Cybersecurity Specialist
Role details
Job location
Tech stack
Job description
SCV Water is seeking a Cybersecurity Specialist to help safeguard the technology systems that support water delivery and operations throughout the Santa Clarita Valley. This position plays a key role in cybersecurity operations, vulnerability management, incident response, disaster recovery, and continuous improvement of the Agency's security posture. The ideal candidate combines strong technical skills with a proactive mindset and a passion for protecting critical infrastructure. DEFINITION Under general supervision, the Cybersecurity Specialist will be responsible for cybersecurity processes and procedure, assist with cybersecurity architecture, design, requirement validation and verification, and handle the day-to-day cybersecurity duties of the Agency's system infrastructure. DISTINGUISHING CHARACTERISTICS The Cybersecurity Specialist job class is distinguished within the Information Technology Specialist job in that the former has a primary focus on all cybersecurity activities for the Agency's information systems. Activities include design, implementation, maintenance, and continuous improvement to the security posture of all Agency information systems. SUPERVISION RECEIVED/EXERCISED Receives general supervision from the Director of Technology Services. EXAMPLE OF DUTIES EXAMPLES OF ESSENTIAL FUNCTIONS (Illustrative Only) Management reserves the rights to add, modify, change, or rescind the work assignments of different positions and to make reasonable accommodations so that qualified employees can perform the essential functions of the job. The duties listed below are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to this class.
- Identify weaknesses or misconfigurations in current system designs; recommend and implement solutions.
- Acts as front-line incident responder; gathers and analyzes cybersecurity incident-related data and supports the appropriate response.
- Assist in performing technical project support duties on assigned systems projects in coordination with System Analysts; may be assigned full responsibility for specific systems implementations relevant to security.
- Actively monitor threat lists; this includes federal, local, third party, and internal security reports/lists in order to assist staff in proactively applying security patches.
- Regularly identifies updates to and reviews security policies, standards, guidelines, and procedures to ensure ongoing maintenance of security. This includes careful consideration of business, best practices, and security requirements.
- Actively supports and schedules after hours patching and remediation activities.
- Supports disaster recovery and business continuity activities. This includes supporting initiatives that reduce system downtime, identify, and resolve misconfigurations, or restore a system. In addition, will initiate and monitor vendor performance and activities during critical software or hardware incidents.
- Perform analysis and provide recommendation for procurement of secure software and hardware solutions. This includes gather pricing information, reviewing vendor privacy, data ownership, vulnerability response, and software lifecycle policies. This also includes reviewing vendor codes and gathering vendor quotes to assist in budget preparation.
- Provide metrics and reporting on system security health. This includes active updates on weekly, monthly, quarterly, and annual cybersecurity tasks.
- Coordinates quarterly disaster and recovery analysis, planning, testing and system administration of systems.
- Provides security impact analysis on activities that impact the security of an Agency system or process. These activities may involve selection, implementation, reconfiguration, or upgrade activities of systems or processes.
- Provides after hours availability to support a continuous operation, as required by Agency systems. This may include working an alternative work schedule to support after hours security activities.
- Provide continuous research in support of identifying best practices across cybersecurity, information systems, and water utilities to provide updates and integrate new methods and tools as appropriate.
- Implements internal control, network security methodologies and other security systems for data, systems, and hardware protection and recovery procedures; ensures timely and accurate back-up of data; maintains appropriate confidentiality of sensitive information.
- Performs a variety of specialized, highly technical, and complex security-oriented activities related to database system or network system duties in support of specialized functions or programs.
- Provides operational support to the Agency's network and systems infrastructure. This includes but is not limited to programming, building, analyzing, diagnosing, maintaining, securing, and operating various network devices and systems.
- Maintain effective relationships with third party providers and support personnel.
- Operate a computer and assigned software.
- Perform other related duties as assigned.
Requirements
Do you have experience in Research?