City Information Security Officer - Recruitment Brochure

City




City

Information Security Officer First Review Date: November 1, 2024 at 12 p.m. PST

City

About the City of San José

Known as the “Capital of Silicon Valley,” the City of San José plays a vital economic and cultural role anchoring the world’s leading region of innovation. Encompassing 181 square miles at the southern tip of the San Francisco Bay, San José is Northern California’s largest city, third largest in the State, and the 13th largest city in the nation. With one million residents, San José is one of the most diverse large cities in the United States. The city is the home to the prestigious San José State University and has transformed into a global innovation center resulting in one of the largest concentrations of technology companies and expertise in the world, including major tech headquarters like Cisco, Adobe, Zoom, Samsung, and eBay as well as start-ups and advanced manufacturing. Over 10,000 A.I. patents have been filed in the City of San José and the City has twice been named “The Most Innovative Large City in America” by the Center for Digital Government. The City Government San José’s quality of life is unsurpassed. Surrounded by the Diablo and Santa Cruz Mountain ranges and enjoying an average of 300 days of sunshine a year, residents have easy access to the beaches along the California coast including Santa Cruz, Monterey, and Carmel-by-the-Sea; Yosemite and Lake Tahoe in the Sierra Nevada; local and Napa Valley wine country, and the rich cultural and recreational life of the entire Bay region. San José has received accolades for its vibrant neighborhoods, healthy lifestyle, and diverse attractions from national media including Business Week and Money magazines. For more information about the unparalleled quality of life in San José, please visit www.sjeconomy.com/why-san-jose. In 2011, the City adopted Envision San José 2040, a long-term growth plan that sets forth a vision and a comprehensive road map to guide the City’s anticipated growth through the year 2040. The Plan proactively directs significant anticipated growth in new homes and workplaces into transit-accessible, infill growth areas and supports evolution toward a more urban landscape and lifestyle. The San José area is powered by one of the most highly educated and productive populations in the United States. More than 40% of the workforce has a bachelor’s degree or higher, compared with 25% nationally. Forty percent of San José residents are foreign born, and 50% speak a language other than English at home. San José is proud of its rich cultural diversity and global connections, and the essential role the City plays in connecting residents and businesses to the nation and the world.

About the City of San José

The City Government

The City of San José is a full-service Charter City and operates under a Council-Manager form of government. The City Council consists of ten (10) council members elected by district and a mayor elected at large. The City Manager, who reports to the Council, and her executive team provide strategic leadership that supports the policy-making role of the Mayor and the City Council and motivates and challenges the organization to deliver high quality services that meet the community’s needs. Department heads are appointed by the City Manager with confirmation by the City Council. The City actively engages with members of the community through Council-appointed boards and commissions. In addition to providing a full range of municipal services including police and fire, San José operates the San José Mineta International Airport, a municipal water system, a regional wastewater treatment facility, some 200 neighborhood and regional parks, and a library system with 24 branches. The City also oversees convention, cultural, and hospitality facilities that include the San José McEnery Convention Center, Center for the Performing Arts, California Theater, Mexican Heritage Plaza, and the SAP Center San José – home of the National Hockey League San José Sharks. City operations are supported by 7,040 full-time equivalent positions and a total operating and capital budget of $6.1 billion for the 2023-2024 fiscal year. San José is dedicated to maintaining the highest fiscal integrity and earning high credit ratings to ensure the consistent delivery of quality services to the community. Extensive information regarding San José can be found on the City website at www.sanjoseca.gov.

The City Government

The Information Technology Department

The City of San José innovates to provide exceptional civic services using advanced technologies to help our community thrive. As one of the largest cities in the nation, the City manages a large set of services and assets. The City operates on a budget of $5 billion, with approximately 7,000 employees serving about one million residents and 80,000 businesses in the heart of Silicon Valley. Department Mission Statement Enrich the quality of life in San José through innovation, collaboration, and engagement. The Information Technology Department’s mission is to enrich the quality of life in San José through innovation, collaboration, and engagement. The Department enables its mission through business and infrastructure systems, cybersecurity, advanced data analytics, responsible use of Artificial Intelligence (AI), the San José 311 resident experience platform, data equity and privacy programs, and strategic planning. San José is powered by truly great people, a robust technology environment, and a strong sense of purpose. The IT department is a leader in innovation, embracing cutting-edge technologies and pioneering solutions to enhance efficiency and quality of life in San José. As part of this effort, the City leads a national initiative for AI through the GovAI Coalition, which was established to give local governments a voice in shaping the future of AI, ensuring it is developed responsibly for the public good. Promoting the City’s commitment to equity and inclusion, we believe that all members of the community, regardless of background, have access to the tools and resources needed to thrive in the digital age. San José is located in the heart of Silicon Valley, which boasts a rich history in technology, education, and agriculture. Over half of San José residents speak a language other than English at home, highlighting the importance of language accessibility in all City services. By fostering inclusivity, promoting digital literacy, and building accessible platforms, we are advancing technology while creating a more equitable future for everyone. At the City of San José, we promote work-life integration and a focus on growth to bring out the best in our people. Come join us in making San José the most vibrant, equitable, sustainable, and innovative city in the nation! Visit the Information Technology Department’s website to learn about our culture, vision, leadership, and innovative initiatives

The Information Technology Department

The Position

The City of San José Information Technology Department seeks an experienced City Information Security Officer (CISO) to lead cybersecurity Citywide initiatives. The CISO will direct the Cybersecurity Office as the City’s principal executive leader for information and systems security. In partnership with the Chief Information Officer (CIO), they will manage risk identification, protection and compliance, threat detection, incident response (IR), and recovery services for all City departments to ensure business resilience. The City’s CISO must be able to apply expertise in security strategy, cybersecurity frameworks, managing staff and vendor services, leading incident management, and optimizing resources to achieve desired security outcomes. Key responsibilities include but not limited to: Lead and mentor the Cybersecurity team, offering expertise and support to foster growth and a collaborative environment. Collaborate wit business units and solution providers to provide optimal security measures and achieve a balance between sustaining business operations and achieving security compliance. Coordinate with stakeholders within the City and partners/vendors outside of the City to ensure information and systems meet the City’s standards for threat identification, protection, and risk detection. Develop, operationalize, and enhance the City’s cybersecurity strategic plan, programs, policies, and architecture, including vulnerability, risk, and threat management programs through remediation. Conduct training programs to educate City personnel on relevant security best practices, foster diligence, and ensure compliance. Provide expert security guidance to City departments and officials in service planning, procurements, contract negotiations, vendor management, and project management. Provide expert guidance on regulations and standards (FISMA, FedRAMP, CJIS, PCI-DSS, HIPAA, etc.) the City must meet in providing municipal services, as well as security frameworks (NIST, ISO, IEEE, etc.) to shape City operations. Oversee and lead incident management/response processes in coordination with City departments to respond and recover from incidents. Resolve security-related audits in partnership with City staff.

The Position

The Position continued

Ensure comprehensive security strategies align with resilience plans and emergency management exercises. Oversee vendor relationships and manage the City’s procurement and utilization of cybersecurity products and services across departments. Lead the annual Cybersecurity Assessment of the City’s technology infrastructure. Provide strategic and operational leadership to address cybersecurity in the City’s emerging Internet-of-Things, smart communities, privacy, and equity through data initiatives. Collaborate with the Digital Privacy Officer to address privacy challenges emerging from new technologies, including AI. Implement governance policies to ensure responsible AI usage across the organization, aligning with ethical standards and risk management protocols. Support the GovAI Coalition’s initiatives to promote responsible and safe use of AI in government. Please note that the City Information Security Officer (CISO) position is currently eligible for a hybrid telework schedule. The schedule for working remotely and onsite is subject to change. The Ideal Candidate The ideal candidate will possess the following competencies, as demonstrated in past and current employment history. Desirable competencies for this position include: 1) Job Expertise – The ideal candidate should have the following qualifications and experience: Manage major technology services, programs, and products across multiple departmental technology environments and ensure crosscoordination between departments, including adherence to Citywide procedures/policies and state and federal regulations. Relevant regulations and standards (FISMA, FedRAMP, CJIS, PCI-DSS, HIPAA, etc.). Knowledge of local, state, and federal cybersecurity regulations. Cybersecurity frameworks and standards (NIST, ISO, IEEE, CIS controls and frameworks such as COBIT and ITIL, etc.).

The Position continued

The Ideal Candidate continued

Threat and vulnerability management, including understanding of common cyber threats, vulnerabilities, attack vectors, and the tools to defend against them (e.g., intrusion detection systems, SIEM, firewalls, etc.). Encryption and cryptography, including proficiency in data protection techniques, encryption methods, and secure communication protocols. Hands-on experience with crisis management and managing Incident Response to security breaches, including incident detection, containment, eradication, forensics, recovery, and post-incident analysis. Identity and Access Management (IAM) and expertise in managing user privileges, multifactor authentication (MFA), and other access controls. Cloud security, including familiarity with security challenges and solutions in cloud environments (Azure, Hyperconverged Infrastructure, private cloud). Network security, including a strong understanding of securing network architecture, VPNs, secure web gateways, firewalls, and network segmentation. Business continuity and disaster recovery planning, including developing and overseeing business continuity plans and disaster recovery strategies. 2) Analytical Thinking – Approaching a problem or situation by using a logical, systematic, sequential approach. 3) Conflict Management – Identifies and understands issues, problems, and opportunities; uses effective approaches for choosing a course of action or developing appropriate solutions. 4) Leadership – Leads by example; demonstrates high ethical standards; remains visible and approachable and interacts with others on a regular basis; promotes a cooperative work environment, allowing others to learn from mistakes; provides motivational supports and direction. 5) Political Acumen – Demonstrates an understanding and consideration of how it will impact stakeholders and affected areas in the organization. 6) Decision Making – Identifies and understands issues, problems, and opportunities; uses effective approaches for choosing a course of action or developing appropriate solutions.

The Ideal Candidate continued

The Ideal Candidate continued

7) Vision/Strategic Thinking – Support, promote, and ensure alignment with the organization’s vision and values. Understand how an organization must change in light of internal and external trends and influences. Builds a shared vision with others and influences others to translate vision into action. 8) Project Management – Ensures support for projects and implements agency goals and strategic objectives. 9) Communication Skills – Effectively conveys information (e.g., complex security concepts) to non-technical executives, council/committee members, and other stakeholders, and expresses thoughts and facts clearly, orally and in writing; demonstrates effective use of listening skills and displays openness to other people's ideas and thoughts; public relations during a crisis.

The Ideal Candidate continued

Education and Experience

A Bachelor’s degree from an accredited college or university in computer science, management information systems, business/public administration, or a closely related field AND seven (7) years of increasingly responsible experience in cybersecurity application and infrastructure, technology management, or telecommunications, including a combination of five (5) years of supervisory and project personnel management experience, with at least three (3) years of supervision experience in direct support of information security programs of significant scale and scope similar to a large government, to include budgeting, contracting, procurement, and supervision of staff and technical project teams in delivering goals and measured service levels. Acceptable Substitution A master's degree in a relevant field from an accredited college or university may be substituted for one (1) year of the required three (3) years of supervision experience indirect support of information security programs of significant scale and scope similar to a large municipal government, to include budgeting, contracting, procurement, and supervision of staff and technical project teams. Licenses or Certificates Possess and maintain a current, terminal-level cybersecurity credential such as: Certified Information Systems Security Professional (CISSP); Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM); Certified in the Governance of Enterprise IT (CGEIT); Certified in Risk and Information Systems Control (CRISC); OR An equivalent professional, industry-recognized certification acceptable to the City. Obtain and maintain SECRET Security Clearance within a reasonable period of time acceptable to the City. Passing the San José Police Department (SJPD) background check is a condition of employment.

Education and Experience



Flipbook Gallery

Magazines Gallery

Catalogs Gallery

Reports Gallery

Flyers Gallery

Portfolios Gallery

Art Gallery

Home


Fleepit Digital © 2021