Cybersecurity Specialist

SCV Water is seeking a Cybersecurity Specialist to help safeguard the technology systems that support water delivery and operations throughout the Santa Clarita Valley. This position plays a key role in cybersecurity operations, vulnerability management, incident response, disaster recovery, and continuous improvement of the Agency's security posture. The ideal candidate combines strong technical skills with a proactive mindset and a passion for protecting critical infrastructure.

DEFINITION

Under general supervision, the Cybersecurity Specialist will be responsible for cybersecurity processes and procedure, assist with cybersecurity architecture, design, requirement validation and verification, and handle the day-to-day cybersecurity duties of the Agency’s system infrastructure.

DISTINGUISHING CHARACTERISTICS

The Cybersecurity Specialist job class is distinguished within the Information Technology Specialist job in that the former has a primary focus on all cybersecurity activities for the Agency’s information systems. Activities include design, implementation, maintenance, and continuous improvement to the security posture of all Agency information systems.

SUPERVISION RECEIVED/EXERCISED

Receives general supervision from the Director of Technology Services.

EXAMPLES OF ESSENTIAL FUNCTIONS (Illustrative Only)

Management reserves the rights to add, modify, change, or rescind the work assignments of different positions and to make reasonable accommodations so that qualified employees can perform the essential functions of the job.

The duties listed below are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to this class.

• Identify weaknesses or misconfigurations in current system designs; recommend and implement solutions.
• Acts as front-line incident responder; gathers and analyzes cybersecurity incident-related data and supports the appropriate response.
• Assist in performing technical project support duties on assigned systems projects in coordination with System Analysts; may be assigned full responsibility for specific systems implementations relevant to security.
• Actively monitor threat lists; this includes federal, local, third party, and internal security reports/lists in order to assist staff in proactively applying security patches.
• Regularly identifies updates to and reviews security policies, standards, guidelines, and procedures to ensure ongoing maintenance of security. This includes careful consideration of business, best practices, and security requirements.
• Actively supports and schedules after hours patching and remediation activities.
• Supports disaster recovery and business continuity activities. This includes supporting initiatives that reduce system downtime, identify, and resolve misconfigurations, or restore a system. In addition, will initiate and monitor vendor performance and activities during critical software or hardware incidents.
• Perform analysis and provide recommendation for procurement of secure software and hardware solutions. This includes gather pricing information, reviewing vendor privacy, data ownership, vulnerability response, and software lifecycle policies. This also includes reviewing vendor codes and gathering vendor quotes to assist in budget preparation.
• Provide metrics and reporting on system security health. This includes active updates on weekly, monthly, quarterly, and annual cybersecurity tasks.
• Coordinates quarterly disaster and recovery analysis, planning, testing and system administration of systems.
• Provides security impact analysis on activities that impact the security of an Agency system or process. These activities may involve selection, implementation, reconfiguration, or upgrade activities of systems or processes.
• Provides after hours availability to support a continuous operation, as required by Agency systems. This may include working an alternative work schedule to support after hours security activities.
• Provide continuous research in support of identifying best practices across cybersecurity, information systems, and water utilities to provide updates and integrate new methods and tools as appropriate.
• Implements internal control, network security methodologies and other security systems for data, systems, and hardware protection and recovery procedures; ensures timely and accurate back-up of data; maintains appropriate confidentiality of sensitive information.
• Performs a variety of specialized, highly technical, and complex security-oriented activities related to database system or network system duties in support of specialized functions or programs.
• Provides operational support to the Agency's network and systems infrastructure. This includes but is not limited to programming, building, analyzing, diagnosing, maintaining, securing, and operating various network devices and systems.
• Maintain effective relationships with third party providers and support personnel.
• Operate a computer and assigned software.
• Perform other related duties as assigned.

PHYSICAL, MENTAL AND ENVIRONMENTAL WORKING CONDITIONS

Employees must meet the following requirements, which are necessary to successfully perform the essential functions of this class: sit at a desk on a continuous basis for long periods of time; intermittently twist, reach, bend, and stoop; lift or carry weight up to 25 pounds, and have hearing and vision within normal ranges. Work in and around other equipment and primarily in an office environment.

OTHER REQUIREMENTS

Some of these requirements may be accommodated for otherwise qualified individuals requiring and requesting such accommodations. For more information, see SCV Water Employee Manual Policy No. 4 – Americans with Disabilities, or the following link: SCV Water Employee Manual.

According to California state law, all Agency employees are disaster service workers and are expected to participate in emergency response initiatives. This could include contributing to the emergency planning process, participating in disaster exercises and training, as well as potentially responding to support actual emergency events. For more information, please see Section 6.10 of SCV Water Employee Manual Policy No. 6 – Recruitment and Hiring, or by clicking this link: SCV Water Employee Manual.

QUALIFICATIONS (The following are minimal qualifications necessary for entry into the classification.)

Education and / or Experience:

A bachelor's degree from an accredited college or university in computer science, information systems, engineering, or a related field is preferred (a degree with a focus on information security is a plus) and three years of professional level information technology technical and operational support experience with an emphasis in cybersecurity is desirable with prior experience or education in information security, disaster recovery, and incident response.

Licenses and Certifications:

One or more of the following certifications is desirable

• Certified Penetration Tester (CPT) and Certified Ethical Hacker (CEH)
• Certified Expert Penetration Tester (CEPT)
• Cisco CCNP (Cisco Certified Network Professional) Security
• Microsoft MSCE (Microsoft System Certified Engineer) Server Infrastructure
• CompTIA Security+ (PLUS)
• Certified Information Systems Security Professional (CISSP)
• GIAC Industrial Cyber Security Professional (GICSP)
• GIAC Critical Infrastructure Protection (GCIP)
• GIAC Response and Industrial Defense (GRID)

Software and Hardware Experience:

Experience with the following technologies is preferred:

• Microsoft Windows Server and Workstation OS
• Microsoft Active Directory
• Microsoft Azure and Office 365
• Data Encryption standards and procedures
• Network Vulnerability Scanning & Remediation
• DNS Filtering and Security
• Intrusion Detection and Prevention Systems (IDS/IPS)
• Security Information and Event Management (SIEM)
• Packet Capture and tracing (Wireshark)
• Firewall routing, rules, and content filtering
• Email Security and Spam filtering
• Experience / knowledge of NIST Cybersecurity Framework
• Server and Workstation Patch management

KNOWLEDGE / SKILLS / ABILITIES (The following are a representative sample of the KSAs necessary to perform essential duties of the position.)

Knowledge / Skills of:

• Perform a variety of professional level duties related to technical and operational support. This includes providing internal customer service for Agency departments.
• Perform a variety of professional cybersecurity level duties related to the design, maintenance, remediation, and recovery of systems and processes. This includes supporting the continuous scanning, remediation, and testing of devices.
• Work efficiently and effectively with various software, hardware, operating systems, databases, network systems, business functional systems, cloud platforms, and telecommunications systems. This includes the installation, upgrade, maintenance and troubleshooting of these systems.
• Incumbent can write clearly and effectively to support the update and development of policies and procedures.
• Monitor computer information system utilization and recommend appropriate revisions to processes.
• Develop and test programs; prepare test data, and test and debug application programs.
• Establish and maintain effective working relationships with those contacted in the course of work. This includes the ability to exhibit a positive customer service attitude at all times.
• Communicate clearly and concisely, both orally and in writing. This includes a strong understanding or proper business communications.
• Serve in a lead role as a proponent of cybersecurity awareness and training for end users. This includes actively supporting the safeguarding of confidential and private information in the course of business. This includes understanding the proper and improper ways to distribute information in the course of business.
• Play a significant role in incident response, business continuity, and disaster recovery processes.
• Exhibit appropriate business professionalism.
• Know and understand all aspects of the assigned job.
• Intermittently analyze work papers, reports and special projects.
• Identify and interpret technical and numerical information.
• Observe and follow operational and technical policy and procedures.
• Operate a computer and assigned software.

Ability to:

• Prepare reports and present data in an understandable and professional format.
• Work independently and as part of a team.
• Voice opinions and concerns in a professional manner.
• Make sound and well thought out decisions.
• Follow written and verbal directions.
• Communicate clearly, concisely, and professionally both verbally and in writing.
• Establish and maintain positive and effective working relationships.
• Actively engage in employee development and training.
• Observe safe work practices, principles, and procedures.