Job Description:

ABOUT THE POSITION

The Riverside County's Information Technology department has an opening for a Deputy Chief Information Security Officer (Deputy CISO) that will be assigned to the Information Security Office located in Riverside. The Deputy CISO will assist in directing the enterprise information security and risk management programs and cyber security operations.

The Deputy Chief Information Security Officer (Deputy CISO) is an assistant director level classification and reports to the Chief Information Security Officer (CISO). The Deputy CISO is characterized by sharing Countywide responsibility for formulating and promulgating policy for, and developing, managing and integrating Countywide information security and privacy related programs designed to protect all County information systems and data. The Deputy CISO assists in directing Countywide information security and related privacy efforts through subordinate staff, and through department designated Information Security Officers. The incumbent must exercise strong organizational and team leadership skills to facilitate interdepartmental compliance and to ensure that departmental IT security staffs fully integrate appropriate security and privacy practices. In the CISO's absence, Deputy CISO may be called to act as the official HIPAA Security Officer of the County and shall assist in coordinating and overseeing generally all HIPAA security requirements for the County.

This class has been designated At-Will by the Board of Supervisors, in accordance with the provisions provided under Article 6, Section 601E (8) of the County Management Resolution and serves at the pleasure of the Chief Information Security Officer.

This class has been deemed eligible for the Performance Recognition Plan as set forth under Article 3, Section 311 of the County Management Resolution. Program eligibility requires employees to be in a leadership position, manage other employees or programs, and have significant influence on the achievement of organizational objectives.

Meet the Team!

Riverside County Information Technology is a full-service provider of IT services. RCIT is an Internal Service Fund (ISF) department with 100% reliance on revenues received from services.

RCIT offers comprehensive service and support for desktops, printers, printer services, servers, and data storage.

RCIT offers comprehensive systems support for email and messaging, smart phones, tablets, expert technical support, and production and test environments.

EXAMPLES OF ESSENTIAL DUTIES

• Assist with overseeing the development and implementation of Countywide information security policies and procedures to protect the County from internal and external IT threats and vulnerabilities.

• Represent the CISO to County departments, information technology advisory bodies and other committees or agencies involving County policies, plans, methodologies, and programs related to security, privacy and confidentiality of data and information technology assets.

• Assist in directing the preparation of short and long-term strategies for optimizing the County's Information Security Plan, and formulate and recommend Countywide policies for detecting, deterring and mitigating information security threats.

• Assist in directing and participating in the identification of security risks, the development and implementation of security management practices, and the measurement and monitoring of security protection measures.

• Assist in directing the handling of information security breaches and related incidents, including overseeing the activation of the County Network Security Emergency Response Team (CoNSERT) or departmental incident response teams.

• Manage a computer crime or incident scene, including recognition of the proper investigative approach, conducting a field of search to establish probable cause for seizure, proper collection methods, evidence preservation, transportation, computer forensic analysis and case management; use various security tools and prepare reports on findings; submit cases and work with the County Sheriff Computer And Technology Crime High-tech (CATCH) Response Team in the event of a possible legal violation by a County employee or other person using County IT resources.

• Through the CIO, serve as a subject matter expert and internal consultant on the data security implications of proposed new major information technology projects and programs, and make recommendations to the Board of Supervisors and affected departments.

• Assist in reviewing and recommending the professional development curriculum for County IT security and privacy staff to ensure adequate and appropriate training standards in information security and protection measures and coordinate related training and awareness programs.

• Assist in directing the development and promotion of security and privacy awareness training and education for all levels of the County organization structure on an ongoing basis.

• Participate in the development and implementation of disaster recovery and business continuity plans, to ensure that appropriate IT security measures are addressed.

• Participate in the development, implementation and compliance monitoring of IT security agreements, business associate agreements, chain-of-trust agreements, and Memoranda of Understanding (MOUs) that involve access to or exchange of County information to ensure all security concerns are addressed.

• Assist in leading vendor activities, write and evaluate proposals, and negotiate contracts for Countywide information security related software, equipment and services, and present recommendations for funding and approvals to the Chief Information Officer.

• Maintain current knowledge of applicable federal and state information security laws and standards to facilitate County adaptation and compliance.

MINIMUM QUALIFICATIONS

Education: Graduation from an accredited college or university with a bachelor's degree, preferably with major course work in computer science, information systems, electronics engineering, voice/data communications, public/business administration, or a closely related field to the assignment. (Additional qualifying experience may substitute for the required education on the basis of one year of full-time experience equaling 60 semester or 90 quarter units of education.)

Experience: Ten years of management experience in the information technology profession with five years concentrated in information security. Five years of experience as a County Information Security Analyst III, with management experience, may substitute for this experience requirement. Must have experience with firewalls, anti-virus, Intrusion Detection/Intrusion Prevention Systems (IDA/IPS), virtual private networks (VPN), remote access systems (RAS), public key infrastructure (PKI), encryption, digital certificates, routers, sniffers, distributed denial of service attacks (DDOS), biometrics, DMZ/Transaction Zones, business continuity planning, auditing, HIPAA and related regulatory compliance requirements, risk management, contract and vendor negotiation, and physical security.

Other Requirements: Must possess and maintain current certification within guidelines established by the International Information Systems Security Certification Consortium, Inc. (ISC)² as a Certified Information Systems Security Professional (CISSP).

A successful Security Clearance conducted by the Sheriffs' Department is required.

Skill in: Superior interpersonal and communication skills (oral and written); strong customer service skills; mediation process presentation and public speaking; extensive skill in investigation and coordination of security anomalies and events; extensive skill in performing a security incident investigation or forensic analysis of a security incident or event.

Knowledge of: Standard security practices, network architecture, routing, and TCP/IP protocols; general business processes and standards associated with areas of assignment; Risk and Threat assessment processes and practices; project planning and management; business continuity planning, documentation and evaluation; managing the evidentiary process; the use of Third Party Applications and native scripts and languages; maintaining the chain-of-custody process and procedures; strong working knowledge of pertinent laws and the law enforcement community, and the principles and methods used in the analysis and development of information security systems and procedures; currently accepted information security standards, guidelines and theories; advanced computer technology equipment operation, capacity and capability.

Ability to: Analyze and interpret complex data; effectively supervise personnel and motivate and direct the work of others; prepare and present effective, clear and concise reports and correspondence; identify and recommend information security needs for the County; analyze problems and identify alternative solutions; deal effectively and harmoniously with County executives, department and assigned staff, customers, and the general public.

SUPPLEMENTAL INFORMATION

Application Deadline

Applications will be reviewed in the order in which they are received. Based on the number of applications received, this posting may close without notice.

Reasonable Accommodations

The County of Riverside is committed to providing reasonable accommodation to applicants as required by the Americans with Disabilities Act (ADA) and Fair Employment and Housing Act (FEHA). Qualified individuals with disabilities who need a reasonable accommodation during the application or selection process should contact the recruiter for the position noted above. For additional information and/or to obtain the appropriate form for requesting a reasonable accommodation, please visit the Disability Access Office web page located at: http://dao.rc-hr.com/ .

Degree Verification:
Prior to the closing date, upload a copy of any license(s), official/unofficial transcript(s), degrees, and/or related employment documents to your NeoGov account. If your education was completed outside of the United States, you will need to provide a copy of your Foreign Education Equivalency evaluation from a member of the National Association of Credential Evaluation Services( NACES ) or Association of International Credential Evaluators, Inc. ( AICE ).

***Prior to the closing date, upload a copy of your official/unofficial transcripts or Foreign Education Equivalency report. ***

Veterans' Preference

The County has a Veterans Preference Policy. Upload a copy of your (or your spouse's) Member-4 Form DD-214 (or NGB-22) indicating dates of service, and a copy of your spouse's letter of disability (if applicable) with your application. For privacy reasons, it is recommended that you remove your social security information from the document(s). A Human Resources Representative will review the materials and determine if you qualify for veterans' preference. See the policy here .

What's Next?

This recruitment is open to all applicants.

Applicants who are currently County of Riverside employees and/or current employees of the RCIT Department may be considered before other applicants depending on the volume of the applications received.

Qualified applicants may be considered for future vacancies throughout the County.

Applications received prior to the closing date will be considered based on the information submitted. Changes or alterations cannot be accepted. No late applications will be permitted.

For specific questions regarding this position, contact the Ebelyn Skinner at eskinner@rivco.org.

If you are experiencing technical problems, you may contact the governmentjobs.com applicant support desk Monday through Friday, 6 am to 5 pm Pacific Time at support@governmentjobs.com or toll-free 1-855-524-5627.

GENERAL APPLICATION INFORMATION:

Please read and follow any special application instructions on this posting. Click the 'Apply' link located on this page to submit your application. For instructions on the application process, examinations, Veteran's preference, pre-employment accommodation or other employment questions, please refer to our web site, www.rc-hr.com . A pre-employment physical examination and background check may be required.

MEDICAL/DENTAL INSURANCE: A Flexible Benefit Credit is provided on a monthly basis as governed by the Management Resolution or applicable bargaining unit. Vision coverage is provided through Vision Service Plan (VSP) at no cost to employee or eligible dependents.

Note: Employees on assignment through the Temporary Assignment Program (TAP) receive different benefits. See the list here .
MISCELLANEOUS RETIREMENT: County of Riverside has three retirement Tiers through the California Public Employees' Retirement System (CalPERS).

• 
  Tier I (Classic Member - Formula 3% @ 60): Applicable to current and former County of Riverside local miscellaneous employees hired prior to 08/24/2012 and did not withdraw CalPERS contributions. The employee contribution is eight (8%) percent.


• 
  Tier II (Classic Member - Formula 2% @ 60): Applicable to local miscellaneous employees 1) hired after 08/23/2012 through 12/31/2012; 2) Previously employed with another CalPERS contracting public agency or a reciprocal retirement system, with a break in service of less than six months between the separation date with the previous employer and the appointment date with the County of Riverside. The employee contribution is seven (7%) percent.


• 
  Tier III (PEPRA New Member - Formula 2% @ 62): Applicable to CalPERS local miscellaneous new members hired on or after the implementation of the Public Employees' Pension Reform Act of 2013 (PEPRA) which took effect January 1, 2013.As of July 1, 2020, the employee contribution is 7.25% and subject to change annually.
  

A new member is defined as any of the following:

A new hire who enters CalPERS membership for the first time on or after January 1, 2013, and who has no prior membership in any California Public Retirement System.

A new hire who enters CalPERS membership for the first time on or after January 1, 2013, and who was a member with another California Public Retirement System prior to that date, but who is not subject to reciprocity upon joining CalPERS.

A member who first established CalPERS membership prior to January 1, 2013, and who is rehired by a different CalPERS agency after a break in service of greater than six (6) months.

CalPERS refers to all members that do not fit within the definition of a new member as "classic members".

Contribution rates are subject to change based on the County of Riverside annual actuarial valuation.

Note:

This summary is for general information purposes only. Additional questions regarding retirement formulas can be sent to retirement@rivco.org or by calling the Benefits Information Line at (951) 955-4981,
Option 2.

If you have prior service credit with another CalPERS agency or within agencies, please contact CalPERS at (888) 225-7377 to determine which retirement tier would be applicable to you. CalPERS is governed by the Public Employees' Retirement Law. The Retirement Law is complex and subject to change. If there's any conflict between this summary and the law, the law will prevail over this summary.
DEFERRED COMPENSATION: Voluntary employee contribution with a choice between two 457 deferred compensation plan options.

401(a) MONEY PURCHASE PLAN: County contribution of $50 per pay period towards choice between two 401(a) plan providers.

ANNUAL LEAVE (Bi-Weekly Accrual):

0 < 36 months = 8.92 Hours
36 to <108>108 or more months = 12.00 Hours

Maximum Annual Leave accumulation is 1,800 hours. Employee may receive pay in lieu of up to 80 hours per calendar year. Agency/Department Head may approve an additional 80 hours.

-Annual Leave for Unrepresented Management Attorneys:
Maximum Annual Leave accumulation is 2,000 hours. Refer to Article 22 of the Management Resolution for a list of job classifications included.

HOLIDAYS: Normally 12 paid holidays per year.

BEREAVEMENT LEAVE: 5 days (3 days are County paid; 2 days can be taken through use of accrued leave balances).

BASIC LIFE INSURANCE: $50,000 of term life coverage. Premiums are paid by the County. Additional Supplemental Life plan is available for employee purchase.

LONG-TERM DISABILITY (LTD): Benefit pays 66.67% of earnings to a maximum of $10,000 per month; 30-day waiting period; pays to age 65. Benefit can be coordinated with other available leave balances to provide up to 100% of pay.

POST RETIREMENT MEDICAL CONTRIBUTION: A monthly contribution is made by the County towards retiree health insurance offered through the County as governed by the Management Resolution or applicable bargaining unit.

OTHER: There may be other benefit provisions as specified in the applicable Memorandum of Understanding, Management Resolution, or Salary Ordinance. Please contact the recruiter listed on the job posting directly for more information..

Apply Now