The City of San José is creating the civic technology foundation that helps our community thrive!
As the Capital of Silicon Valley and 10th largest city in the nation, the City of San José manages a large array of services and assets. The City operates on a budget of $4.3 billion with close to 6,700 employees, all serving one million residents and businesses across 180 square miles.
The City aspires to be as innovative as the community we serve. In that quest, the Information Technology (IT) Team makes its impact through smart uses of technology by our employees and community. IT enables vital services through business solutions, cybersecurity, productivity and collaboration tools, the City Customer Contact Center, and expert planning. Services are powered by truly great people, an expansive municipal area network, and a robust technology infrastructure environment.
We promote a healthy work-life balance that will bring out the best in you as you improve the delivery of critical systems for the City of San José. Come join us realize San José’s Smart City Vision!
The City of San José Information Technology Department seeks two (2) Cybersecurity Analysts (Enterprise Supervising Technology Analysts) to support new initiatives in the Cybersecurity Office. One position will focus on threat and vulnerability management, the second position will focus on risk management and compliance, and the team will cross-support for depth.
The ideal candidate will be part of one of the largest, most innovative communities in the nation. Led by the City Information Security Officer (CISO), the Cybersecurity Analysts team will implement and manage information and system security programs across the City that keep municipal services secure and resilient. The Cybersecurity Analysts will support the City Information Security Officer and the City by administering risk identification, protection and compliance, threat detection, incident response, and recovery services for all City departments to achieve business resilience.
The City of San José requires the Cybersecurity Analysts to be highly skilled to deal with emerging challenges and adapt quickly. The candidate must be able to apply expertise in all aspects of security, interface with vendors, keep their skills current, as well as provide security services to City departments with strong outcomes.
Skills and responsibilities
Primary duties for the Cybersecurity Analysts consist of providing support to the City and CISO in the following areas:
- Work with other teams preparing, detecting, eradicating, and restoring operations in the event of incidents.
- Work with relevant teams to ensure the restoration of systems and technologies in accordance to policy and based on business group needs.
- Identify and mitigate threats utilizing existing technologies. Work with other teams to mitigate identified vulnerabilities from identification to closure. Track and report mitigation efforts.
- Interface with the Virtual Security Operations Center (V-SOC) and use deployed tools and services to ensure monitoring of systems and networks are taking place in accordance with defined service levels, contracts, and established standards.
- This role requires flexibility and adaptability to meet the Security needs of the ITD. The individual must be able to support other areas of expertise within the security domain such as but not limited to NIST Cybersecurity Framework implementation, Risk Management & Compliance, Risk Assessments, Training, Audit Support, and others.
Education and Experience
A Bachelor’s Degree from an accredited college or university in a relevant field, AND four (4) years of progressively responsible professional/journey level experience, of which at least two (2) years of experience include lead technical work in development, implementation and maintenance of electronic business systems/solutions, or application development and/or support.
- Additional years of increasingly responsible directly related work experience may be substituted for education on a year-for-year basis up to two (2) years.
- Completion of a Master's Degree in a relevant field from an accredited college or university may be substituted for one (1) year of the required two (2) years of experience which include lead technical work in development, implementation and maintenance of electronic business systems/solutions or application development and/or support.
Required Licensing (such as driver’s license, certifications, etc.)
- Possession of a valid State of California driver’s license.
Federal law requires all employees to provide verification of their eligibility to work in this country. Please be informed that the City of San Jose will NOTsponsor, represent or sign any documents related to visa applications/transfers for H1-B or any other type of visa which requires an employer application.
Passing a San Jose Police Department background check is a condition of employment.
The ideal candidate will possess the following competencies, as demonstrated in past and current employment history. Desirable competencies for this position include:
Job Expertise – Demonstrates knowledge of and experience with applicable professional/technical principles and practices; and federal and state rules and regulations.
- Breadth of expertise to enable managing major technology services, programs, and products across multiple departmental technology environments and ensuring cross coordination between departments, including adherence with Citywide and departmental procedures/policies and federal and state rules and regulations.
- Expertise in updating and/or optimizing the Incident Response (IR) plan on a yearly basis to ensure maximum effectiveness.
- Mastery in handling incidents from identification to closure.
- Highly skilled in updating and testing the Disaster Recovery Plan (DRP) on a yearly basis.
- Ability to update an optimize the Threat & Vulnerability Management Plan on a yearly basis.
- Strong experience in managing vulnerabilities from identification to closure.
- Capable of overseeing aspects of a Virtual Security Operations Center and ensure processes and procedures are followed.
- A current (non-expired) Certified Information Systems Security Professional (CISSP) or equivalent certification is highly desirable.
Communication Skills – Effectively conveys information and expresses thoughts and facts clearly, orally and in writing; demonstrates effective use of listening skills and displays openness to other people's ideas and thoughts.
Teamwork & Interpersonal Skills – Develops effective relationships with co-workers and supervisors by helping others accomplish tasks and using collaboration and conflict resolution skills.
Analytical Thinking – Approaches a problem or situation by using a logical, systematic, sequential approach.
Project Management – Ensures support for projects and implements agency goals and strategic objectives.