Technology Engineer – Senior (1043) - Security Specialty - Citywide (C00096)

City and County of San Francisco•San Francisco, CA

14h•$159,120 - $200,226•Onsite

About The Position

Under general direction, analyzes, plans, designs, implements, maintains, troubleshoots and enhances technology. Serves as the senior technical contributor for systems or platforms. The 1043 Senior Technology Engineer is the advanced journey level in the Engineer series. The class is distinguished from the journey level 1042 Technology Engineer by the complexity and size of the systems or network supported. It is also distinguished from the Journey level by the amount of discretion exercised over technical issues, problems and resolutions, and that it possesses a significant level of specialized technical and functional expertise beyond that expected at the Journey level. Tis level is distinguished from the Principal level 1044 Technology Engineer – Principal in that Senior level exercises no or limited supervisory responsibilities or the lower technical leadership displayed. Positions at this level require highly specialized performance of their duties. The Senior level formulates recommendations consistent with directives, policies, standards and regulations. Work is judged primarily on overall results with great latitude in determining work methods and assignment requirements. The Senior has greater authority over assignments and decisions required to complete the work than lower level classifications. This classification performs a wide range of complex analytical, design, planning, implementation, enhancement and problem resolution tasks on systems and platforms. It works within a framework of established procedures and interprets policies, procedures and guidelines. This level may formulate recommendations consistent with directives, policies, standards and regulations. Incumbents require only occasional instruction or assistance. Work is reviewed upon completion and for overall results. The Technology Engineer series is distinguished from the Technology Analyst/Designer series as the Technology Engineers build, implement, and maintain core technology infrastructure, whereas the Technology Analyst/Designers analyze business needs, designs systems and services, and oversee implementation and ongoing improvement. May provide direction to subordinate Engineer staff and other technical staff. May provide consultation and guidance to all other Technology job families. Such responsibilities are ancillary to the main intent and focus of the position.

Requirements

An associate degree in computer science, computer engineering, information systems, or a closely-related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field].
One (1) year of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of a system or platform.

Nice To Haves

Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree.
One year of additional experience as described above may be substituted for the required degree.

Responsibilities

Architects, designs, implements, maintains and operates information system security and privacy controls and countermeasures.
Analyzes and recommends security and privacy controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
Analyzes and recommends security and privacy controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
Monitors information systems for security incidents, vulnerabilities and privacy risks; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities and trends.
Responds to information system security and privacy incidents, including investigation of, countermeasures to and recovery from computer-based attacks, unauthorized access and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
Administers authentication and access controls, including provisioning, changes and deprovisioning of user and system accounts, security/access roles and access permissions to information assets.
Analyzes trends, news and changes in threat, compliance, and privacy regulatory environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
Analyzes and develops information security and privacy governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security, privacy, and use and operation of information systems.
Develops and administers, or provides advice, evaluation and oversight for, information security and privacy training and awareness programs.