Departmental Information Security Officer II

EXAM NUMBER
b2612C
TYPE OF RECRUITMENT
We welcome applications from anyone.

As the nations largest public mental health department Los Angeles Department of Mental Health ensures access to care and treatment for our most vulnerable residents in a region with more than 10 million people.

Make an impact by helping diverse and underserved populations in a variety of settings throughout LA County. We offer phenomenal medical and life insurance fantastic retirement benefits along with many additional incentives! Help us build a better future!

Are you ready for a fulfilling career path

Filing Start Date:

We will be accepting online applications from February:00 a.m. (PT) - Continuous.We will keep accepting applications until the position is filled. The application window may close unexpectedly once we have enough qualified candidates.

THIS ANNOUNCEMENT IS BEING REPOSTED TO REOPEN THE FILING PERIOD AND REMOVE FAIR CHANCE AND COVID-19 LANGUAGE.

OUT-OF-CLASS EXPERIENCE WILL NOT BE ACCEPTED FOR THIS EXAMINATION. REQUIRED EXPERIENCE MUST BE FULLY MET AND INDICATED ON THE APPLICATION.

Salary Information:

This position is subject to the provisions of the Management Appraisal of Performance Plan (MAPP). Initial salary placement and subsequent salary adjustments will be made in accordance with MAPP guidelines and regulations.

Definition:

Under general direction leads the information security function for a large to very large County department and is responsible for the development and delivery of a comprehensive departmental information security strategy to optimize the departments security posture.

Classification Standards:

Positions allocable to this class report to a Departmental Chief Information Officer (DCIO) or senior departmental executive and receive programmatic guidance and instruction from the County Chief Information Security Officer (CISO).

The Departmental Information Security Officer II (DISO II) is generally restricted to one per department and is typically allocated to large or very-large departments that have a cybersecurity function of sufficient size and complexity to necessitate a full-time cybersecurity function based on a qualitative analysis of the department workforce size in conjunction with scope and complexity of information technology systems security requirements; information technology-related regulatory contractual and technical environment; architecture; type sensitivity and complexity of information collected processed and stored; and organizational structure and business strategic alignment.

• Develops and maintains the departmental Information Security Program including policies standards and procedures; cybersecurity control evaluation selection and implementation; and architectures products and services pursuant to County Chief Information Office architectures standards and guidelines and Board polices and applicable laws.
• Works with departmental business units to conduct information security risk assessments and participates in regular reviews of security standards governance data compliance and privacy management audit risk assessments physical and logical access reviews risk assessments and data destruction solutions.
• Conducts vulnerability assessments to identify existing or potential weaknesses in systems and processes that could lead to compromises; facilitates remediation of identified vulnerabilities within processes systems and applications and coordinates investigations with the CISO Countywide Chief Privacy Officer (CPO) CCIRC Auditor-Controller and law enforcement agencies as necessary.
• Leads and performs routine assessments and periodic inspections of departmental information technology systems to ensure security controls are functioning properly and effectively and recommends appropriate corrective measures to eliminate or mitigate system compromises. Actively participates in federal State and local audits and reviews for the department. Coordinates the departments information technology-related aspects of annual or biennial ICCP audits.
• Provides guidance to department management and implements necessary policies standards or controls to address department-specific regulatory and contractual factors.
• Collaborates with departmental team members to align security posture to facilitate achievement of business objectives.
• Collaborates with application and software developers to ensure production applications will meet established information security policies standards and business requirements using appropriate processes and application development tools and techniques.
• Promotes and coordinates development and distribution of information security and privacy awareness training and education for departmental employees in cooperation with the CISO and CPO. Promotes Countywide initiatives pertaining to information security and privacy education and awareness programs.
• Represents the department on County cybersecurity governance bodies committees and workgroups and participates and assists in the development review and recommendation of Countywide information technology security policies technical and operational standards procedures and guidelines. Identifies and recommends industry standard methodologies for cybersecurity coordinating communication and collaboration among County departments on countywide and departmental cybersecurity issues.
• Serves as a member of the Countywide Cybersecurity Incident Response Committee (CCIRC). Establishes and leads a Departmental Cybersecurity Emergency Response Team (DCERT) and develops appropriate security incident notification procedures for departmental management CISO CPO and CCIRC.
• Participates in Countywide activities for and directs or conducts departmental reviews evaluations and provides recommendations of software products and controls related to cybersecurity.
• Participates with the responsible County entities in the development and implementation of Countywide business continuity and disaster recovery plans to ensure that these incorporate appropriate cybersecurity measures.
• Collaborates with the departments CPO regarding electronic data and physical records privacy incident and breach response privacy audits and other initiatives pertaining to the Countys privacy program components and related policies.
• In collaboration with information technology operations ensures proper departmental inventories of information technology assets and software licenses.
• Reviews departmental information technology projects and in conjunction with County Counsel reviews information technology contract terms to ensure information security sufficiency.
• Participates in the review of information technology facility acquisition construction and remodeling projects to ensure conformity to County information security policies standards guidelines and industry protocols as needed.
• Supervises and/or manage and coordinate subordinate security officers supervisors and technical staff as needed.
• Serve as a witness or subject-matter expert for the department in legal matters concerning cybersecurity as needed.

REQUIREMENTS TO QUALIFY:

Option I:A Bachelors Degree* in Computer Science Information Security Information Assurance Business Administration or a related field -AND- Five (5) years of progressively responsible** experience in a combination of risk management information security and cybersecurity roles -AND-Two (2) years of experience in Information Technology Project Management.

Option II: Three (3) years of experience administering an Information Technology security program at the level of Departmental Information Security Officer I***.

License:

A valid California Class C Driver License or the ability to use an alternative method of transportation when needed to carry out job-related essential functions.

Physical Class II:

Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending stooping or squatting. Considerable ambulation may be involved.

Special Requirement Information:

Transcript:

• *In order to receive credit for any college or university course or any type of college or university degree or any certificates such as Bachelors or higher. It is necessary to include a legible copy of the official diploma or official transcripts from the accredited institution which shows the area of specialization with your application at the time of filingor within 7 calendar days of filing.

Accredited institutions are those listed in the publications of regional national or international accrediting agencies which are accepted by the Department of Human Resources (DHR). These agencies must be recognized by the United States Department of Education (USDE) and/or the Council for Higher Education Accreditation (CHEA). Publications such as American Universities and Colleges and the International Handbook of Universities are also acceptable references. We also accept degrees conferred by institutions that have been evaluated by an academic credential evaluation agency recognized by the National Association of Credential Evaluation Services (NACES) or the Association of International Credential Evaluators Inc. (AICE) and that have been deemed by the evaluating agency to be the equivalent of a degree from an accredited United States institution.

Official Transcriptis defined as a transcript that bears the college seal and states official and/or copy issued by the schools Registrar Office. A printout of the transcript from the schools website is NOT considered official and; therefore will NOT be accepted and may result in the application being incomplete or rejected.

**Progressively responsible experience is work experience that clearly shows an upward progression in the level of duties and responsibilities from one job to the next.

***At the level of Departmental Information Security Officer I in the County of Los Angeles is defined as: Under general direction leads the information security function for a medium to large County department or a large Health Care Organization consisting of 5000 employees or more and is responsible for the development and delivery of a comprehensive departmental information security strategy to optimize the departments security posture.

A medium to large sized Department is defined as a Los Angeles County Department consisting of 4000 or more employees.

Note: Applicants may still qualify even if your job title isnt exactly the same as the ones listed. What matters is that your experience is at a similar level meaning your job involves similar responsibilities requires comparable skills and knowledge and takes place within a similar organizational structure. Please provide a clear explanation of your experience to demonstrate that it is at the appropriate level.

Desirable Qualifications:

Industry Certifications: e.g. Certified Information Security Professional (CISSP) Certified Information Security Manager (CISM) or Certified in Risk & Information Systems Control (CRISC)

Experience working with HIPAA Security rule and Meaningful Use 2 security requirements.

Experience composing and delivering technical presentations to leadership which convey and explain technical issues and procedures.

Experience managing multiple tasks and complex IT projects changing priorities meetings and constrained deadlines through subordinates supervisors and/or staff to achieve department operational objectives.

Experience developing IT policies standards procedures and business planning processes.

Experience writing reviewing and developing Requests for Proposals Requests for Quotations and Requests for Information.

Experience reviewing monitoring and negotiating contracts for capital equipment software and/or IT services. Experience directing technology assessments audits and investigations and writing accompanying reports.

EXAMINATION CONTENT

An evaluation of education training and experience based upon application desirable qualifications and supplemental questionnaire information weighted 100%. Additional credit will be given for desirable qualifications.

Candidates must achieve a passing score of 70% or higher in order to be placed on the eligible register. Notice of non-acceptance and final results will be sent via email.

Eligibility Information

The names of candidates receiving a passing grade in the examination will be placed on the eligible register in the order of their score group for a period of twelve (12) months following the date of promulgation.

Applications will be processed on an as-received basis and promulgated to the eligible register accordingly. Retake: No person may compete for this examination more than once in a twelve (12) month period.

Special Information

Past and present mental health clients parents and family members are encouraged to apply.

Vacancy Information

The eligible register for this examination will be used to fill a vacancy in the Department of Mental Health Chief Information Office Bureau (CIOB).

Available Shift

Appointees may be required to work any shift including evenings nights weekends or holidays.

Application and Filing Information

Applicants are required to complete and submit an online Los Angeles County Employment Application AND Supplemental Questionnaire in order to be considered for this examination. Paper applications resumes or any unsolicited documents will not be accepted in lieu of completing the online application and Supplemental Questionnaire. We must receive your application on the last day of filing. Application filing may be suspended at any time without advance notice.

Instructions For Filing Online

We only accept applications filed online. Applications submitted by U.S. mail fax or in person are not accepted. Apply online by clicking on the Apply green button at the top right of this posting. This website can also be used to get application status updates.

Please fill out the application completely. Provide relevant job experience including employers name and address job title beginning and ending dates number of hours worked per week and description of work performed.

We may verify information included in the application at any point during the examination and hiring process including after an appointment has been made. Falsification of information could result in refusal of application or rescission of appointment. Copying verbiage from the Requirements or class specification as your work experience will not be sufficient to demonstrate meeting the requirements. Doing so may result in an incomplete application and may lead to disqualification.

We will send notifications to the email address provided on the application so it is important that you provide a valid email address. If you choose to unsubscribe or opt out from receiving our emails it is possible to view notices by logging into and checking the profile inbox. It is every applicants responsibility to take steps to view correspondence and we will not consider claims of missing notices to be a valid reason for re-scheduling an exam part. Register the below domains as approved senders to prevent email notifications from being filtered as spam/junk mail.

New email addresses need to be verified. This only needs to be done once per email address and can be done at any time by logging in to and following the prompts. This is to enhance the security of the online application and to prevent incorrectly entered email addresses.

Federal law requires that all employed persons have a Social Security Number so include yours when applying.

For those who do not have access to a computer or the internet we provide access to complete an application at public libraries throughout the county.

All applicants must file their application online using their own user ID and password. Using a family members or friends login information may erase a candidates original application record.

For the time being all notifications including results letters and notices of non-acceptance will be sent electronically to the email address provided on the application. It is important that you provide a valid email address. Please add as well as and to your email address and list of approved senders to prevent email notification from being filtered as span/junk/clutter mail.

Applicants have the ability to opt out of emails from LA County. If you unsubscribe you will not receive any email notification for any examination for which you apply with Los Angeles County. Regardless of whether you choose to unsubscribe you can always check for notifications by logging into and viewing your profile inbox which saves a copy of all emailed notices.

Anti-Racism Diversity and Inclusion (ARDI):

The County of Los Angeles recognizes and affirms that all people are created equal and are entitled to all rights afforded by the Constitution of the United States. We are committed to promoting Anti-Racism Diversity and Inclusion efforts to address the inequalities and disparities amongst race. We support the ARDI Strategic Plan and its goals by improving equality diversity and inclusion in recruitment selection and employment practices.

Department Contact
Department Contact Name: Lola Sacks Exam Analyst
Department Contact Phone: or
Department Contact Email:

ADA Coordinator Phone
Teletype Phone
California Relay Services Phone

COUNTY OF LOS ANGELES

Employment Information

Any language contained in the job posting supersedes any language contained below.

This document is intended to provide general information about the recruitment process of the County of Los Angeles. Applicants with questions about a specific job posting should contact the exam analyst listed on the posting.

Equal Employment Opportunity/Non-Discrimination Statement:
The County of Los Angeles is an Equal Employment Opportunity Employer and is committed to non-discrimination in the County workforce regardless of age (40 and over); ancestry; color; ethnicity; religious creed; protected family or medical leave status; disability; marital status; medical condition; genetic information; military and veteran status; national origin; race ; sex; gender; sexual orientation; or any other characteristic protected by State or federal law. For more information please visit: Accommodations for Applicants:
The County of Los Angeles complies with all federal and state disability laws and makes reasonable accommodations for qualified applicants and employees with disabilities. If a reasonable accommodation is needed to participate in the job application process please contact the testing accommodation coordinator listed on the job posting. Hearing impaired applicants with telephone teletype equipment may leave messages by calling the teletype phone number on the job posting. For more information on accommodations please visit: Chance:
The County of Los Angeles is a Fair Chance employer. Except as otherwise permissible under applicable laws you will not be asked to provide information about conviction history unless you receive a conditional offer of employment. The County will make an individualized assessment of whether your conviction history has a direct and adverse relationship with the specific duties of the job and will also consider potential mitigating factors which may include but is not limited to evidence and extent of rehabilitation recency of the offense(s) and age at the time of the offense(s). If asked to provide information about conviction history any convictions or court records which are exempted by a valid court order do not have to be disclosed. Qualified applicants with arrest or conviction records will be considered for employment in accordance with County Fair Chance Policies and the Fair Chance Act (Gov. Code Section 12952).

Employment Eligibility:
Final appointment is contingent upon verification of U.S. citizenship or the right to work in the United States.

Career PathFinder:
Resources to help current and prospective employees plan a career with Los Angeles County are available. To explore career paths to and from nearly all job titles please visit our interactive Career PathFinder application at .

Veterans Credit:
Pursuant to the County Charter and County policy in all open competitive examinations (i.e. examinations open to everyone) the County of Los Angeles will add a credit of 10 percent of the total credits specified for such examination to the final passing score of an honorably discharged veteran as well as the spouse of a deceased or disabled veteran who served in the Armed Forces of the United States under specific conditions.
For more information on veterans credit please visit: September 2025