Los Angeles County Development Authority
INFORMATION SECURITY OFFICER
Los Angeles County Development Authority, Alhambra, California, us, 91802
INFORMATION SECURITY OFFICER
CONSULTANT II
LOS ANGELES COUNTY DEVELOPMENT AUTHORITY
ADMINISTRATIVE SERVICES DIVISION
$95,977.13 - $146,392.37 Annually
Regular PositionThe Los Angeles County Development Authority (LACDA) is a dynamic and innovative local government agency created in 1982 by the Los Angeles County Board of Supervisors. The agency is an industry leader in four (4) core service areas: affordable housing, and community, economic, and housing development. Funded primarily with federal grants, the LACDA prides itself on sponsoring new solutions to local issues and forming partnerships with private and public agencies. To learn more about the agency's work in support of its mission to Build Better Lives and Better Neighborhoods, please visit
www.lacda.org .
Position Overview:
Under the direction of the Chief of Operations, the Information Security Officer manages and oversees the information security initiatives and functions of the Information Technology Services Unit by planning, developing, implementing and maintaining an enterprise-wide information security program, policies, and systems to protect LACDA electronic data and network infrastructure from external and internal security breaches and to ensure that security measures comply with statutory and regulatory requirements regarding information access, security, and privacy, including internal policies and standards.
The below statements are intended to describe the general nature and scope of work performed by this position. This is not a complete listing of all responsibilities, duties and/or skills required. Other duties may be assigned.
Develops, executes, and monitors a comprehensive information security program that protects against external and internal threats and complies with statutory and regulatory requirements pertaining to information access, security, and privacy.Develops and implements an ongoing, proactive risk assessment program and information security management system to identify vulnerabilities, threats, and risks related to departmental information assets.Aligns risk management and control activities as appropriate with security frameworks.Creates, implements, and enforces electronic information and infrastructure security and security breach prevention, detection, and remediation in alignment with the organization's overarching security framework.Promotes a culture of security awareness within the department by organizing training sessions and awareness campaigns to educate employees about security best practices.Develops and maintains an incident response plan specific to the department.Leads and coordinates incident response efforts and the investigation of electronic security incidents or breaches including reporting to the CISO/CIO and relevant authorities when necessary.Ensures departmental compliance with relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001).Coordinates audits and assessments as required.Implements and manages intrusion detection and prevention systems, security controls, technologies, and tools to protect departmental information assets, including firewalls, encryption, access controls, and endpoint security solutions.Assesses and monitors the security practices of third-party vendors and contractors that have access to departmental data or systems.Promptly reports security incidents, breaches, and potential threats to the LACDA Executive office and LA County CISO/CIO and other relevant stakeholders.Interfaces with outside law enforcement agencies on electronic security breaches in collaboration with affected departments, as needed.Leads the planning, testing, implementation, tracking, remediation, and risk acceptance of existing and proposed technology.Directs and maintains configuration management (CM) of electronic security systems, software, and data encryption to provide total data security.Ensures a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts.Leads the unit’s information security, disaster recovery, continuity of operations, incident response, and safety programs.Sets priorities, provides guidance, secures resources, and directs the activities of assigned staff to accomplish agency objectives.Interfaces with executive management, directors, and staff of all levels and provides consultation and advisement on data security management.Performs other duties as assigned.Essential Knowledge, Skills, and Abilities
Knowledge of:
Theories, principles, and practices of information security, digital security, data communications technology, application controls, and statutory and regulatory requirements pertaining to information access, security, and privacyDigital infrastructure and application system capabilities and functionsBroad information security issues, requirements, and trendsCompliance requirements related to Federal Rules of Civil Procedure (FRCP) and e-DiscoveryHealth Insurance Portability and Accountability Act (HIPAA)Risk assessment methods and techniquesAuthentication, authorization, and encryption technologiesForensic techniques for investigating incidentsAuditing standards and techniquesContract and vendor negotiationProject management and control practicesSkill in:
Planning, organizing, and constructing the design and implementation of a comprehensive information access, security and privacy programDetermining strategies to achieve goals and exercise sound judgmentAnalyzing information and situations, identifying problems, and recommending solutionsProject managementCritical and logical thinkingCommunicating effectively orally and in writingDeveloping teamwork to achieve shared goalsAbility to:
Stay abreast of latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to information security and privacyUnderstand, interpret, and apply laws, rules, regulations, policies, procedures, contracts, and budgetsNavigate through legal and regulatory requirements to ensure complianceCompile, analyze, and interpret technical and complex dataEnsure projects are on time, within budget, and achieve agency objective(s)Manage and lead staff
A combination of education and/or experience that provides the required knowledge, skills, and abilities to perform the essential functions of the position. A typical combination includes:
Bachelor's degree in Information Security, Computer Science, or a related fieldSix (6) years of relevant supervisory-level experience performing information security work in Windows, Unix, WAN/LAN (Wide Area Network/Local Area Network) environments and in various areas of IT, including development, design, implementation, technical support, programming, database, and operating systemsMaster’s degree in a related field is preferredCertifications
Professional certification in two of the following are required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Computer Hacking Forensic Investigator (CHFI), Global Information Assurance Certification (GIAC), Systems Security Certified Practitioner (SSCP), or equivalentEqual Opportunity
The LACDA is an equal opportunity employer. We are committed to creating a workplace culture that embraces diversity, equity, and inclusion to advance our mission of building better lives and better neighborhoods.Reasonable Accommodation
If you are an individual with a disability and need to request reasonable accommodations under the Americans with Disabilities Act (ADA), please call the LACDA, Human Resources at (626) 586-1687 or via email at hr.recruiter@lacda.org.Application Process
To be considered, all applicants are required to apply online by the filing deadline. Applications will be reviewed for possession of minimum qualifications and evaluated according to the essential functions of the job. In the Work Experience section of the application, applicants must demonstrate their experience by providing a clear description of the work performed as it relates to the position. Each job held must include the dates of employment, name and address of the employer, position title, hours per week, and supervisor. Please note resumes will not be reviewed to determine qualifications.
Supplemental questions are considered a part of the application process and must be carefully answered. All required questions must be completed before the application can be submitted. The supplemental questions will be used to evaluate the applicant's education, training, and experience. Depending on the size of the applicant pool, the supplemental questions may be used as part of the supplemental screening.
To receive credit for required education, applicants must attach a copy of their degree or official/unofficial transcripts. Please note foreign degrees (or degrees completed outside of the United States) require an evaluation of U.S. equivalency conducted by a credential evaluation service such as The National Association of Credential Evaluation Services (NACES) or the Association of International Credential Evaluators, Inc. (AICE).
Please include three (3) professional references in the "Reference" section of your application.
Failure to comply with this application process may result in disqualification.Screening and Selection Process
Following the review of application materials, the most qualified candidates will be contacted via email and text messaging, if elected, for an assessment test and/or interview. Please check the email account provided on the application for important communications regarding the status of your application and/or next steps.Salary Compensation
Salary compensation is dependent on qualifications (experience, education, knowledge, skills, and abilities). Initial salary placement is generally made between the start and mid-point of the posted range. New hires are not eligible to start at the maximum of the posted range.Conditions of Employment
Candidates selected from the process will receive a conditional offer of employment contingent upon successful completion of satisfactory reference checks, a post-offer medical examination, and criminal background check. Background check information will be considered in determining the applicant's suitability for the position.
Candidates must possess a valid California Class C Driver's License, an acceptable driving record, and must comply with the LACDA's Motor Vehicle Safety Policy during employment.
Failure to meet these pre-employment requirements will be grounds for withdrawal of the conditional offer of employment.
Proof of authorization to work in the United States will be required at the time of hire.
Employment with the LACDA is at-will and may be terminated at any time with or without cause.FILING DEADLINE: MONDAY, SEPTEMBER 30, 2024 @ 11:59 PMAPPLY IMMEDIATELY, POSITION MAY CLOSE WITHOUT PRIOR NOTICE.
RECRUITMENT NUMBER :
24075#J-18808-Ljbffr
CONSULTANT II
LOS ANGELES COUNTY DEVELOPMENT AUTHORITY
ADMINISTRATIVE SERVICES DIVISION
$95,977.13 - $146,392.37 Annually
Regular PositionThe Los Angeles County Development Authority (LACDA) is a dynamic and innovative local government agency created in 1982 by the Los Angeles County Board of Supervisors. The agency is an industry leader in four (4) core service areas: affordable housing, and community, economic, and housing development. Funded primarily with federal grants, the LACDA prides itself on sponsoring new solutions to local issues and forming partnerships with private and public agencies. To learn more about the agency's work in support of its mission to Build Better Lives and Better Neighborhoods, please visit
www.lacda.org .
Position Overview:
Under the direction of the Chief of Operations, the Information Security Officer manages and oversees the information security initiatives and functions of the Information Technology Services Unit by planning, developing, implementing and maintaining an enterprise-wide information security program, policies, and systems to protect LACDA electronic data and network infrastructure from external and internal security breaches and to ensure that security measures comply with statutory and regulatory requirements regarding information access, security, and privacy, including internal policies and standards.
The below statements are intended to describe the general nature and scope of work performed by this position. This is not a complete listing of all responsibilities, duties and/or skills required. Other duties may be assigned.
Develops, executes, and monitors a comprehensive information security program that protects against external and internal threats and complies with statutory and regulatory requirements pertaining to information access, security, and privacy.Develops and implements an ongoing, proactive risk assessment program and information security management system to identify vulnerabilities, threats, and risks related to departmental information assets.Aligns risk management and control activities as appropriate with security frameworks.Creates, implements, and enforces electronic information and infrastructure security and security breach prevention, detection, and remediation in alignment with the organization's overarching security framework.Promotes a culture of security awareness within the department by organizing training sessions and awareness campaigns to educate employees about security best practices.Develops and maintains an incident response plan specific to the department.Leads and coordinates incident response efforts and the investigation of electronic security incidents or breaches including reporting to the CISO/CIO and relevant authorities when necessary.Ensures departmental compliance with relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001).Coordinates audits and assessments as required.Implements and manages intrusion detection and prevention systems, security controls, technologies, and tools to protect departmental information assets, including firewalls, encryption, access controls, and endpoint security solutions.Assesses and monitors the security practices of third-party vendors and contractors that have access to departmental data or systems.Promptly reports security incidents, breaches, and potential threats to the LACDA Executive office and LA County CISO/CIO and other relevant stakeholders.Interfaces with outside law enforcement agencies on electronic security breaches in collaboration with affected departments, as needed.Leads the planning, testing, implementation, tracking, remediation, and risk acceptance of existing and proposed technology.Directs and maintains configuration management (CM) of electronic security systems, software, and data encryption to provide total data security.Ensures a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts.Leads the unit’s information security, disaster recovery, continuity of operations, incident response, and safety programs.Sets priorities, provides guidance, secures resources, and directs the activities of assigned staff to accomplish agency objectives.Interfaces with executive management, directors, and staff of all levels and provides consultation and advisement on data security management.Performs other duties as assigned.Essential Knowledge, Skills, and Abilities
Knowledge of:
Theories, principles, and practices of information security, digital security, data communications technology, application controls, and statutory and regulatory requirements pertaining to information access, security, and privacyDigital infrastructure and application system capabilities and functionsBroad information security issues, requirements, and trendsCompliance requirements related to Federal Rules of Civil Procedure (FRCP) and e-DiscoveryHealth Insurance Portability and Accountability Act (HIPAA)Risk assessment methods and techniquesAuthentication, authorization, and encryption technologiesForensic techniques for investigating incidentsAuditing standards and techniquesContract and vendor negotiationProject management and control practicesSkill in:
Planning, organizing, and constructing the design and implementation of a comprehensive information access, security and privacy programDetermining strategies to achieve goals and exercise sound judgmentAnalyzing information and situations, identifying problems, and recommending solutionsProject managementCritical and logical thinkingCommunicating effectively orally and in writingDeveloping teamwork to achieve shared goalsAbility to:
Stay abreast of latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to information security and privacyUnderstand, interpret, and apply laws, rules, regulations, policies, procedures, contracts, and budgetsNavigate through legal and regulatory requirements to ensure complianceCompile, analyze, and interpret technical and complex dataEnsure projects are on time, within budget, and achieve agency objective(s)Manage and lead staff
A combination of education and/or experience that provides the required knowledge, skills, and abilities to perform the essential functions of the position. A typical combination includes:
Bachelor's degree in Information Security, Computer Science, or a related fieldSix (6) years of relevant supervisory-level experience performing information security work in Windows, Unix, WAN/LAN (Wide Area Network/Local Area Network) environments and in various areas of IT, including development, design, implementation, technical support, programming, database, and operating systemsMaster’s degree in a related field is preferredCertifications
Professional certification in two of the following are required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Computer Hacking Forensic Investigator (CHFI), Global Information Assurance Certification (GIAC), Systems Security Certified Practitioner (SSCP), or equivalentEqual Opportunity
The LACDA is an equal opportunity employer. We are committed to creating a workplace culture that embraces diversity, equity, and inclusion to advance our mission of building better lives and better neighborhoods.Reasonable Accommodation
If you are an individual with a disability and need to request reasonable accommodations under the Americans with Disabilities Act (ADA), please call the LACDA, Human Resources at (626) 586-1687 or via email at hr.recruiter@lacda.org.Application Process
To be considered, all applicants are required to apply online by the filing deadline. Applications will be reviewed for possession of minimum qualifications and evaluated according to the essential functions of the job. In the Work Experience section of the application, applicants must demonstrate their experience by providing a clear description of the work performed as it relates to the position. Each job held must include the dates of employment, name and address of the employer, position title, hours per week, and supervisor. Please note resumes will not be reviewed to determine qualifications.
Supplemental questions are considered a part of the application process and must be carefully answered. All required questions must be completed before the application can be submitted. The supplemental questions will be used to evaluate the applicant's education, training, and experience. Depending on the size of the applicant pool, the supplemental questions may be used as part of the supplemental screening.
To receive credit for required education, applicants must attach a copy of their degree or official/unofficial transcripts. Please note foreign degrees (or degrees completed outside of the United States) require an evaluation of U.S. equivalency conducted by a credential evaluation service such as The National Association of Credential Evaluation Services (NACES) or the Association of International Credential Evaluators, Inc. (AICE).
Please include three (3) professional references in the "Reference" section of your application.
Failure to comply with this application process may result in disqualification.Screening and Selection Process
Following the review of application materials, the most qualified candidates will be contacted via email and text messaging, if elected, for an assessment test and/or interview. Please check the email account provided on the application for important communications regarding the status of your application and/or next steps.Salary Compensation
Salary compensation is dependent on qualifications (experience, education, knowledge, skills, and abilities). Initial salary placement is generally made between the start and mid-point of the posted range. New hires are not eligible to start at the maximum of the posted range.Conditions of Employment
Candidates selected from the process will receive a conditional offer of employment contingent upon successful completion of satisfactory reference checks, a post-offer medical examination, and criminal background check. Background check information will be considered in determining the applicant's suitability for the position.
Candidates must possess a valid California Class C Driver's License, an acceptable driving record, and must comply with the LACDA's Motor Vehicle Safety Policy during employment.
Failure to meet these pre-employment requirements will be grounds for withdrawal of the conditional offer of employment.
Proof of authorization to work in the United States will be required at the time of hire.
Employment with the LACDA is at-will and may be terminated at any time with or without cause.FILING DEADLINE: MONDAY, SEPTEMBER 30, 2024 @ 11:59 PMAPPLY IMMEDIATELY, POSITION MAY CLOSE WITHOUT PRIOR NOTICE.
RECRUITMENT NUMBER :
24075#J-18808-Ljbffr