INFORMATION TECHNOLOGY SECURITY SPECIALIST

• Leads or has primary responsibility for the development, implementation, and monitoring of departmental IT security policies, standards, procedures and guidelines (i.e., Business Continuity Plans (BCP)/Disaster Recovery Plan (DRP), in accordance with County policies, standards, procedures and guidelines.
• Coordinates and participates in the analysis, design, and implementation of IT security solutions.
• Participates in and directs the development, testing, and verification of departmental computer disk images to standardize implementation of security controls.
• Assesses performance of applications across all components to identify potential vulnerabilities or threats; directs developers and infrastructure support staff in the planning and implementation of countermeasures.
• Documents network data flows and access controls; ensures that network devices are tested, implemented, and maintained via upgrades, patches, and updates with appropriate security controls such as authentication and configuration.
• Conducts and directs risk assessments for identity and access controls; directs physical security control assessments and the monitoring and assessing of physical safeguards.
• Analyzes security hardware and software to determine feasibility of use within the network infrastructure; conducts change control and technical review of proposed changes to IT resources.
• Monitors, analyzes, and responds to system outages, alerts, and reports of abnormal system behavior due to suspected security-related events such as viruses, Trojan activity, and hacker intrusions using security-event management tools.
• Leads and participates in the technical analysis and correlation of security data from computing and network devices to identify potential threats and vulnerabilities or to determine the root cause of a security incident.
• Compiles and validates security-related statistical data for management reporting; maintains chain of custody of electronic and or physical evidence related to an IT security incident. May represent the Department in legal matters related to IT systems security.
• Directs the development, implementation and evaluation of a departmental security awareness training program and related materials and the training of departmental staff at all levels on security protocols, policies, and procedures.
• Develops compliance strategies for IT security programs; leads the assessment of risks of non-compliance to management policies, procedures, standards and guidelines and reports findings to appropriate management.
• Supervises IT staff in the performance of security-related assignments.
• May participate in the Countywide Computer Emergency Response Team (CCERT), Departmental Computer Emergency Response Team (DCERT), and Security Engineering Teams (SET)., No withhold will be allowed. Required experience/education must be fully met by the last day of filing, and clearly indicated on the application.

Endorsement of county qualifications: If you performed work that differs from the duties described in your class specification and believe you qualify for this opportunity, please provide verification via official documentation of additional responsibility bonus, out-of-class bonus, temporary assignment bonus or reclassification study with CEO Classification within fifteen (15) calendar days from the last day of filing. Employees do not need to submit such verification if they hold or have held a position that regularly performs functions in alignment with the requirements

License: A valid California Class C Driver License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.

Physical class: Physical Class II - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved., The information you provide on this Supplemental Questionnaire (SQ) will be evaluated and used to determine your eligibility. Please be advised that failure to provide the correct information in the supplemental questionnaire may result in disqualification of your application even if you possess the qualifying experience or education. Please be as specific as possible and include all information as requested. Comments such as "see resume or application" will not be considered as a response. Please note that all information is subject to verification at any time in the examination and hiring.

OPTION 1: Graduation from an accredited college or university with a bachelor's degree* in Computer Science, Information Systems, or a closely-related discipline -AND- four (4) years of recent**, full-time, highly responsible*** paid experience managing the security of multiple platforms, operating systems, software, and network protocols for a large IT organization****.

OPTION 2: Five (5) years of recent, full-time paid, highly responsible experience in the administration of a minimum of one (1) or more IT security functional areas at the level of Los Angeles County class of Information Technology Security Analyst*****., *To receive credit for your education, include a legible copy of your official diploma, official transcript, or letter/certificate from an accredited institution within fifteen (15) calendar days from the last date of filing. Please submit documents to DCFSExams@dcfs.lacounty.gov and indicate your name, the exam name, and the exam number. The document should show the date the degree was conferred and be in English; If not in English, then translation is required. International degrees must be evaluated for equivalency to U.S. standards if not listed in the International Handbook of Universities or World Higher Education Database. For more information on our standards for educational documents, please visit: https://file.lacounty.gov/SDSInter/dhr/070812_PPG123.pdf.

**Recent experience is defined as experience within the last 6 years.

***Highly responsible experience is defined as experience at the senior level performing the more complex assignments related to the development, implementation, and monitoring of information technology security systems.

****Large IT organization commensurate in size and complexity as that of an organization or department with a minimum of 1,000 employees.

*****Experience at the level of the County of Los Angeles class of Information Technology Security Analyst is defined as: performs the full range of activities related to the development, implementation, and monitoring of information systems security standards, best practices, and architectures for an organization or department. You may still qualify even if your job title isn't exactly the same as the ones listed. What matters is that your experience is at a similar level - meaning your job involves similar responsibilities, requires comparable skills and knowledge, and takes place within a similar organizational structure. Please provide a clear explanation of your experience to demonstrate that it is at the appropriate level., This examination will consist of a structured oral interview weighted 100%. The interview will assess Technical Knowledge, Skills and Experience; Data Analysis & Decision Making Ability; Interpersonal & Oral Communications Skills; Planning and Organizational Ability; Supervision and Leadership Skills; Ethics and Integrity; Accountability; Stress Tolerance; Adaptability; and Dependability.

You must meet the requirements and achieve a passing score of 70% or higher in order to be placed on the eligible list., Do you have a bachelor's degree or higher from an accredited college or university in Computer Science, Information Systems, or a closely-related discipline?

• Yes, and I have attached a legible copy of my official diploma or transcripts with my application.
• Yes, and I will email a legible copy of my official diploma or transcripts within fifteen (15) calendar days from the last day of filing to DCFSExams@dcfs.lacounty.gov.
• No, I do not possess a bachelor's degree or higher in Computer Science, Information Systems, or a closely-related discipline.

04

How many years of recent, full-time, highly responsible paid experience managing the security of multiple platforms, operating systems, software, and network protocols for a large IT organization.

• No experience to less than 1 year

• 1 year to less than 2 years

• 2 years to less than 3 years

• 3 years to less than 4 years

• 4 years or more, How many years of recent full-time paid experience do you have at the level of Los Angeles class of Information Technology Security Analyst performing the full range of activities related to the development, implementation, and monitoring of information systems security standards, best practices, and architectures for an organization or department?

• Less than 1 year

• 1 year but less than 2 years

• 2 years but less than 3 years

• 3 years but less than 4 years

• 4 years but less than 5 years

• 5 Years or more

With more than 10 million residents, Los Angeles County is the most populous county in the nation! As the largest employer in Southern California, over 116,000 employees in more than 38 Departments, we provide vital public services as diverse as law enforcement, property assessment, public health protection, water conservation, cultural activities and many more. We are dedicated professionals committed to preserving the dignity and integrity of the workplace as well as protecting the rights of each employee. The County has more than 2,300 different job descriptions, offering a lifetime of opportunities and careers! We offer one of the strongest public-sector benefits packages in the country. Join us and discover a rich selection of health care options, robust retirement plans and the flexibility to work, relax, and rejuvenate to reach your fullest personal and professional potential.