Are you a dedicated information security professional interested in a challenging and rewarding career? Are you interested in applying your skills and experience to protect modern business and ICS Infrastructure? Are you interested in public service and protecting the environment? The Agency seeks an experienced cybersecurity leader to serve as its Information Security Officer. This is an exciting opportunity if you enjoy teaching others, designing and implementing creative solutions, and collaborating with a great team of ITprofessionals and other Agency staff. The Agency takes great pride in having a culture of collaboration and service, and we hope you do too!
This Position is perfect for you if:
You are a great mentor that enjoys teaching and coaching others for success.
You enjoy interacting with various stakeholders and teammates to complete projects.
You have strong analytical skills for conducting audits and assessing risks.
You are a lifelong learner that stays up to date with new developments in IT and cybersecurity.
You have experience in designing and securing system architectures to ensure that data and technology infrastructures are protected.
You are an adaptable and creative thinker.
You want to contribute to the community's well-being and growth!
Here at the Inland Empire Utilities Agency, we are a leader in water management and environmental stewardship. We strive to produce high-quality renewable products such as recycled water and top-quality compost to enhance and preserve the quality of life throughout our region. Our values go beyond just protecting the resources and the communities we serve. We are committed to applying ethical, transparent, and environmentally sustainable principles to all aspects of business and organizational conduct. We recognize that our commitment to the community starts with our employees. In order to ensure that our staff are able to continue to perform at a high level and provide unparalleled services throughout our service area, we strive to provide a healthy work-life balance.
Here are a few ways the Inland Empire Utilities Agency is committed to helping you feel your best, work your best, and live your best while working with us:
A 4-day work week with remote hybrid work schedules for some positions
A pension through California Public Employees’ Retirement System (CalPERS)
Generous employer monthly health benefit allowances to go towards the cost of medical, dental, and vision insurance
Competitive vacation, floating holiday, sick time in addition to 9 agency paid holidays
Education Reimbursement up to $5,250 per fiscal year
Professional Development Stipend of $1,000 per fiscal year
Basic life insurance coverage provided
Wellness Stipend of $500 per fiscal year
457b Deferred Compensation Contribution
Interest free loan for a computer purchase up to $3,000
This position is open until filled. The deadline for the first review of applications is 11:59 PM on Thursday, December 1, 2022. Applicants that submit applications after the first review deadline are not guaranteed to be considered for this recruitment. This recruitment may close at any time without notice after the first review deadline.
There is one (1) vacancy in the Information Technology Department.
This recruitment is being conducted to fill one (1) vacancy and will establish an eligibility list which may be used to fill future vacancies as they occur during the active status of the eligibility list.
Salary Range: UN 186
Probationary Period: At-Will
Under direction, plans, organizes, manages, and participates in the development, implementation, and monitoring of the Agency’s information security programs, information technology risk management programs, and information security policies; supervises and reviews the work of professionals and serves as a subject matter expert in information security and technology programs. Monitors agency infrastructure, devices, and information systems for security integrity; provides planning and guidance to information technology staff on vulnerability management and security incident response procedures. Provides technical and awareness training for in areas of assignment to Agency staff; and performs related duties as assigned.
The Information Security Officer is responsible for development and administration of the Agency information security programs and initiatives. Incumbents provide professional advice and counsel to Agency managers, supervisors, and employees; perform diverse and complex work with significant accountability for outcomes. Within broad guidelines, serves as a decision support resource for analysis at organizational and operational levels. Work is performed with significant independent discretion and access to highly sensitive data and systems. The incumbent is expected to work with department directors, unit managers, and staff to recommend and provide secure, cost-effective, and high-priority solutions, policies and standards to protect and secure the Agency’s digital information and technology infrastructure. Work is broad in scope and requires seasoned judgment and a high degree of initiative and independence.
Employees in this class typically report to the Director of Information technology and manage the work of professional and support staff in the Information Technology Department.
The Information Security Officer is distinguished from the Manager of Information Technology in that an incumbent in the latter class has management responsibilities for the full Information Services Unit or Operational Technology Unit within the Information Technology Department.
EXAMPLES OF ESSENTIAL FUNCTIONS:
The duties listed below are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to this class.
Plans, organizes, controls, integrates, and evaluates the work of the assigned programs and staff; with staff, develops, implements, and monitors work plans to achieve goals and objectives; contributes to the development of and monitors performance against the annual department budget; supervises and participates in developing, implementing, and evaluating plans, work processes, systems, and procedures to achieve annual goals, objectives, and work standards; ensures the preparation and maintenance of a variety of records and reports.
Manages the performance of assigned staff; interviews and selects new staff; establishes performance requirements and personal development targets; regularly monitors performance and provides coaching for performance improvement and development; recommends compensation and provides other rewards to recognize performance; hears and makes recommendations on grievances; subject to management concurrence, approves or takes disciplinary action, up to and including termination, to address performance deficiencies, in accordance with Agency policies and labor agreements.
Participates in the formulation and implementation of departmental policy, planning, and strategy development; leads and directs staff and outside consulting resources in the development and application of new methods and processes to achieve higher efficiency, quality, and innovation in departmental work processes.
Provides day-to-day leadership and works with staff to ensure a high-performance, customer service-oriented work environment that supports achieving the Department’s and Agency’s mission, objectives, and values regarding teamwork, mutual trust, and respect; applies best practices and quality assurance processes to assigned areas of responsibility; enforces the maintenance of safe working conditions and ensures safe work practices are followed by assigned staff.
Plans, organizes, and participates in developing, implementing, and monitoring the Agency’s information security program and initiatives. Oversees ongoing application of information security policies and procedures
Manages the budget for assigned functional area including assisting in the development and monitoring of budget documents, performing or reviewing research, complex analyses and projections and analyzing trends and expenditures; tracks expenditures against the budget and compiles and analyzes budget variance reports; oversees the processing of purchase requisitions, check requests and the preparation of invoices and billing; manages and maintains inventory.
Provides input into department key performance indicators (KPIs); oversees or develops programs and systems to track and report KPIs; tracks and reports changes, variances and projections versus actuals; reviews and analyzes maintenance data and performance reports to ensure department goals, objectives and standards are being met.
Collaborates with Agency staff to align business goals with risk management strategy.
Designs and secures system architectures to ensure protection of Agency data and technology infrastructure. Provides specifications for secure configurations of infrastructure and information systems.
Provides technical guidance on information security related tasks for Information Technology staff and ensures that sufficient training is delivered for security tasks. Prepares and delivers ongoing security awareness training to staff Agency-wide.
Monitors the Agency networks and systems for vulnerabilities, attacks, and breaches. Assesses current vulnerability. Responds to security incidents; leads incident response and recovery activities to protect systems from additional damage or recover impacted systems.
Conducts audits and prepares reports assessing risk and regulatory requirements for critical technologies. Recommends enhancements to maintain regulatory compliance and reduce risks.
Develops procedures for response and recovery activities as part of Business Continuity and Disaster Recovery planning.
Serves as a department or Agency representative to the Agency Board, Agency departments, member agencies, business and community organizations, and federal, state and local governmental bodies; communicates policies or procedures and resolves issues involving security guidance on technology deployment and ensuring deployments remain compliant with Agency policy; stays abreast of new trends and innovations in the information security communities and in the wastewater, water and recycled water industry that impact the Agency’s human capital management.
Participates in the selection of, and coordinates the activities of, information security service providers, contractors, and consultants.
EDUCATION, TRAINING AND EXPERIENCE:
Graduation from an accredited four-year college or university with a major in management information systems, computer science, or cybersecurity and at least seven years of progressively responsible experience in the cybersecurity and network infrastructure design and support.
LICENSES; CERTIFICATES; SPECIAL REQUIREMENTS:
A valid California Class C driver’s license and the ability to maintain insurability under the Agency’s vehicle insurance program.
Certification from the International Information System Security Certification Consortium, Inc. ((ISC)2) in one of the following is preferred:
Certified Information Systems Security Professional (CISSP) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP)
Certification from the following institutions and organizations are desirable:
Global Information Assurance Certification (GIAC): Defensible Security Architecture (GDSA) Certified Detection Analyst (GCDA) Critical Controls Certification (GCCC) Global Industrial Cyber Security Professional (GICSP) GIAC Response and Industrial Response (GRID) Critical Infrastructure Protection (GCIP) Forensic Analyst (GCFA) Network Forensic Analyst (GNFA) Cyber Threat Intelligence (GCTI)
Information Systems Audit and Control Association (ISACA): Certified Information Systems Auditor (CISA)
Cisco: Certified Network Professional (CCNP) Routing & Switching or Security Certified Internetwork Expert (CCIE) Security
Fortinet: Network Security Expert (NSE) 4 is desirable.
Theory, principals, policies, practices and techniques of network architectures, design, and integration, including topologies and protocols.
Principals, methods, and practices of systems/network administration and maintenance.
Principles, practices and techniques for installation, configuration and operation of network systems, hardware and devices.
Methods and techniques for performing connectivity testing and troubleshooting, including uses of diagnostic tools and equipment.
Internet/intranet technologies and design concepts and techniques, including router and firewall configuration.
Systems analysis, design principles and development methodologies and tools.
Network security design principles and practices and related tools and software.
Project management principles, practices, methods and tools.
Agency policies, procedures and practices regarding data security.
Safety policies, practices, equipment, and supplies applicable to the work.
Principles and practices of sound business communications.
Principles and practices of effective management and supervision with an organization-wide perspective.
Principles and practices of organizational and culture change.
Principles and practices of public administration including planning, budgeting, purchasing, and public records.
Agency policies and labor contract provisions.
ABILITY TO: Lead people in a manner that promotes accountability, employee engagement, staff development, respect, and collaboration.
Manage the performance of staff by coaching for performance.
Effectively and professionally work with a diverse group of staff and community members.
Plan, manage, assign, delegate, control, review, and evaluate the work of staff engaged in the delivery of information security programs.
Proactively design, plan, and implement comprehensive and effective information security programs.
Perform complex network administration functions in a multi-platform, multi-segment network environment accurately and efficiently.
Consult effectively with internal and external stakeholders to develop solutions to complex issues.
Work independently and follow through on responsibilities with minimal direction.
Organize, set priorities, and exercise expert independent judgment within areas of responsibility.
Adjust priorities as circumstances dictate.
Troubleshoot and resolve complex hardware, software and connectivity problems.
Ensure systems and network security through the use of advanced security software and protocols.
Communicate clearly and effectively, both orally and in writing.
Prepare clear, concise and accurate reports, documentation and other written materials.
Develop and present presentations, proposals, and recommendations clearly, logically, and persuasively.
Exercise sound independent judgment within policy guidelines.
Keep technical skills current to meet continuing network administration responsibilities.
Establish and maintain effective working relationships with all those encountered in the course of work.
Be present onsite at Agency locations during the normal business hours.
Be physically present at non-Agency locations including, but not limited to, member agencies, conferences, and other work-related events that occur offsite.
All employment applications will be reviewed for accuracy, completion, relevant experience, education, training and other job-related qualifications. Applicants with the strongest background relating to the responsibilities of this position will be invited to participate in the testing process which may include one or more of the following: written test, oral interview, performance/practical examination. The successful candidate will be required to pass a background/reference check and pre-employment physical examination including a drug screen (for safety sensitive position) at no cost to the candidate. Please visit our website at www.ieua.org and select the Human Resources Department for additional information regarding the Agency, the hiring process and benefit information.
Any applicant requiring reasonable accommodation during the selection process due to a qualified disability must inform the Human Resources Office at (909) 993-1640 or email@example.com at least 72 hours in advance of the need for accommodation.
THE PROVISIONS OF THIS ANNOUNCEMENT DO NOT CONSTITUTE A CONTRACT, EXPRESSED OR IMPLIED, AND ANY PROVISION CONTAINED IN THIS BULLETIN MAY BE MODIFIED OR REVOKED WITHOUT NOTICE.
"The Agency's success is obtained by creating a positive and diverse work environment which recognizes individual differences and experiences".