The City of San José is creating the civic technology foundation that helps our community thrive!
As the Capital of Silicon Valley and 10th largest city in the nation, the City of San José manages a large array of services and assets. The City operates on a budget of $3.5 billion with 6,000+ employees, all serving one million residents and businesses across 180 square miles.
The City aspires to be as innovative as the community we serve. In that quest, the Information Technology (IT) Team makes its impact through smart uses of technology by our employees and community. IT enables vital services through business solutions, cybersecurity, productivity and collaboration tools, the Customer Contact Center, and expert planning. Services are powered by truly great people, an expansive municipal area network, and a robust technology infrastructure environment.
Come join us realize San José’s Smart City Vision!
The City of San José Information Technology Department seeks an exceptional City Information Security Officer (CISO) to lead cybersecurity efforts citywide.
The CISO will direct the Cybersecurity Office for one of the largest, most innovative communities in the nation. The CISO is the City’s principal executive leader for information and systems security. In partnership with the Chief Information Officer (CIO), they manage risk identification, protection and compliance, threat detection, incident response, and recovery services for all City departments to achieve business resilience.
San Jose does not seek a conventional CISO. Emerging challenges move too quickly and are too varied for traditional audit/spend/fix approaches. Therefore, the City’s CISO must be able to apply expertise in security strategy, educating and habituating diligence, cybersecurity frameworks, managing a mix of staff and vendor services, leading incident management, optimizing resources, and achieving desired security outcomes.
Skills and responsibilities
Key Responsibilities include:
- Provide expert guidance on regulatory and standards (FISMA, FedRAMP, CJIS, PCI-DSS, HIPAA, etc) the City must meet in providing municipal services, as well as security frameworks (NIST, ISO, IEEE, etc) to shape City operations.
- Coordinate with stakeholders within the City and partners/vendors outside of the City to ensure information and systems security meet the City’s standards for threat identification, protection, and risk detection.
- Administer programs to educate City personnel about applicable security practices and requirements, build diligence, and maintain compliance.
- Provide expert security guidance to City departments and officials in service planning, procurements, contract negotiations, vendor management, and project management.
- Lead incident management processes in coordination with City departments to respond and recover from incidences.
- Resolve of security-related audits in partnership with City staffs.
- Operationalize and sustain the City’s cybersecurity programs, policies, and architecture.
- Ensure comprehensive security strategies connect to resilience plans and Emergency Management exercises.
- Manage the City’s procurements of cybersecurity products and services, use, and use by departments.
- Lead at least bi-annual for a Cybersecurity Assessment of the City Technology Environment.
- Provide strategic and operational leadership to address cybersecurity in the City’s emerging Internet-of-Things, Smart Communities/Smart Cities, and Privacy/Data/Use activities.
Education and Experience
A Bachelor’s degree from an accredited college or university in computer science, management information systems, business/public administration, or a closely related field AND seven (7) years of increasingly responsible experience in cybersecurity application and infrastructure, technology management, or telecommunications, including a combination of five (5) years of supervisory and project personnel management experience, with at least three (3) years of supervision experience in direct support of information security programs of significant scale and scope similar to a large government, to include budgeting, contracting, procurement, and supervision of staff and technical project teams in delivering goals and measured service levels.
A Master's Degree in a relevant field from an accredited college or university may be substituted for one (1) year of the required three (3) years of supervision experience in direct support of information security programs of significant scale and scope similar to a large municipal government, to include budgeting, contracting, procurement, and supervision of staff and technical project teams.
Licenses or Certificates:
Possess and maintain a current, terminal-level cybersecurity credential such as:
• Certified Information Systems Security Professional (CISSP);
• Certified Information Systems Auditor (CISA);
• Certified Information Security Manager (CISM);
• Certified in the Governance of Enterprise IT (CGEIT);
• Certified in Risk and Information Systems Control (CRISC); or
• An equivalent professional, industry recognized certification acceptable to the City.
• Ability to obtain and maintain SECRET Security Clearance within a reasonable period of time acceptable to the City.
Employment Eligibility: Federal law requires all employees to provide verification of their eligibility to work in this country. Please be informed that the City of San Jose will NOT sponsor, represent or sign any documents related to visa applications/transfers for H1-B or any other type of visa which requires an employer application.
The ideal candidate will possess the following competencies, as demonstrated in past and current employment history. Desirable competencies for this position include:
• Job Expertise – Demonstrates knowledge of and experience with applicable professional/technical principles and practices, Citywide and departmental procedures/policies and federal and state rules and regulations.
• Communication Skills - Effectively conveys information and expresses thoughts and facts clearly, orally and in writing; demonstrates effective use of listening skills and displays openness to other people's ideas and thoughts.
• Analytical Thinking - Approaching a problem or situation by using a logical, systematic, sequential approach.
• Vision/Strategic Thinking – Support, promote, and ensure alignment with the organization’s vision and values. Understand how an organization must change in light of internal and external trends and influences. Builds a shared vision with others and influence others to translate vision to action.
• Project Management – Ensures support for projects and implements agency goals and strategic objectives.