9976 Principal Information Security Engineer
|Department||Municipal Transportation Agency|
|Date Opened||7/21/2017 09:00:00 AM|
|Filing Deadline||3/22/2018 5:00:00 PM|
|Salary||$124,228.00 - $156,260.00/year|
|Job Type||Permanent Exempt|
The following information describes the civil service classification for which applications are being solicited. Make sure you read the entire announcement before completing the application form.
The purpose of this announcement is to fill a vacant position in this classification.
Amended to extend the filing deadline to Continuous.
Division: Finance and Information Technology
Section/Unit: Information Technology
Work Location: 1 South Van Ness, 3rd Floor, San Francisco, CA
Appointment Type: Permanent Exempt appointment – This position is excluded by the Charter from the competitive Civil Service examination process and shall serve at the discretion of the Appointing Officer.
Technology is at the core of SFMTA’s mission and future. It is an exciting time to work at the SFMTA as we develop new tools, rethink systems, and modernize transportation. This is an opportunity to work with stakeholders and business units across the SFMTA. Through these channels, the Technology Services Unit is helping to bring modern transportation services and infrastructure to our customers. Your work will impact the lives of all San Francisco residents and many more visitors and commuters that use our transportation services and infrastructure.
Under general direction, the Principal Information Security Engineer will be the hands-on engineer who will conduct day-to-day monitoring of complex security systems, coordinate security projects, and advise on issues related to governance, security compliance and standards. The incumbent will report to the Technology Operations Director on security systems status and related assignments. The Principal Information Security Engineer will be assigned to perform and review complex work involving analysis, planning, designing, implementing, maintaining, troubleshooting, and enhancing complex large security systems to defend network data and components that may include Technology Services Unit network routers, switches, servers, operating systems, software applications, storage devices, and physical/logical elements that integrate these systems together as an enterprise networking backbone.
Examples of Important and Essential Duties:
• Architects, designs, implements, maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation, use, and expected outputs of these systems.
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems; provides oversight to ensure compliance.
• Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
• Oversees the development and administration of information security training and awareness programs.
• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets; provides oversight to ensure compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to the Technology Services Unit or executive management.
• Oversees the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement.
• Oversees the administration of authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; oversees risk and compliance self-assessments; and engages and coordinates third-party risk and compliance assessments.
• Performs related duties as required.
1. An associate degree in computer science or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in computer science or a closely-related field]; AND
2. Five (5) years of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of an enterprise network.
Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in computer science or a closely related field.
• Ability to perform information technology security risk assessments, including written, detailed, comprehensive and complex analyses across all network, system and application security levels on an enterprise-wide level.
• Hands-on experience in configuration of Firewalls and VPNs, preferably some experience with Palo Alto and Cisco.
• Familiarity with best practice skills for securing Windows Servers, Active Directory and Unix operating systems.
• Hands-on experience using a vulnerability management platform, like Qualys.
• Professional certification in the field of security. Expertise demonstrated may include CISSP and CISA security certifications. [CISSP = Certified Information Security Systems Profession, CISA = Certified Information Systems Auditor].
• Effective written and oral communication skills.
HOW TO APPLY:
San Francisco Municipal Transportation Agency employment applications for this position will be accepted through an on-line process only. A resume and cover letter must be attached to the online application. Mailed, hand delivered or faxed applications will not be accepted. Visit www.jobaps.com/sf to begin the application process.
• Click and select 9976 Principal Information Security Analyst (PEX-9976-078994)
• Click on “Apply” and read and acknowledge the information
• Click on “I am a New User” if you have not previously registered, or on “I have REGISTERED PREVIOUSLY”
• Follow instructions given on the screen.
To submit resume using the online application:
• Select the “Resume” tab in the online application
• Follow instructions given on screen
To submit cover letter using the online application:
• Select the “Other” tab in the online application
• Choose “Upload” as your method of submittal
• Click on “Upload Attachment”
• Follow instructions given on screen
If you are having trouble attaching your resume or cover letter to the online application, you may submit by fax to (415) 581-5120, ATTN: 9976 Principal Information Security Analyst (PEX-9976-078994). A resume will not be accepted in lieu of completing the online application.
Computer kiosks are available for the public from 8:00 a.m. to 5:00 p.m. Monday through Friday to file online applications in the lobby of the Department of Human Resources, 1 South Van Ness Avenue, 4th Floor, San Francisco and in the lobby of SFMTA Human Resources office, 1 South Van Ness Avenue, 6th Floor, San Francisco.
Applicants may be contacted by email about this announcement and, therefore, it is their responsibility to ensure that their registered email address is accurate and kept up-to-date. Also, applicants must ensure that email from CCSF is not blocked on their computer by a spam filter. To prevent blocking, applicants should set up their email to accept CCSF mail from the following addresses: (@sfgov.org, @sfmta.com).
Upon successful submittal of the application online, the applicant will receive a notification on the screen, as well as in the applicant’s e-mail inbox, acknowledging the receipt of the application. If you are having difficulty submitting your application online, please contact us at (415) 581-5133 between 8:30 a.m. – 12:00 p.m. and 1:00 p.m. - 4:30 p.m. Monday through Friday.
If you have any questions regarding this recruitment or application process, please contact the analyst, Stephen Li, by telephone at (415) 581-5133 or by email at Stephen.Li2@sfmta.com.
Applicants may be required to submit verification of qualifying education or experience at any point in the application and/or departmental selection process. Written verification (proof) of qualifying experience must verify that the applicant meets the minimum qualifications stated on the announcement. Written verification must be submitted on employer’s official letterhead, specifying name of employee, dates of employment, types of employment (part-time/full-time), job title(s), description of duties performed, and the verification must be signed by the employer. City employees will receive credit for the duties of the class to which they are appointed. Credit for experience obtained outside of the employee’s class will be allowed only if recorded in accordance with the provisions of the Civil Service Commission Rules. Experience claimed in self-employment must be supported by documents verifying income, earnings, business license and experience comparable to the minimum qualifications of the position. Copies of income tax papers or other documents listing occupations and total earnings must be submitted. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at http://sfdhr.org/index.aspx?page=456.
Note: Falsifying one’s education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco.
Applications will be screened for relevant qualifying experience. Additional screening mechanisms may be implemented in order to determine candidates’ qualifications. Only those applicants who most closely meet the needs of the Agency will be invited to participate in the selection process. Applicants meeting the minimum qualifications are not guaranteed advancement to the interview.
Qualified applicants with disabilities requiring reasonable accommodation in the selection process must contact the Agency by phone at (415) 581-5133 or, if hearing impaired at (415) 701-5043 (TTY) or in writing to the SFMTA Human Resources Operations Section, 1 South Van Ness Avenue, 6th Floor, San Francisco, CA 94103 (specify Class 9976).
Applicants are responsible for updating their email address or mailing address. Contact Information must be updated online at http://www.jobaps.com/sf by clicking on “Update My Contact Info” and logging into your account. If updating contact information online, applicants must contact the analyst at (415) 581-5133 immediately to inform them of the change. Failure to do so may result in the loss of eligibility.
Make sure your application and any attachments to the application submitted at the time of filing are complete and accurate and include details on all experience, education, training and other information that qualifies you for this recruitment. Failure to submit a complete and accurate application at the time of filing may result in your ineligibility for this recruitment or inability to receive full credit for scoring purposes. Any new information concerning work experience, education, training and other information that is submitted after the filing deadline may not be used for scoring or considered to determine whether you meet the minimum qualifications.
MINORITIES, WOMEN AND PERSONS WITH DISABILITIES ARE ENCOURAGED TO APPLY
AN EQUAL OPPORTUNITY EMPLOYER
As a finalist for a job, you will be fingerprinted, and your fingerprints will be sent to the California Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI). The resulting report of your conviction history (if any) will be used to determine whether the nature of your conviction (or arrest, in limited circumstances) conflicts with the specific duties and responsibilities of the job for which you are a finalist. If a conflict exists, you will be asked to present any evidence of rehabilitation that may mitigate the conflict, except when federal or state regulations bar employment in specific circumstances, such as:
- Candidates applying for positions with the Unified School District and the Community College District may be disqualified from consideration should their conviction history not meet the standards established under the California Education Code.
- Candidates applying for positions with the Recreation and Park Department may be disqualified from consideration should their conviction history not meet the standards established under California Public Resources Code 5164.
Having a conviction history does not automatically preclude you from a job with the City.
If you are selected as a finalist, the hiring department will contact you to schedule a fingerprinting appointment.
Disaster Service Workers
All employees hired on or after January 10, 2009 will be required (pursuant to San Francisco Charter Section A8.432) to contribute 2% of pre-tax compensation to fund retiree healthcare. In addition, most employees are required to make a member contribution towards retirement, ranging from 7.5%-13.25% of compensation. For more information on these provisions, please contact the personnel office of the hiring agency.