Deputy Chief Information Security Officer

DESCRIPTION :

Assists the Chief Information Security Officer in securing the District’s information security infrastructure by overseeing the development and implementation of security protocols, policies, and resiliency plans.

KEY DUTIES :

• Directs daily operations of IT departments responsible for security and information management.
• Develops and monitors a comprehensive security program based on industry standards.
• Ensures compliance with regulations and technical standards.
• Manages security architecture, cloud security, risk management, and training programs.
• Collaborates with various teams to align technology builds with security standards.
• Conducts vulnerability assessments and penetration tests.
• Oversees documentation and design of cybersecurity architecture.
• Establishes security awareness programs.
• Liaises with external agencies and represents the District on security matters.

SUPERVISION :

Reports to the Chief Information Security Officer and supervises lower-level IT administrators and managers.

QUALIFICATIONS : Knowledge of :

Knowledge of :

• Security architecture, cloud security, and governance
• Broad range of IT security and risk management frameworks
• Common information security management frameworks, such as ISO / IEC 27001 and NIST
• Networking, application systems, Internet, Intranet, and client server operation
• IT security principles, access controls, and confidential information protection principles
• Firewall technology, remote access security, voice, data, and advanced local-area and wide-area networking technologies
• Agile (scaled) software development or other best in class development practices
• Cloud computing / Elastic computing across virtualized environments
• Information system auditing
• Encryption technologies, software, and applications
• Access control systems and methodology
• Security management practices
• Security architecture and models
• Law, investigation, and ethics surrounding IT security
• District business disciplines, such as finance, HR, contracts, compliance and District operations
• Methods of project and process control, budgeting, and cost analysis and prediction
• Principles of organization, personnel management, and progressive disciplinary procedures
• Pertinent employee and student confidentiality, safety laws, regulations, and District policies and procedures

Ability to :

• Develop long and short-range plans
• Think innovatively, lead and motivate cross-functional interdisciplinary teams
• Work with vendors, negotiate and manage vendor services
• Recognize, analyze, and deal effectively with problems and issues
• Communicate clearly and effectively both orally and in writing
• Work effectively with District personnel, the public, and representatives of manufacturers and other organizations
• Review contracts, service level agreements, and other documents to verify they meet information security needs and requirements
• Work well under pressure of multiple priorities and short deadlines
• Manage through direct reporting personnel
• Supervise, train, and evaluate the work of direct and non-direct reporting personnel

Special Physical Requirement :

Effective vision to review and resolve network security issues via computers promptly.

ENTRANCE QUALIFICATIONS

Education :

Graduation from a recognized college or university, preferably with a major in computer science, telecommunications management, electrical engineering, business management or related field.

An advanced degree in the aforementioned areas is highly preferable.

Experience :

Four years of executive or management level experience in systems security, preferably with two years of experience in systems security management in a K-12 and / or university setting.

The experience must have included telecommunications and networking security, application and systems security, application development security, user authentication and authorization management, information systems vulnerability assessment and physical data security.

Experience with training in systems analysis and information / telecommunications security is highly preferable.

Special :

• Possession of the Certified Information Systems Security Professional (CISSP) or equivalent is required. The following security certifications or equivalent are preferable :
• GIAC Certified Information Security Officer (GISO)
• GIAC Security Leadership Certification (GSLC)
• GIAC Certified Firewall Analyst (GCFW)
• GIAC Systems and Network Auditor (GSNA)
• A valid driver’s license to legally operate a motor vehicle in the State of California and the use of a motor vehicle.

SPECIAL NOTE :

An employee in this class may be subject to the reporting requirements of the District’s Conflict of Interest Code.

This class description is not a complete statement of essential functions, responsibilities, or requirements. Entrance requirements are representative of the minimum level of knowledge, skill, and / or abilities.

To the extent permitted by law, management retains the discretion to add or change typical duties of a position at any time, as long as such addition or change is reasonably related to existing duties.

Application Process :

To be officially considered for this opportunity, please apply on our website

DO YOU NEED TECHNICAL ASSISTANCE WITH THE ON-LINE APPLICATION? Please email us at [email protected] to get assistance with the application process.