Job Description

Job Description and Duties

Applying electronically via CalCareers is highly recommended. If submitting a hardcopy application (mail/drop-off), please send an email to [email protected] to confirm submission.

This position is a 12-month Limited Term (LT) and may be extended up to 24 months or become permanent.

If you have permanent status and have passed probation, you have mandatory reinstatement rights into your former position/classification at the end of this LT appointment. You will be separated from state service if you have not had prior permanent or probationary civil service status. During this 12-month limited-term assignment, you may be entitled to receive health, dental, and vision benefits. You will also earn State Service and accrue monthly leave credits.

Are you looking to make a difference in the lives of Californians? Are you looking to have a direct impact on protecting public health from the harmful effects of air pollution?  

CARB's Office of Information Services (OIS) has an amazing opportunity for a Chief Information Security Officer (Information Technology Manager II (ITM II)) to join our dynamic team and assist in the administration, development, and implementation of systems to support CARB's programs and activities.

As a Chief Information Security Officer, the ITM II:

• Will be a strategic technical leader to influence and provide expertise to drive CARB's secure use of technology.
• Act as a Security Advocate for Application Development - a pivotal role focused on influencing and guiding application developers towards adopting secure coding practices based on NIST and OWASP standards. Instill a culture of security within the development teams - both State staff and contractors.
• Plays a key role in the integration of security into the software development lifecycle (SDLC). Collaborate with developers to understand their challenges and offer solutions that seamlessly incorporate security without hindering the development process.
• Act as a subject matter expert in application development and project execution.
• Incumbent will manage CARB's Information Security, Privacy and Risk Management programs and advise executive level staff on governance and policy that support forward movement.
• Incumbent may have extensive decision-making authority and direct the most critical/complex projects where the consequence of error may have a serious detrimental effect on the operating efficiency of the CARB.
• Will collaborate between business owners, management, subject matter experts, and oversight agencies, to develop policy, architecture, and risk management functions to secure CARB.

INFORMATION TECHNOLOGY DOMAINS:

• Business Technology Management
• Information Security Engineering
• Software Engineering
• System Engineering

You will find additional information about the job in the .

Working Conditions

This position may be eligible for hybrid in-office work and in-state telework. The amount of telework is at the agency's discretion and is based on the California Air Resource Boards' (CARB) current telework policy. While the CARB may support telework, some in-person attendance is also required. 

The positions at the CARB may be eligible for telework with in-person attendance based on the operational needs of the position under Government Code 14200 for eligible applicants residing in California, subject to the candidate meeting telework eligibility criteria outlined in the CalEPA telework policy and/or future program need. Employees not residing in California are not eligible for telework. Regardless of hybrid telework eligibility, all employees may be required to report to the position’s designated headquarters location at their own expense.

• Position located in a high-rise building.
• Requires being stationary, consistent with office work, for extended periods.
• Standard office environment (artificial lighting, controlled temperature, etc.).  
• Daily use of a personal computer, office equipment, and/or telephone.

Special Requirements

Applicants must include a Supplemental Questionnaire (SQ) for this recruitment. Applications without an SQ or include an SQ that does not directly answer all the items below will not be considered. Resumes do not take the place of the SQ.

• Require Name on SQ
• Maximum number of pages: 2 (Arial 12 pt)

Describe your experience, knowledge and abilities in:

1. Leadership, Supervision and Management
2. Policy Development
3. Risk Management and Incident Response
4. Compliance and Audits
5. Aligning security initiatives with enterprise programs and business objectives

Desirable Qualifications

In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

Desirable qualifications include:
1) Ability to guide application teams to develop secure codeing practices;
2) experience working on an information security incident response/forensic/watch team; 3) experience performing as an IT support subject matter expert within an organization;
4) excellence in customer service;
5) excellent writing and documentation skills;
6) a positive and professional attitude;
7) organizational skills; and
8) the ability to manage time effectively and work independently.  

Highly desirable qualifications include:
1) Experience managing information security programs in complex environments;
2) experience identifying, analyzing and responding to Information Security risk factors, 3) an understanding of network and data communications, including interoperability of different computer systems;
4) Understanding of secure software development practices;
5) Excellent problem solving ability;
6) Ability to explain complex security risks; and
7) an ongoing desire to learn.

Benefits

Benefit information can be found on the CalHR website and the CalPERS website.

• Nearby (third-party) Parking
• Convenient to public transportation
• Gym
• Daycare facility

Experience and Education

For experience/education to qualify during the application screening process and to ensure that minimum qualifications can be determined, applicants should include all employment history on the Employment Application (STD 678), including detailed job descriptions, hours worked per week, and start/end dates (MM/DD/YYYY). Application packages without this information may experience delayed processing times, and your eligibility for this position may be impacted.

If you are using education to meet the minimum qualifications for this position, you must submit a copy of your transcript or diploma.  Applicants who completed their education outside the United States (with foreign degrees/transcripts) must obtain and submit verification of the United States course/degree equivalency.

Foreign education credential evaluation services can be found at

Failure to submit all the required documentation will result in an incomplete application and disqualification from consideration for this position.

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is required and must be included.
• Other - Cover Letter
• Supplemental Application -

  Please see the Special Requirements section of this job advertisement for detailed instructions for the SQ submission.

Job Tags

Permanent employment, Full time, Temporary work, For contractors, Remote job, Trial period,

Similar Jobs