Cyber Defense Operations Engineer - Department of Technology (1041)

Company: San Francisco Public Utilities Commission
Location: San Francisco
Posted on: March 19, 2023

Job Description:

Company Description Why Work for the Department of Technology (DT)?DT is the centralized technology services provider in theCity and County of San Francisco (CCSF). We deliver technology infrastructure and services to approximately 33,000 employees! With an annual operating budget of over $140M and approximately 260 employees,DT provides a host of services that range from Public Safety radio and wiring and Network services to Enterprise Support and the Cloud. Benefits of Working for CCSF:In addition to challenging and rewarding work, the City provides a generous suite of benefits to its employees.

• Job security, pension, and robust retirement options
• Competitive paywith consistent bi-yearly or yearly increases
• Hybrid Workwith a minimum of 20% of time spent in our office in San Francisco, California for all IT related roles
• Generous paid time off,family leave, and more!
• Diversework environment in a diverse city
• Union protectionsand representation
• Career development and growth- move between departments, learn on the job, or take subsidized/reimbursed classes! PEOPLE-CENTERED SOLUTIONS-have a powerful, meaningful effect on the community each day with people at the heart of every solution! CLOSING THE DIGITAL DIVIDE- bring the benefits of the internet to low-income and marginalized residents! SHINE A LIGHT ON WHAT MATTERS- join an award-winning production team at SFGovTV to help residents watch legislators or learn more about what makes this City great! DRIVE INNOVATION- deliver new, cutting-edge technology to residents and city partners to help San Francisco serve its residents! Job Description The Office of Cyber Security is the central cyber security governing body within San Francisco City & County government, delivering cyber security related technology, services, and policies. We protect and guide approximately 50 city departments, such as City Controller, Fire and Police Departments, and Board of Supervisors to name a few. Core Services include: Endpoint Protection and Management, Cyber Incident Response and Threat Intelligence, Data Logging and Security, Identity and Access Management, Disaster Recovery and Planning, Vendor Security Assessments, Cyber Security Architecture and Review, Cyber Security Training, and Email Security. We currently operate under the Department of Technology of San Francisco. The department has an annual operating budget of over $140M and contains over 260 employees. The incumbent will be part of the Cyber Defense Operations Team of the Office of Cyber Security, working as a critical member of the Incident Response and Threat Intelligence teams. They will be work closely with members of the Network Operations Center (NOC) and Help Desk staff of the Department of Technology, as well as the other Cyber Security teams in the City and County's different departments in their day-to-day efforts. Additionally, they will work with ad hoc teams to resolve incidents and determine root cause for security events. Position: We seek a self-starter who works effectively with minimal supervision in a highly dynamic environment. The incumbent will proactively monitor Cyber Defense Operations infrastructure and data environments for security incidents and for regular maintenance and participate in security incident investigation and resolution for security service and technologies. A successful candidate for this position will be a highly motivated individual, with a strong IT security background who excels at operating security technology. Essential Duties:
  • Resolve security incidents and participate in providing containment recommendation.
  • Coordinate escalations to internal support teams to ensure timely delivery of incident resolutions.
  • Perform network/system/application/log intrusion detection analysis and trending.
  • Ensure that Service Level Agreements are met.
  • Maintain standard operating procedures, processes, and guidelines.
  • Automate security analysis, administration and remediation procedures, workflows, and tasks.
  • Maintain awareness of trends in security regulatory, technology, and operational requirements.
  • Provide 24-hour on-call support to ensure rapid recovery from software or hardware problems for mission-critical systems and networks. Job Type: The Permanent Exempt - Full Time position is excluded by the Charter from the competitive civil service examination process and shall serve at the discretion of the appointment officer. The anticipated duration of this project position is thirty-six (36) months and will not result in an eligible list or permanent civil service hiring. Work Location: Incumbent will conduct the majority of work at the Department of Technology,(1 S Van Ness, Ave San Francisco, CA 94103). However, there may be situations where the incumbent will be required to work at other sites throughout the City of San Francisco as necessary. This position does not support fully remote work. Employees may be permitted to work a hybrid schedule with supervisor approval, after which they must work at least two days in the office every two weeks. Nature of Work: Incumbent must be willing to work (8am-5pm Monday - Friday, 40-hour week) as determined by the department. Travel within San Francisco may be required. Qualifications Education: An associate degree in computer science, or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in computer science or a closely-related field]. Substitution: Experience in analyzing, installing, configuring, enhancing and/or maintaining the components of an enterprise network may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in computer science or a closely related field. Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree. Desirable Qualifications:
    • Working/basic knowledge of TCP/IP, common networking ports and protocols, network traffic flow, countermeasure techniques, OSI model, defense-in-depth, Cyber Kill Chain, or similar attack model.
    • Able to perform critical thinking and analysis.
    • Experience in at least one of the areas below:
    • Network Administration
    • Unix/Linux Administration
    • Software engineering
    • Software development
    • Systems administration
    • Help desk/IT support
    • Basic Cloud Knowledge
    • Hands-on or professional work experience with cloud environments is a plus Special Requirements: Criminal Justice Information Services (CJIS) Security Clearance is required. (See Security Clearances and Background Investigations below). Note: Security Clearances & Background Investigations: Positions in this classification may require that successful candidates who become eligible for appointment may be required to go through a background investigation to determine the candidate's suitability for employment in this classification. Factors considered in the investigation may include employment history, use of illegal/controlled substances. Reasons for rejection based on this investigation may include, but not limited to applicable convictions, repeated or serious violations of the law, inability to accept supervision, inability to follow rules and regulations, falsification of application materials and/or other relevant factors. Failure to obtain and maintain security clearance may be basis for termination. Verification:Applicants may be required to submit verification of qualifying education and experience at any point in the application and/or departmental selection process. Written verification (proof) of qualifying experience must verify that the applicant meets the minimum qualifications stated on the announcement. Written verification must be submitted on employer's official letterhead, specifying name of employee, dates of employment, types of employment (part-time/full-time), job title(s), description of duties performed, and the verification must be signed by the employer. City employees will receive credit for the duties of the class to which they are appointed. Credit for experience obtained outside of the employee's class will be allowed only if recorded in accordance with the provisions of the Civil Service Commission Rules. Experience claimed in self-employment must be supported by documents verifying income, earnings, business license and experience comparable to the minimum qualifications of the position. Copies of income tax papers or other documents listing occupations and total earnings must be submitted. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found athttp://sfdhr.org/index.aspx?page=456. Note:Falsifying one's education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. Additional Information Compensation:$113,698 - $143,000 (annually) / $54.6625 - $68.7500 (hourly) How to Apply:
      • Applicants are encouraged to apply immediately as this recruitment may close at any time, but not before March 28, 2023at 11:59PM.
      • Your application MUST include a resume. To upload, please attach using the "additional attachments" function. You may contact Carol Wongvia email atcarol.x.wong@sfgov.orgwith questions regarding this opportunity. Late or incomplete submissions will not be considered. Mailed, hand delivered or faxed documents/applications will not be accepted.
        
        
        
        Right to Work: All persons entering the City and County of San Francisco workforce are required to provide verification of authorization to work in the United States. Helpful Information
        • Information About The Hiring Process
        • Conviction History
        • Employee Benefits Overview
        • Equal Employment Opportunity
        • Disaster Service Worker
        • ADA Accommodation
        • Veterans Preference
        • Right to Work
        • Copies of Application Documents
        • Diversity Statement All your information will be kept confidential according to EEO guidelines. CONDITION OF EMPLOYMENT: All City and County of San Francisco employees are required to be fully vaccinated against COVID-19 as a condition of employment. Someone is fully vaccinated when 14 days have passed since they received the final dose of a two-shot vaccine or a dose of a one-shot vaccine.Any new hire must present proof of full vaccination status to be appointed. Any new hire who will be routinely assigned or occasionally enter High-Risk Settings, must provide proof of having received a COVID-19 booster vaccine by March 1, 2022, or once eligible.
          The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.

Keywords: San Francisco Public Utilities Commission, San Francisco , Cyber Defense Operations Engineer - Department of Technology (1041), Other , San Francisco, California