Information Security Program Supervisor

Job Description and Duties

Under the general direction of the Chief Information Security Officer (CISO), an Information Technology Manager II in the Information Security Office (ISO), the incumbent acts in a lead person capacity performing a range of management and technical duties to contribute to successful operations of the State Controller’s Offices (SCO) Enterprise Information Security Program activities. Such as, providing ongoing collaboration and consultation with key partners throughout SCO. The incumbent’s role includes leading the specific functional responsibilities of your team, which involves overseeing team performance and deliverables through developing and executing of the CISO’s and SCO’s strategic vision and plan and ensuring the team’s actions align with the larger goals of the SCO.

Duties performed:

(Candidates must perform the following functions with or without reasonable accommodations.)

• Provide supervision in the development and implementation of the SCO’s Enterprise Information Security Program that enables the SCO to establish consistent, effective information security practices and minimize risk.
• Supervise the design, implementation and evaluation of SCO’s information security standards, guidelines, recommendations, procedures, initiatives and processes to ensure ongoing maintenance of security and consistency with state and federal laws, rules, regulations and best practices.
• Evaluate and report the progress of projects through meetings and written reports to higher-level management.
• Collaborate with Senior Analysts to coordinate activities and assignments of the project team with programmers, vendors, consultants, contractors, and functional managers of support, operational, and customer staff.
• Establish performance expectations, providing continuous feedback, completing appraisals and individual development plans annually.
• Complete probation reports on a timely basis and conduct other performance management activities, including adherence to the State’s discipline policy which may include corrective or disciplinary action.
• Supervise Information Security Office assets and human resources in accordance with established policies, procedures, and labor contracts.
• Provide supervision in the development and implementation of the SCO’s Enterprise Information Security Program’s information security risk, planning, assessment and vulnerability management initiatives and processes.
• Develop and maintain information security standards, procedures, initiatives and processes to address all applicable requirements throughout the life cycle of each SCO information system to ensure compliance with applicable requirements and information asset owner acceptable risk determinations.
• In collaboration with the SCO CISO and ISO staff represent the ISO regarding information security risk management and assurance to external IT projects and auditors.
• Supervise and report on the development, installation, and maintenance of complex IT systems and projects.
• Develop training plans and training material for complex changes to the SCO’s system environments, and provide technical training to ISO staff.
• Assign and collaborate with ISO project leads concerning division, agency, and statewide projects. For example, the CSPS, CalATERS, and FI$Cal project implementations.
• Track project statuses, provide direction in changes of priorities and schedules and provide guidance or recommendations on complex system assessments.
• Manage and track the development of written standards, policies, and procedures. Performs project management responsibilities and activities using State and SCO project management methodology and practices.
• Represent the CISO in meetings with the SCO management and analysts, the California Department of Technology (CDT), decentralized agencies and campuses, projects, and hardware/software vendors regarding the SCO’s security and privacy standards, procedures, and requirements.

You will find additional information about the job in the Duty Statement.

Working Conditions

This position is located at The Emerald Tower on Capitol Mall, steps from Tower Bridge and is walking distance to the State Capitol. The building offers affordable monthly parking, employee gym access, an amenities center, and a beautiful mid-tower garden terrace. It is conveniently situated only blocks from Old Sacramento, numerous restaurants, a seasonal farmer’s market, and the Crocker Art Museum. Overlooking the Golden 1 Arena and Downtown Commons, the office is accessible from Sacramento Regional Transit’s light rail and bus systems, with convenient access to I-5, I-80, US 50 & US 99.

This position is eligible for hybrid telework under California Government Code Section 14200 for eligible applicants residing in California. All telework schedules are subject to change and may be reevaluated at any time. Specific telework arrangements may be discussed in more detail with the respective hiring manager. Telework does not change the terms and conditions of employment, the essential functions of job duties, or required compliance with the State Controller’s Office policies.

Minimum Requirements

You will find the Minimum Requirements in the Class Specification.

• INFORMATION TECHNOLOGY SUPERVISOR II

Additional Documents

• Job Application Package Checklist
• Duty Statement

Position Details

Job Code #:

JC-457167

Position #(s):

051-340-1404-019

Working Title:

Information Security Program Supervisor

Classification:

INFORMATION TECHNOLOGY SUPERVISOR II

$8,256.00 – $11,063.00

# of Positions:

1

Work Location:

Sacramento County

Telework:

Hybrid

Job Type:

Permanent, Full Time

Facility:

Information Systems Division

Department Information

The Office of the State Controller (SCO) is the destination employer within the State of California. As California’s chief fiscal officer, the Controller’s Office ensures accountability and transparency of California’s financial practices while promoting fairness and opportunity for all. Here, you’ll work in a collaborative and supportive environment with diverse opportunities for professional growth and development.

A career with the SCO offers meaningful work that directly impacts the state’s future.

The Information Services Division (ISD) of the California State Controller’s Office is the technology hub that drives innovation and efficiency across the agency. ISD is responsible for developing, maintaining, and enhancing critical IT systems that support the State’s payroll, accounting, and financial reporting functions. If you’re passionate about software development, cybersecurity, data management, or IT project management, ISD offers a dynamic environment for tech professionals looking to make a meaningful impact.

Take the next step in your career with an organization that values innovation, integrity, and the well-being of its employees. Apply today and build a California where everyone thrives!

To learn more about the SCO, visit: https://www.sco.ca.gov/index.html

How did you hear about us? Take our survey!

Special Requirements

When using education to meet minimum qualifications a copy of your degree, transcripts, or degree evaluation is required.

A Statement of Qualifications is required; please see ‘Required Application Package Documents’ for instructions.

Take the Information Technology Supervsor II examination: Become eligible today!

Application Instructions

Completed applications and all required documents must be received or postmarked by the Final Filing Date in order to be considered. Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application.

Final Filing Date: 11/29/2024

Who May Apply

Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply.

Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process.Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).

How To Apply

Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at www.CalCareers.ca.gov. When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:

Address for Mailing Application Packages

You may submit your application and any applicable or required documents to:

State Controller’s Office

Human Resources

Attn: Human Resources Office – J.W.

300 Capitol Mall 3rd Floor, Ste 300

Sacramento, CA95814

Address for Drop-Off Application Packages

You may drop off your application and any applicable or required documents at:

State Controller’s Office

Human Resources

Human Resources Office – J.W.

300 Capitol Mall 3rd Floor, Ste 300

Sacramento, CA95814

Applications dropped off in person must be received by 5 p.m. in HR, by the final filing date.

08:00 AM – 05:00 PM

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at www.CalCareers.ca.gov. All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is optional. It may be included, but is not required.
• Degree and/or School Transcripts
• Statement of Qualifications –
• A Statement of Qualifications (SOQ) is required. The SOQ must be titled “Statement of Qualifications” at the top of the first page, typed in a minimum of 12-point font, single spaced, on standard sized paper (8.5″ X 11″), and no more than 2 page(s) in length.
• Describe your experience in developing/implementing an enterprise-wide information security program. How have you aligned security strategies with organizational goals and ensured compliance with state and federal laws, regulations, and policies?
• Explain your approach to risk management in IT security. How do you identify, assess, and mitigate risks in complex IT environments, what methodologies (e.g., Risk Management Framework) have you used?
• Detail your experience in mentoring a team of information security professionals. How do you foster skill development, maintain high performance standards, and ensure your team’s actions align with the larger goals of the organization?
• Describe a situation where you had to respond to a significant cybersecurity incident. What was your role, how did you manage the situation, what lessons were learned to improve future security posture?

Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.

Desirable Qualifications

In addition to evaluating each candidate’s relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

• Associate or bachelor’s degree in an information technology related field of study.
• 3 years of related experience in information security or equivalent combination of education and experience.
• Possession of the one of the following active certifications is desirable:
• CompTIA Security+
• Certified Cloud Security Professional (CCSP)
• Certified Information Security Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• GIAC Continuous Monitoring Certification (GMON)
• Demonstrate comprehensive understanding of the National Institute of Standards and Technology (NIST) Cybersecurity Framework, California State Administrative Manual (SAM), and California Statewide Information Management Manual (SIMM).
• Knowledge of information security incident response processes and procedures.
• Working knowledge of cloud computing platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud.
• Knowledge of security devices such as network firewalls, web application firewalls, web content filters, and intrusion prevention/detection systems.
• Knowledge of networking concepts and practices.
• Exhibit a talent and passion for information security; is creative and resourceful in solving problems.
• Ability to meet business needs through innovative solutions and demonstrate a service oriented, customer relations-sensitive attitude.
• Ability to establish and maintain cooperative working relationships with all levels of staff and management; communicate effectively with peers, other technical teams, executives, external partners, vendors, and others.
• Ability to manage multiple high priority initiatives in a fast-paced achievement-oriented environment and work under pressure to meet deadlines.
• Working knowledge of project management practices, the system development lifecycle, etc.
• Ability to maintain confidentiality of sensitive tasks, assignments, and information.
• Ability to prepare and produce clear and concise documentation (e.g., processes and procedures, plans, information security policies, etc.).
• Display enthusiasm for continuous learning.

Benefits

Benefit information can be found on the CalHR website and the CalPERS website.

Contact Information

The Hiring Unit Contact is available to answer questions regarding the position or application process.

Hiring Unit Contact:

Denise Middleton

(916) 323-6695

Please direct requests for Reasonable Accommodations to the interview scheduler at the time the interview is being scheduled. You may direct any additional questions regarding Reasonable Accommodations or Equal Employment Opportunity for this position(s) to the Department’s EEO Office.

EEO Contact:

EEO Officer

(916) 324-2223

California Relay Service: 1-800-735-2929 (TTY), 1-800-735-2922 (Voice) TTY is a Telecommunications Device for the Deaf, and is reachable only from phones equipped with a TTY Device.

Equal Opportunity Employer

The State of California is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.

It is an objective of the State of California to achieve a drug-free work place. Any applicant for state employment will be expected to behave in accordance with this objective because the use of illegal drugs is inconsistent with the law of the State, the rules governing Civil Service, and the special trust placed in public servants.

Read Full Description