Job Description

Job Description and Duties

The Position is headquartered in Sacramento.

Under the general direction of the Information Technology Manager I (ITM I) Information Security Officer (ISO), the Information Technology Specialist II (ITS II) serves as a cybersecurity advisor and provides technical security expertise to the ISO as the Assistant Information Security Officer (AISO). The AISO implements and maintains security governance and the associated frameworks and processes. The AISO serves a critical function in the development, implementation, and maintenance of cybersecurity policy training. Other key functions include risk and compliance management, incident response and technology recovery testing and planning; evaluation and implementation of security controls; audit planning and reporting; security assessments; supporting the Department’s security awareness training platform and processes; and developing and sustaining cooperative working relationships with all stakeholders. 

To be considered for this position you must provide a completed application, resume, and Statement of Qualifications (SOQ).

New to state candidates will be hired into the minimum salary of the classification or minimum of the alternate salary range when applicable. Placement to alternate range may be based on education or experience identified in your state application.

Examination Information

Those interested in obtaining employment with the California Department of Aging must apply and compete through the State recruitment process () . Applicants who successfully pass the examination will be placed on an eligibility list used to recruit for positions.

To apply for the examination for this position, click on the link below to search for the examination and follow the “How to Apply” instructions in the examination announcement: 

If you already have list eligibility for this classification, you do not need to retake the examination, except when your list eligibility expires. For questions regarding the examination process and/or career opportunities with the California Department of Aging, please contact the Human Resources Branch at  Careers@aging.ca.gov

For more information about IT Classifications you can visit: 

You will find additional information about the job in the .

Working Conditions

The physical work location of the position is designated at the department's headquarters location, a three-story building and standard office modular workspace located in Natomas. The duties of the position require sitting for long periods of time while using a personal computer, reviewing documents, and attending meetings whether they are digital (i.e., Zoom, WebEx, MS Teams, etc.) or in person.

Special Requirements

This position is designated under the  Conflict of Interest Code . The position is responsible for making or participating in the making of governmental decisions that may potentially have a material effect on personal financial interests. The appointee is required to complete  Form 700 within 30 days of appointment and once per year. Failure to comply with the Conflict of Interest Code requirements may void the appointment.

Do NOT include ANY confidential information to your application on any documents you submit for a job vacancy, such as your State application, resume, or educational transcripts. Confidential information that should be excluded or removed from these documents includes, but is not limited to, your Social Security Number (SSN), birthdate, student identification number, driver's license number (unless required), basis of eligibility, examination results, Limited Examination and Appointment Program (LEAP) status, medical information, marital status, and age. Confidential information on the first page of the applications submitted electronically online, such as Easy ID number, SSN, examination related information, and driver's license number will automatically be redacted upon submission.

Possession of Minimum Qualifications will be verified prior to interview and/or appointment. If you are meeting Minimum Qualifications with education, you must include your unofficial transcripts/diploma for verification. Official transcripts may be required upon appointment. If it is determined a candidate does not meet the Minimum Qualifications, the candidate will be withheld from the eligibility list, rendering them inactive and ineligible to be hired for the position. Candidates who have been withheld may file and appeal with the State Personnel Board.

If you are using education to meet the minimum qualifications, please include a copy of your unofficial transcripts for verification. Foreign transcripts must be accompanied by an academic credential evaluation. Below is the link to a list of approved agencies.

Desirable Qualifications

In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

• Excellent communication skills, interpersonal skills and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and nontechnical audiences at various levels.

• Knowledge and experience with information security frameworks such as ISO/IEC 2700127002, ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework

• Working knowledge of cybersecurity risk management and cybersecurity technologies.

• Experience developing and maintaining security policies and procedures.

• Experience developing, maintain and testing technology recovery solutions.

• Security related certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.

• Experience with incident response within a security operations center.

• Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and threat intelligence.

• Ability to communicate complex technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner.

• Understands business needs and commitment to delivering high-quality, prompt and efficient service to business customers.

• Experience with regulatory compliance, risk management frameworks and information security management frameworks.

• In-depth knowledge of cybersecurity principles, technologies, and controls, including threat and vulnerability management, incident response, and security awareness.

• Ability to interpret and apply complex compliance requirements such as HIPAA.

Benefits

In addition to competitive public employee wages and a comprehensive benefits package, our employees enjoy meaningful and interesting work that supports access to programs and services that serve older adults, adults with disabilities, family caregivers, and residents in long-term care facilities throughout California.

To learn more about benefits for State employees, visit the  page on the CalHR website.

CDA is located close to downtown and is easily accessible from various main thoroughfares (i.e. Interstate-5 and Inerstate-80). Employees enjoy a great team environment with amenities including: FREE PARKING  and close to various dining and shopping choices in the Natomas area.

STATEMENT OF QUALIFICATIONS AND INSTRUCTIONS

The SOQ must be written solely by you and should provide specific details and examples that clearly demonstrate your qualifications based upon your own experience/education. Any submissions that are created, modified or include any type of artificial intelligence may be disqualified.

PLEASE NOTE:

Resumes, letters, and other materials will not be evaluated or considered as responses to the Statement of Qualifications.

DISCLAIMER:

Applications submitted without the required Supplemental Questionnaire will be considered incomplete and will not be considered for this position.

INSTRUCTIONS:

• Must include  first and last name in the upper right-hand corner of the page.

• The SOQ must include the question with each answer

• Question(s) must be answered in numerical order

• Font must be Arial 12-point

• No more than two pages in length

• single spaced, on standard sized paper (8.5" X 11")

CRITERIA:

1. Describe how your experience and education/training qualifies you for this position.

2. Describe your experience with information security compliance. Please include any experience related to control agency relatio nships and coordination.

3. Describe your experience developing or implementing a technology recovery plan or solution.

*** For helpful guidance on writing an effective SOQ or a Supplemental Questionnaire, please visit 

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is required and must be included.
• Statement of Qualifications - A Statement of Qualification is REQUIRED and must be submitted with your Employment Application (STD. 678). Applications received without an appropriate Statement of Qualifications based on the instructions below will be rejected for being incomplete and will not be considered. Resumes, cover letters, and other documents will not be considered as a response to the Statement of Qualifications. Please refer to the "Statement of Qualifications Instructions" section below for specific requirements.

Job Tags

Permanent employment, Full time,

Similar Jobs