policies and procedures that are compliant with applicable Federal, State, and local laws, ordinances, and guidelines, and supervises assigned staff. The Chief Information Security Officer (CISO) is distinguished from the CIO in that the latter is responsible for the oversight of the Information Technology Department and IT Programs for the County, whereas the former is responsible for County’s Information Security Program.

EXAMPLES OF DUTIES
NOTE: The following are the duties performed by employees in this classification. However, employees may perform other related duties at an equivalent level. Each employee in the classification does not necessarily perform all duties listed.

  1. Directs and oversees staff responsible for the daily monitoring and assessment of the County’s Information Security Program; recruits, selects, trains, evaluates, and disciplines staff, either directly or indirectly through subordinate personnel.
  2. Provides countywide strategic and operational information security and technology leadership, and continuously improves enterprise Information Security and Privacy technology.
  3. Oversees vulnerability assessments and penetration testing, including performing incident response and security analysis and forensic investigation.
  4. Assists with internal and external audits requiring input from Cyber Security.
  5. Provides leadership in all aspects of information security, including engagement in initiatives and programs.
  6.  Establishes and maintains an enterprise-wide vision, strategy, architecture, and program for ensuring that information assets are appropriately protected.
  7. Ensures that Alameda County complies with all applicable federal, state and local laws, directives, policies and customer requirements regarding the securing of information.
  8. Ensures implementation of the information security plans and manages the operational processes for monitoring and maintaining information security.
  9. Maintains complete awareness of current and developing information security regulations, technology, and threats. 
  10. Translates information into a comprehensive set of policies, procedures, and security plans to maintain appropriate security for the various types and information assets.
  11. Monitors and assesses the overall compliance of the organization with information security regulations, policies, programs, and procedures.
  12. Conducts third-party independent audits of information security; Ensures resulting actions, gaps, and weaknesses are appropriately assigned and completed in a timely manner to maintain information security.
  13. Keeps abreast of developing risks and has responsibility for continually responding to those risks.
  14. Manages the County's response to incidents and ensures they are appropriately addressed, documented, and reported.
  15. Completes and delivers regular information security reports and assessments as required by regulatory agencies, the Board of Supervisors, and County Administrator.
  16. Prepares regular reports on information security status to IT and Executive Management.
  17. May assume disaster service worker responsibilities as required.


MINIMUM QUALIFICATIONS

EITHER I
Experience

The equivalent of two (2) years of full-time experience as an Infrastructure Services Manager or Technical Services Director in the Alameda County classified service.

OR II
Experience:

The equivalent of five (5) years of full-time experience in the information security technology field, which includes direct responsibility for managing information technology security of multiple platforms, operating systems, software, and network protocols in a large, information technology organization, including two (2) years in a supervisory role.

Substitution:

Possession of a bachelor’s degree in computer science or related field from an accredited college or university may be substituted for one (1) year of the required experience.

NOTE: The Civil Service Commission may modify the above Minimum Qualifications in the announcement of an examination.


KNOWLEDGE AND SKILLS
NOTE: The level and scope of the following knowledge and abilities are related to duties listed under the “Examples of Duties” section of this specification.

Knowledge of:

  • Principles, methods, tools, and standard practices of Information Security.
  • Principles, frameworks and methods used in the analysis and development of information security systems and procedures.
  • Modern information technology, systems and software, including records, storage and handling techniques.
  • Risk/threat assessment processes and practices.
  • Principles of disaster recovery and business continuity planning.
  • Principles of effective multifactor identification and identity management.
  • Project management skills; scheduling and resource management.
  • A deep technical capability, a commitment to continuous learning, and networking with information security experts.
  • Knowledge of security and control frameworks, such as NIST (National Institute of Standards and Technology), CIS and ISO/IEC 27001, is essential for ensuring robust information security management and compliance.
Ability to:

  • Provide direct supervision and direction to staff.
  • Develop information security services related to policy and strategy.
  • High degree of initiative and dependability.
  • Simultaneous manage multiple and significant information security-related initiatives and responses.
  • Exercise political astuteness to establish and maintain effective partnerships through collaboration and teamwork.
  • Assure effective use of information technology in support of the County's business needs.
  • Facilitate and model excellent written and oral communication skills.
  • Ability to address security needs with flexible, user-friendly solutions.
  • Prepare and present effective, clear, and concise reports and correspondence.
  • Coordinate objectives with the general goals of the total organization and its various operations.
  • Ensure quality management techniques are used to provide information security services that meet customer needs.


CLASS SPEC HISTORY
Newdocx.1848
SK:saa 07/26/2024
CSC Date:08/07/2024

BENEFITS

Alameda County offers a comprehensive and competitive benefits package that affords wide-ranging health care options to meet the different needs of a diverse workforce and their families. We also sponsor many different employee discount, fitness and health screening programs focused on overall well being.  These benefits include but are not limited to*:

For your Health & Well-Being

  • Medical – HMO & PPO Plans
  • Dental – HMO & PPO Plans
  • Vision or Vision Reimbursement
  • Share the Savings
  • Basic Life Insurance 
  • Supplemental Life Insurance (with optional dependent coverage for eligible employees)
  • Accidental Death and Dismemberment Insurance 
  • County Allowance Credit
  • Flexible Spending Accounts - Health FSA, Dependent Care and Adoption Assistance
  • Short-Term Disability Insurance
  • Long-Term Disability Insurance
  • Voluntary Benefits - Accident Insurance, Critical Illness, Hospital Indemnity and Legal Services
  • Employee Assistance Program

For your Financial Future

  • Retirement Plan - (Defined Benefit Pension Plan)
  • Deferred Compensation Plan (457 Plan or Roth Plan)

For your Work/Life Balance

  • 12 paid holidays
  • Floating Holidays
  • Vacation and sick leave accrual
  • Vacation purchase program
  • Management Paid Leave**
  • Catastrophic Sick Leave
  • Pet Insurance
  • Commuter Benefits Program
  • Guaranteed Ride Home
  • Employee Wellness Program (e.g. At Work Fitness, Incentive Based Programs, Gym Membership Discounts)
  • Employee Discount Program (e.g. theme parks, cell phone, etc.)
  • Child Care Resources
  • 1st United Services Credit Union 

*Eligibility is determined by Alameda County and offerings may vary by collective bargaining agreement.  This provides a brief summary of the benefits offered and can be subject to change.

** Non-exempt management employees are entitled to up to three days of management paid leave. Exempt management employees are entitled to up to seven days of management paid leave.




E-mail | Phone: (510) 272-6471 | 8am - 5pm M-F | Powered by JobAps