Information Security Program Manager

at Alameda County Information Technology Department
Published May 4, 2022
Location Oakland, CA
Category Default  
Job Type Full-time  

Description

The award-winning Alameda County Information Technology Department (ITD) is seeking a leader with security program management experience! DESPCRIPTION The incumbent to this position will be responsible for the ITDrsquos Security team, processes and tools to assess risk, threats and vulnerabilities to Alameda County information systems and data. This individual will coordinate with technology teams to develop and implement security solutions and policies, and will be responsible for leading high-complexity IT projects and initiatives pertaining to information security. Work activities will include performing information security reviews, systems analysis, testing, auditing, remediation, and the creation of policy documentation. The position will supervise a team responsible for security access management, security operations and security incident management. This individual may participate as an information security subject matter expert in technology management processes, including change management, problem management, vulnerability management, and patch management. Take a look at who we are, visit our ITD Web page httpsitd.acgov.org KNOWLEDGE AND SKILLS Experience managing delivery of complex security projects in a diverse technology environment with multiple stakeholders and multiple resource pools. Experience leading and influencing staff, peers and stakeholders in identifying security risks and vulnerabilities and driving change in behavior, process, technology and policy. Knowledge of key security areas such as Risk Analysis, Policy Creation, and Auditing. Knowledge of Security Best Practices pertaining to Network, Server, Database, Web Services, Identity Management, Access Management and Event Management. Experience with security penetration testing, tools, and security portfolio management. Experience with implementation of security tools, management, and monitoring of security systems. Solid understanding of information technology core areas including operating systems, network security, application architecture, firewallIPS operations, Active Directory, malware and vulnerability prevention controls and best practices. Knowledge of published security standards (ISO, NIST, PCI, HiPAA, CJIS). Previous experience and knowledge of risk management processes including internal audit and information security management. Experience evaluating controls relative to information security frameworks such as ISO 27002 and NIST 800 series. Previous experience and knowledge of enterprise-wide identity management and account provisioning, including zero trust, role-based access controls, workflow automation and process improvement Ability to train and present to small and large audiences Ability to partner with Management and coordinate security improvements. Excellent customer relationship and time management skills. High quality writing and interpersonal communication skills. MINIMUM QUALIFICATIONS Either I Experience The equivalent of two (2) years of full-time experience in the class of Infrastructure Services Engineer or an equivalent higher-level class in the Alameda County classified service supervising technical staff. Or II Experience The equivalent of five (5) years of full-time increasingly responsible infrastructure experience that includes documentation and project management, and at least three (3) years of direct supervision and workload management of technical staff. Education Possession of a Bachelorrsquos degree in Computer Science or related field from an accredited college or university may be substituted for one (1) year of technical experience. PREFERRED QUALIFICATIONS Six (6) years of experience in information security, IT audit, or information technology operations. At least one of the following certifications is preferred CISSP, CCSP, CISM, CIPP, CFE, CISA or SANS GIAC. SYSTEMS KNOWLEDGE Operating Systems Windows, UNIX Network infrastructure developmentdeployment, DNS, Web servers, Email Architecture, DMZ Management Network architecture and protocols TCPIP, UDP, HTTP, NetBIOS, IPSec, SMTP Network firewalls, application gateways, proxy servers, MDM Database Security MS SQL, Oracle Network Device Access controls to include Cisco routers and other network devices Cryptographic methods and standards Asymmetric, Symmetric CISSP andor CISA certifications is strongly preferred KEY WORDS CISSP, CISA, CEH, CCSK, Network Infrastructure, Network Security, Network Architecture, Network firewalls, Cisco Networking, Microsoft Active Directory, Windows, Unix, Auditing BENEFITS County Pension Plan, eleven (11) paid holidays a year + initial accrual rate of ten (10) vacation daysyr (increases over time) + seven (7) additional management paid vacation daysyear + four (4) floating holidaysyear + accrual of thirteen (13) sick daysyear. Medical Dental Vision FSA Transportation cafeteria benefit selection options, and much more! WORK ELIGIBILTY Qualified candidates who are extended a conditional offer of employment will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification documents upon hire. Alameda County does not anticipate providing sponsorship for employment visa status (e.g. H-1B) and an offer of employment shall not be construed as including said sponsorship presently or in the future. No vendor resumes at this time. EQUAL OPPORTUNITY EMPLOYER Alameda County has a diverse workforce, that is representative of the communities we serve, and is proud to be an equal opportunity employer. All aspects of employment are based on merit, competence, performance, and business need. Alameda County does not discriminate in employment on the basis of inclusion in protected classes or other non-merit factors as defined under federal, state and local law. Alameda County celebrates diversity and is committed to creating an inclusive, and welcoming workplace environment.

Drop files here browse files ...