Chief Information Security Officer
Not Disclosed
Riverside, CA
3.0 Months
Not Disclosed
Not Disclosed
Government - Local
$116.43/hour - $121.43/hour
Job Posted on (Mar 19, 2024)
Reference Number: RKCATC1933
Job Description
Description :
Minimum Qualifications:
Education:
Graduation from an accredited college or university with a bachelor's degree, preferably with a major course work in computer science, information systems, electronics engineering, voice/data communications, public/business administration, or a closely related field to the assignment. (Additional qualifying experience may substitute for the required education on the basis of one year of full-time experience equaling 60 semester or 90 quarter units of education.)
Experience:
Ten years of management experience in the information technology profession with five years concentrated in information security.
Five years of experience as a client Information Security Analyst III, with management experience may substitute for this experience requirement.
Must have experience with firewalls, anti-virus, Intrusion Detection/Intrusion Prevention Systems (IDA/IPS), virtual private networks (VPN), remote access systems (RAS), public key infrastructure (PKI), encryption, digital certificates, routers, sniffers, distributed denial of service attacks (DDOS), biometrics, DMZ/ Transaction Zones, business continuity planning, auditing, HIPAA and related regulatory compliance requirements, risk management, contract and vendor negotiation, and physical security.
Duties
Assist with overseeing the development and implementation of the client information security policies and procedures to protect the client from internal and external IT threats and vulnerabilities.
Represent the CISO to the client departments, information technology advisory bodies and other committees or the clients involving the client policies, plans, methodologies, and programs related to security, privacy and confidentiality of data and information technology assets.
Assist in directing the preparation of short and long-term strategies for optimizing the Information Security Plan, and formulate and recommend Countywide policies for detecting, deterring and mitigating information security threats.
Assist in directing and participating in the identification of security risks, the development and implementation of security management practices, and the measurement and monitoring of security protection measures.
Assist in directing the handling of information security breaches and related incidents, including overseeing the activation of the client Network Security Emergency Response Team (CoNSERT) or departmental incident response teams.
Manage a computer crime or incident scene, including recognition of the proper investigative approach, conducting a field of search to establish probable cause for seizure, proper collection methods, evidence preservation, transportation, computer forensic analysis and case management; use various security tools and prepare reports on findings; submit cases and work with the client Response Team in the event of a possible legal violation by the client employee or other person using the client IT resources.
Through the CIO, serve as a subject matter expert and internal consultant on the data security implications of proposed new major information technology projects and programs, and make recommendations to the Supervisors and affected departments.
Assist in reviewing and recommending the professional development curriculum for IT security and privacy staff to ensure adequate and appropriate training standards in information security and protection measures and coordinate related training and awareness programs.
Assist in directing the development and promotion of security and privacy awareness training and education for all levels of the client organization structure on an ongoing basis.
Participate in the development and implementation of disaster recovery and business continuity plans, to ensure that appropriate IT security measures are addressed.
Participate in the development, implementation and compliance monitoring of IT security agreements, business associate agreements, chain-of-trust agreements, and Memoranda of Understanding (MOUs) that involve access to or exchange of information to ensure all security concerns are addressed.
Assist in leading vendor activities, write and evaluate proposals, and negotiate contracts for the client information security related software, equipment and services, and present recommendations for funding and approvals to the Chief Information Officer.
Maintain current knowledge of applicable federal and state information security laws and standards to facilitate the client adaptation and compliance.
Other Requirements
License: Possession of a valid California Driver's License may be required.
Must possess and maintain current certification within guidelines established by the International Information Systems Security Certification Consortium, Inc. (ISC)² as a Certified Information Systems Security Professional (CISSP).
VIVA is an equal opportunity employer. All qualified applicants have an equal opportunity for placement, and all employees have an equal opportunity to develop on the job. This means that VIVA will not discriminate against any employee or qualified applicant on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status