Hybrid Information Technology Security Officer bei City of Carson, CA

About the Department

The City of Carson is now accepting applications for the position of Information Technology Security Officer. 

(The City of Carson reserves the right to close this recruitment at any time once a sufficient number of qualified applications have been received.)

The ideal candidate will be a highly skilled professional with proven experience leading enterprise-level cybersecurity programs. They will have strong expertise in cybersecurity risk assessment, incident response, and regulatory compliance, as well as hands-on experience managing SIEM, vulnerability management, and other security tools. This individual will be personable, approachable, and confident in communicating with stakeholders at all levels, able to clearly present technical concepts and advocate for security best practices. They will excel at building collaborative relationships, fostering a culture of security awareness, and balancing security needs with operational priorities. Strong leadership, strategic thinking, and the ability to speak up and provide guidance in high-stakes situations are essential. Experience in a governmental agency is highly desirable.

Position Duties

Essential Duties and Responsibilities:

(These functions are representative and may not be present in all positions in the class.  Management reserves the right to add, modify, change or rescind related duties and work assignments.)

• Plans, organizes, manages, and participates in the development, implementation, and monitoring of the City’s information security programs, information technology risk management programs, and information security policies; supervises and reviews the work of professionals and serves as a subject matter expert in information security.
• Develops and executes a cyber security strategy that is aligned with internal stakeholders, organizational priorities, facilitates city operations, and meets industry standards. 
• Directs and participates in the identification of security risks, development and implementation of security management practices, and the measurement and monitoring of security protection measures. 
• Ensures compliance with regulatory requirements such as Criminal Justice Information Services (CJIS), Payment Card Industry Data Security Standards (PCI), Health Insurance Portability and Accountability Act (HIPAA), California Privacy Protection Agency, and federal, state, and local laws. 
• Monitors agency infrastructure, devices, and information systems for security integrity; provides planning and guidance to information technology staff on vulnerability management and security incident response procedures. 
• Oversees portfolio of cyber risk and security applications and procedures, implements new security processes and related technologies to ensure a continuous improvement of the City’s cyber security posture. 
• Oversees assigned staff in performing their responsibilities and provides guidance as necessary.
• Analyzes information, situations, problems, policies, and procedures to identify, recommend, and implement solutions systemically. 
• Formulates, recommends, and executes enterprise-wide policies and procedures for detecting, deterring, and mitigating information security threats. 
• Serves as a subject matter expert and internal consultant on data security implications for proposed information technology projects and programs and makes recommendations to align new technologies to security standards. 
• Prepares oral and written reports for executive leadership, the City Manager’s Office, and City Council.
• Develops cyber security, cyber risk, and security awareness training programs for City staff; monitors training effectiveness by documenting and reporting data point trends on user awareness and vulnerability assessments.
• Builds and maintains positive relationships with City stakeholders.
• Attends City/Industry-related functions.
• Performs other duties as required

Minimum Qualifications

Qualification Guidelines:
A typical way to obtain the requisite qualifications to perform the duties of this class is as follows:

Education and/or Experience:

Option A:
Bachelor's degree in Business Administration, Computer Information Systems, Information Technology or closely related field from an accredited college or university and five (5) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment.   
 
Option B
Master's degree in Computer Science or closely related field is highly desirable from an accredited college or university and four (4) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment.  
 
Knowledge of:

• Computers and Electronics: Electric circuit boards, processors, chips, and computer hardware and software
• Principles, methods, and practices of systems/network administration and maintenance.
• Agency policies and procedures and practices regarding data security.
• Network security design principles, practices, and related tools and software.

• Ability to objectively assess situations or circumstances using all the relevant information, apply experience, evaluate the problem objectively, calculate risks, and make an ethical and informed decision.
• Manage the performance of staff by coaching for performance.
• Motivating, developing, and directing people as they work.
• Acknowledge, value and support diversity of thought, opinion and approach with customers and colleagues regardless of background, culture and organizational level.
• Execute work that adheres to the City’s stated principles of Diversity, Equity, and Inclusion including, but not limited to, your “duty to act” to ensure fair and equitable treatment of all persons and historically underrepresented groups. 
• Fostering an inclusive and supportive environment in which everyone in the City has an opportunity to thrive.
• Incorporating an equity perspective to day-to-day work in all responsibilities, decisions and actions of providing public service. 
• Effectively communicating information and ideas in writing, as well as through speech, so others will understand.
• Persuasion: Convincing others to approach things differently.
• Working independently and with minimal supervision.
• Speech recognition: Identifying and understanding the speech of another person.
• Project analysis; weighing the costs/benefits of a potential action.

Other Qualifications

Physical Requirements and Working Conditions:
Employee accommodation(s) for physical or mental disabilities will be considered on a case-by-case basis. Positions in this class normally:

• Require vision (which may be corrected) to read small print.
• Require mobility of arms to reach and dexterity of hands to grasp and manipulate small objects.
• Perform work which is primarily sedentary.
• Is subject to the internal environmental conditions of modern and aged public buildings, facilities and physical structures and HVAC systems.
• May be required to work at a computer terminal for prolonged periods.
• May be required to work evenings and/or weekends.

• SME Review, no weight 
• Selection Interview, weighted 100%

The Human Resources Department reserves the right to adjust, modify, delete and/or change the above exam types and/or weights.   Supplemental questionnaires are used to evaluate applicant’s indicated abilities with the ideal candidate profile. The Human Resources Department reserves the right to invite those amongst the highest scoring to the next phase of the recruitment. 

Appointment:  

Any offer of employment, or acceptance of an employment offer, is contingent upon passing live scan, background check and other required tests. All new employees are required to take a loyalty oath.

Other Information:  

The City of Carson is an Equal Opportunity Employer, dedicated to fostering a diverse and inclusive workplace. We believe in the strength that comes from different perspectives and experiences, and we are committed to building a workforce that reflects the vibrant diversity of our community. This commitment is embraced at all levels of our organization, from our management staff to our policymakers. We partner with our staff and community organizations to ensure our policies and practices remain transparent and equitable. As part of this commitment, we regularly publish updated demographic information on our workforce, including data on diversity and pay equity by race and gender.
  
In accordance with the California Fair Chance Act, the City of Carson will consider all qualified applicants, including those with a criminal history. Applicants are not required to disclose their criminal history or undergo a background check until receiving a conditional job offer. If any concerns arise from a background check, and the conviction is directly related to the role, applicants will have the opportunity to provide context, present mitigating evidence, or dispute the report's accuracy. For more information about the Fair Chance Act, please visit https://calcivilrights.ca.gov/fair-chance-act. 
 
The City of Carson intends to provide reasonable accommodations in accordance with the Americans with Disabilities Act of 1990. If you need a special accommodation during the recruitment process or would like this information in an alternative format, please contact Human Resources at (310) 952-1736.