Salary : $130,267.28 - $158,717.26 Annually
Location : Chino CA 91708, CA
Job Type: Full-Time Regular
Job Number: 048 23 24 20001806
DivisionDepartment: Information Technology Department
Opening Date: 01/29/2024
Closing Date: Continuous
THE POSITION:
THE OPPORTUNITY
Join our mission to safeguard the future! We're searching for passionate Information Security and Cybersecurity professionals ready to tackle exciting challenges and make a significant impact. If you are driven by the desire to protect modern business and critical SCADA/ICS infrastructure, serve the public, and protect the environment, you're the right person for our team. This is an exciting opportunity if you enjoy teaching others, designing and implementing creative solutions, and collaborating with a great team of IT professionals and other Agency staff. The ideal candidate will have an advanced knowledge of cybersecurity best practices and a proven track record of developing and promoting cybersecurity in the public sector while communicating with senior leadership and the board of directors. Join us in our commitment to a culture of teamwork, innovation, and service. Your journey to making a difference starts here!
This Position is perfect for you if:

• You are a great mentor who enjoys teaching and coaching others for success.
• You enjoy interacting with various stakeholders and teammates to complete projects.
• You have strong analytical skills for conducting audits and assessing risks.
• You are a lifelong learner who stays up to date with new developments in IT and cybersecurity.
• You have experience in designing and securing system architectures to ensure that data and technology infrastructures are protected.
• You are an adaptable and creative thinker.
• You want to contribute to the community's well-being and growth!

Here at the Inland Empire Utilities Agency, we are a leader in water management and environmental stewardship. We strive to produce high-quality renewable products such as recycled water and top-quality compost to enhance and preserve the quality of life throughout our region. Our values go beyond just protecting the resources and the communities we serve. We are committed to applying ethical, transparent, and environmentally sustainable principles to all aspects of business and organizational conduct. We recognize that our commitment to the community starts with our employees. In order to ensure that our staff are able to continue to perform at a high level and provide unparalleled services throughout our service area, we strive to provide a healthy work-life balance.
Here are a few ways the Inland Empire Utilities Agency is committed to helping you feel your best, work your best, and live your best while working with us:

• A 4-day work week with remote hybrid work schedules for some positions
• A pension through California Public Employees' Retirement System (CalPERS)
• Generous employer monthly health benefit allowances to go towards the cost of medical, dental, and vision insurance
• Competitive vacation, floating holiday, sick time in addition to 9 agency paid holidays
• Education Reimbursement up to $5,250 per fiscal year
• Professional Development Stipend of $1,000 per fiscal year
• Basic life insurance coverage provided
• Wellness Stipend of $500 per fiscal year
• 457b Deferred Compensation Contribution
• Interest free loan for a computer purchase up to $3,000

This position is open until filled. The deadline for the first review of applications is 11:59 PM on Tuesday, February 20, 2024. Applicants that submit applications after the first review deadline are not guaranteed to be considered for this recruitment. This recruitment may close at any time without notice after the first review deadline.
There is one (1) vacancy in the Information Technology Department.
This recruitment is being conducted to fill one (1) vacancy and will establish an eligibility list which may be used to fill future vacancies as they occur during the active status of the eligibility list.
Salary Range: UN 186
FLSA: Exempt
Probationary Period: At-Will
Under direction, plans, organizes, manages, and participates in the development, implementation, and monitoring of the Agency's information security programs, information technology risk management programs, and information security policies; supervises and reviews the work of professionals and serves as a subject matter expert in information security and technology programs. Monitors agency infrastructure, devices, and information systems for security integrity; provides planning and guidance to information technology staff on vulnerability management and security incident response procedures. Provides technical and awareness training for in areas of assignment to Agency staff; and performs related duties as assigned.
DISTINGUISHING CHARACTERISTICS:
The Information Security Officer is responsible for development and administration of the Agency information security programs and initiatives. Incumbents provide professional advice and counsel to Agency managers, supervisors, and employees; perform diverse and complex work with significant accountability for outcomes. Within broad guidelines, serves as a decision support resource for analysis at organizational and operational levels. Work is performed with significant independent discretion and access to highly sensitive data and systems. The incumbent is expected to work with department directors, unit managers, and staff to recommend and provide secure, cost-effective, and high-priority solutions, policies and standards to protect and secure the Agency's digital information and technology infrastructure. Work is broad in scope and requires seasoned judgment and a high degree of initiative and independence.

Employees in this class typically report to the Director of Information technology and manage the work of professional and support staff in the Information Technology Department.

The Information Security Officer is distinguished from the Manager of Information Technology in that an incumbent in the latter class has management responsibilities for the full Information Services Unit or Operational Technology Unit within the Information Technology Department.
EXAMPLES OF ESSENTIAL FUNCTIONS:
The duties listed below are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to this class.
Plans, organizes, controls, integrates, and evaluates the work of the assigned programs and staff; with staff, develops, implements, and monitors work plans to achieve goals and objectives; contributes to the development of and monitors performance against the annual department budget; supervises and participates in developing, implementing, and evaluating plans, work processes, systems, and procedures to achieve annual goals, objectives, and work standards; ensures the preparation and maintenance of a variety of records and reports.
Manages the performance of assigned staff; interviews and selects new staff; establishes performance requirements and personal development targets; regularly monitors performance and provides coaching for performance improvement and development; recommends compensation and provides other rewards to recognize performance; hears and makes recommendations on grievances; subject to management concurrence, approves or takes disciplinary action, up to and including termination, to address performance deficiencies, in accordance with Agency policies and labor agreements.
Participates in the formulation and implementation of departmental policy, planning, and strategy development; leads and directs staff and outside consulting resources in the development and application of new methods and processes to achieve higher efficiency, quality, and innovation in departmental work processes.
Provides day-to-day leadership and works with staff to ensure a high-performance, customer service-oriented work environment that supports achieving the Department's and Agency's mission, objectives, and values regarding teamwork, mutual trust, and respect; applies best practices and quality assurance processes to assigned areas of responsibility; enforces the maintenance of safe working conditions and ensures safe work practices are followed by assigned staff.
Plans, organizes, and participates in developing, implementing, and monitoring the Agency's information security program and initiatives. Oversees ongoing application of information security policies and procedures
Manages the budget for assigned functional area including assisting in the development and monitoring of budget documents, performing or reviewing research, complex analyses and projections and analyzing trends and expenditures; tracks expenditures against the budget and compiles and analyzes budget variance reports; oversees the processing of purchase requisitions, check requests and the preparation of invoices and billing; manages and maintains inventory.
Provides input into department key performance indicators (KPIs); oversees or develops programs and systems to track and report KPIs; tracks and reports changes, variances and projections versus actuals; reviews and analyzes maintenance data and performance reports to ensure department goals, objectives and standards are being met.
Collaborates with Agency staff to align business goals with risk management strategy.
Designs and secures system architectures to ensure protection of Agency data and technology infrastructure. Provides specifications for secure configurations of infrastructure and information systems.
Provides technical guidance on information security related tasks for Information Technology staff and ensures that sufficient training is delivered for security tasks. Prepares and delivers ongoing security awareness training to staff Agency-wide.
Monitors the Agency networks and systems for vulnerabilities, attacks, and breaches. Assesses current vulnerability. Responds to security incidents; leads incident response and recovery activities to protect systems from additional damage or recover impacted systems.
Conducts audits and prepares reports assessing risk and regulatory requirements for critical technologies. Recommends enhancements to maintain regulatory compliance and reduce risks.
Develops procedures for response and recovery activities as part of Business Continuity and Disaster Recovery planning.
Serves as a department or Agency representative to the Agency Board, Agency departments, member agencies, business and community organizations, and federal, state and local governmental bodies; communicates policies or procedures and resolves issues involving security guidance on technology deployment and ensuring deployments remain compliant with Agency policy; stays abreast of new trends and innovations in the information security communities and in the wastewater, water and recycled water industry that impact the Agency's human capital management.
Participates in the selection of, and coordinates the activities of, information security service providers, contractors, and consultants.
QUALIFICATION GUIDELINES:
EDUCATION, TRAINING AND EXPERIENCE:
Graduation from an accredited four-year college or university with a major in management information systems, computer science, or cybersecurity and at least seven years of progressively responsible experience in the cybersecurity and network infrastructure design and support.
LICENSES; CERTIFICATES; SPECIAL REQUIREMENTS:
A valid California Class C driver's license and the ability to maintain insurability under the Agency's vehicle insurance program.
Certification from the International Information System Security Certification Consortium, Inc. ((ISC)2) in one of the following is preferred:
Certified Information Systems Security Professional (CISSP)
Systems Security Certified Practitioner (SSCP)
Certified Cloud Security Professional (CCSP)
Certification from the following institutions and organizations are desirable:
Global Information Assurance Certification (GIAC):
Defensible Security Architecture (GDSA)
Certified Detection Analyst (GCDA)
Critical Controls Certification (GCCC)
Global Industrial Cyber Security Professional (GICSP)
GIAC Response and Industrial Response (GRID)
Critical Infrastructure Protection (GCIP)
Forensic Analyst (GCFA)
Network Forensic Analyst (GNFA)
Cyber Threat Intelligence (GCTI)
Information Systems Audit and Control Association (ISACA):
Certified Information Systems Auditor (CISA)
Cisco:
Certified Network Professional (CCNP) Routing & Switching or Security
Certified Internetwork Expert (CCIE) Security
Fortinet:
Network Security Expert (NSE) 4 is desirable.
KNOWLEDGE OF:
Theory, principals, policies, practices and techniques of network architectures, design, and integration, including topologies and protocols.
Principals, methods, and practices of systems/network administration and maintenance.
Principles, practices and techniques for installation, configuration and operation of network systems, hardware and devices.
Methods and techniques for performing connectivity testing and troubleshooting, including uses of diagnostic tools and equipment.
Internet/intranet technologies and design concepts and techniques, including router and firewall configuration.
Systems analysis, design principles and development methodologies and tools.
Network security design principles and practices and related tools and software.
Project management principles, practices, methods and tools.
Agency policies, procedures and practices regarding data security.
Safety policies, practices, equipment, and supplies applicable to the work.
Principles and practices of sound business communications.
Principles and practices of effective management and supervision with an organization-wide perspective.
Principles and practices of organizational and culture change.
Principles and practices of public administration including planning, budgeting, purchasing, and public records.
Agency policies and labor contract provisions.
ABILITY TO:
Lead people in a manner that promotes accountability, employee engagement, staff development, respect, and collaboration.
Manage the performance of staff by coaching for performance.
Effectively and professionally work with a diverse group of staff and community members.
Plan, manage, assign, delegate, control, review, and evaluate the work of staff engaged in the delivery of information security programs.
Proactively design, plan, and implement comprehensive and effective information security programs.

Perform complex network administration functions in a multi-platform, multi-segment network environment accurately and efficiently.
Consult effectively with internal and external stakeholders to develop solutions to complex issues.
Work independently and follow through on responsibilities with minimal direction.
Organize, set priorities, and exercise expert independent judgment within areas of responsibility.
Adjust priorities as circumstances dictate.
Troubleshoot and resolve complex hardware, software and connectivity problems.
Ensure systems and network security through the use of advanced security software and protocols.
Communicate clearly and effectively, both orally and in writing.
Prepare clear, concise and accurate reports, documentation and other written materials.
Develop and present presentations, proposals, and recommendations clearly, logically, and persuasively.
Exercise sound independent judgment within policy guidelines.
Keep technical skills current to meet continuing network administration responsibilities.

Establish and maintain effective working relationships with all those encountered in the course of work.
Be present onsite at Agency locations during the normal business hours.
Be physically present at non-Agency locations including, but not limited to, member agencies, conferences, and other work-related events that occur offsite.
SELECTION PROCESS:
All employment applications will be reviewed for accuracy, completion, relevant experience, education, training and other job-related qualifications. Applicants with the strongest background relating to the responsibilities of this position will be invited to participate in the testing process which may include one or more of the following: written test, oral interview, performance/practical examination. The successful candidate will be required to pass a background/reference check and pre-employment physical examination including a drug screen (for safety sensitive position) at no cost to the candidate. Please visit our website at www.ieua.org and select the Human Resources Department for additional information regarding the Agency, the hiring process and benefit information.
Any applicant requiring reasonable accommodation during the selection process due to a qualified disability must inform the Human Resources Office at ( 909 ) 993-1640 or hrdept@ieua.org at least 72 hours in advance of the need for accommodation.
THE PROVISIONS OF THIS ANNOUNCEMENT DO NOT CONSTITUTE A CONTRACT, EXPRESSED OR IMPLIED, AND ANY PROVISION CONTAINED IN THIS BULLETIN MAY BE MODIFIED OR REVOKED WITHOUT NOTICE.
"The Agency's success is obtained by creating a positive and diverse work environment which recognizes individual differences and experiences".
The Agency offers a comprehensive benefit package for eligible employees and their eligible dependents. These include health, dental, vision, and life insurance, as well as a variety of voluntary benefits. Programs and benefit amounts vary and are based on bargaining unit and employment type.

This benefits overview is a summary and is not to be considered all-inclusive or applicable to all employees.

THE PROVISIONS OF THIS ANNOUNCEMENT DO NOT CONSTITUTE A CONTRACT, EXPRESSED OR IMPLIED, AND ANY PROVISION CONTAINED IN THIS BULLETIN MAY BE MODIFIED OR REVOKED WITHOUT NOTICE.

Retirement
California Public Employees' Retirement System (CalPERS) :
An employee who becomes a "new" member of CalPERS for the first time on or after January 1, 2013 (and who was not a member of another California public retirement system prior to that date) will be enrolled in the CalPERS 2.0% @ 62 benefit formula with a three-year final compensation in accordance with Public Employees' Pension Reform Act of 2013 (PEPRA). New members (PEPRA) will be required to pay half of the normal cost (Govt. Code Section. 7522.30(c)) currently 6.75% of eligible earnings toward the employee contribution.

An employee who is a "classic" member of CalPERS, or a current member of another California public retirement system, who is hired on or after January 1, 2012, will be enrolled in the CalPERS 2.0% @ 55 benefit formula with a three-year final compensation. Classic members shall contribute 7% of eligible earnings toward the employee contribution.

Social Security/Medicare:
Along with CalPERS retirement, the Agency also participates in Social Security and Medicare. The Agency pays 7.65% on your behalf (6.2% Social Security 1.45% Medicare), and the employee pays 7.65% via payroll taxes.

Medical
The Agency shall make a maximum monthly contribution towards the cost of his/her health insurance as follows:

Agency Medical Contribution
Health insurance is offered through CalPERS, and enrollment is optional with evidence of health coverage from another source. Eligible employees who waive their medical benefit receive a cash incentive payment. Coverage is effective the first day of the month following enrollment.

Dental and Vision Insurance
The Agency offers two dental plans - Delta Dental (PPO) and Western Dental (DPO). Enrollment in one of the plans is mandatory. Coverage is effective the first day of the month following enrollment.

Vision insurance is offered through EyeMed Vision Plan and enrollment is voluntary. Coverage is effective the first day of the month following enrollment.

Flexible Spending Account (FSA) Plan
Upon completion of six months of employment, employees may participate in the Agency's Section 125 Cafeteria Program. Participants in this program may take advantage of tax savings offered through a medical care flexible spending account, a dependent care flexible spending account, or purchase supplemental benefits including critical illness and accident insurance with pre-tax dollars. In addition, employees can purchase supplemental life insurance with post-tax dollars.

Term Life and Accidental Death & Dismemberment (AD&D) Insurance
Life and AD&D insurance is offered through Cigna Life Insurance. Executive Management employees are provided with 1 time their annual earnings up to $300,000. Unrepresented Management employees are provided with an Agency paid $90,000 Life and AD&D policy. Unrepresented non-management, and members of the Supervisors', Laboratory, Professional, General, or Operators' Unit are provided an Agency paid $50,000 Life and AD&D policy. Enrollment into a basic $10,000 Life and AD&D policy is required and paid by the employee. Employees may purchase dependent life, for their spouse and/or eligible child(ren), or additional Life and AD&D coverage for themselves up to $500,000. Coverage is effective the first day of the month following date of hire.

Disability Insurance
Employees are insured by an Agency-paid long-term disability insurance, which will provide income for an employee who is totally disabled from illness, injury, or accident. The basic benefit provides for 60% of the first $10,000 of monthly salary, reduced by deductible income, after a 365-day waiting period. Coverage is effective the first day of the month following the date of hire.

Short-term disability insurance is available through State Disability Insurance (SDI). Employees covered by SDI are covered by two programs: Disability Insurance and Paid Family Leave. Per applicable MOU and/or Personnel Manual, cash-out option available.

Employee Assistance Program
Agency employees are provided access to an Employee Assistance Program (EAP) which provides 24/7 assistance needed to help resolve life's challenges.
401(a) & 457(b) Deferred Compensation
Participation in a 457 deferred compensation plan is available through Empower Retirement. The Agency will contribute $25.00 per pay period to a single 457(b) account for each employee who has made an elective deferral of twenty-five ($25) or more to the plan. Also, participation in a 401(a) Defined Contribution Plan is available within 60 days of hire.

Flexible Work Arrangements
Whenever possible, the Agency strives to be flexible to help employees achieve a balance between work and home responsibilities. Most employees participate in a 4/10 work week.
PAID TIME OFF
Holidays
The Agency offers nine (9) paid holidays. Additional paid floating holidays are available every fiscal year as follows:Executive Management:6 Floating Holidays per FY & 6 Executive Leave days
Unrepresented Management:10 Floating Holidays per FY
Unrepresented Non-Management:6 Floating Holidays per FY
Supervisors' Unit:8 Floating Holidays per FY
Laboratory Unit:5 Floating Holidays per FY
Professional Unit6 Floating Holidays per FY
Operators' Association:6 Floating Holidays per FY
General Unit:60 hours Floating Holidays per FY
Vacation Leave
Employees accrue 80 hours of vacation leave per year depending on length of employment, progressing to 200 hours per year. Executive Management employees accrue 120 hours of vacation leave per year depending on length of service, progressing to 240 hours per year. Per applicable MOU and/or Personnel Manual, cash-out option available.
Sick Leave
Employees accrue 96 hours of sick leave annually.

Vehicle Allowance
Executive Management and Unrepresented Management employees may receive a monthly vehicle allowance
Safety Equipment Stipend
Members of the Laboratory Unit shall be provided with safety glasses. Payment shall be on a reimbursement basis, not to exceed $250 per fiscal year. Additionally, Laboratory members will receive $300 safety equipment stipend.
Professional Development Stipend
Employees not on original probation shall be entitled to a professional development stipend of one thousand dollars ($1000) per calendar year. The professional development stipend shall be paid every twenty-fifth (25th) pay period. Refer to specific MOU or Personnel Manual for details and payment information.
Educational Reimbursement Program
The Agency may reimburse eligible employees for the cost of educational courses up to $5,250 per fiscal year for the cost of educational expenses that are related to the employee's work. Limited Term employees are not eligible for this benefit.
Wellness Stipend
Employees not on original probation shall be entitled to a wellness stipend of five hundred dollars ($500) per calendar year. The wellness stipend shall be paid every twenty-fifth (25th) pay period.
Computer Loan Program
Eligible employees may receive an interest-free loan up to $3,000 to purchase a personal computerLimited Term employees are not eligible for this benefit.

This benefits overview is a summary and is not to be considered all-inclusive or applicable to all employees.
01

I understand that I must thoroughly complete the Education (including high school information regardless of any additional higher education), Employment History (including contact information and reason for leaving), Certificates & Licenses, and Supplemental Questions sections of my application, as applicable. This includes a detailed description of all work experience for at least the last ten years, if applicable. I also understand that I may not submit resumes in lieu of filling out the application or answering the Supplemental Questions.

• Yes
• No

02

I have read the above statement and understand that failure to provide sufficient information may result in my application being rejected.

• Yes
• No

03

Do you possess a valid California Driver's License?

• Yes
• No

04

Check the type of driver's license you possess. Note: For out-of-state applicants, a valid driver's license is required and a valid California Class "C" driver's license must be obtained within ten (10) days of appointment (CA Vehicle Code 12505c).

• Class C
• Class B
• Class A
• Out of State
• I have no driver's license, California or otherwise

05

Have you graduated from an accredited four-year college or university with a major in management information systems, computer science, or cybersecurity?

• Yes
• No

06

Which option below best describes your highest level of education? (NOTE: You will be required to verify your education level if you continue in the selection process.)

• Some high school
• High school or G.E.D.
• Some college
• Associate degree
• Bachelor's degree
• Master's degree
• Doctorate degree
• None

07

If you answered Bachelor's degree or higher for your education please enter your major here: (If you do not have an Bachelor's degree or higher, state "not applicable.")
08

Do you have at least seven years of progressively responsible experience in cybersecurity and network infrastructure design and support?

• Yes
• No

09

Please describe your experience in cybersecurity and network infrastructure design and support. Include the employer's name, your position title, and the time period of the experience. An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience".
10

How many years of experience do you have with firewall and intrusion detection system support and configuration

• No experience
• Less than 1 year
• More than 1 year but less than 2
• More than 2 years but less than 4
• More than 4 years but less than 6
• More than 6 years but less than 8
• Over 8 years of experience

11

Describe your experience with firewall and intrusion detection system support and configuration. An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience".
12

How many years of experience do you have identifying and responding to cybersecurity incidents?

• No Experience
• Less than 1 year
• More than 1 year but less than 2
• More than 2 years but less than 4
• More than 4 years but less than 6
• More than 6 years but less than 8
• Over 8 years of experience

13

Describe your experience with handling cyber security related incidents. What was detected? What are the steps you took to remediate the threat? An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
14

How many years of lead or supervisory experience do you possess within an IT department?

• No experience
• Less than 1 year
• More than 1 year but less than 2
• More than 2 years but less than 4
• More than 4 years but less than 6
• More than 6 years but less than 8
• Over 8 years of experience

15

Describe your lead or supervisory experience within an IT department. An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
16

Which server back-up/recovery solution(s) do you have experience with? An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
17

Describe your experience or knowledge of Industrial Control Systems (ICS) cyber security and technologies used to secure ICS networks. An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
18

Which cyber security related tools or utilities do you have experience with? An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
19

Which online sites, feeds, or subscriptions do you use to stay current with technology and cyber security trends? An incomplete answer, including "please see resume" or similar language may remove you from further consideration. If you do not have experience, state "no experience."
20

Do you possess a Certification from the International Information System Security Certification Consortium, Inc. ((ISC)2)?

• Yes
• No

21

If you answered "Yes" to the above question, please list the name of your certification(s) here.
22

Do you possess a certification from the following institutions/organizations: Global Information Assurance Certification (GIAC), Information Systems Audit and Control Association (ISACA), CISCO, or Fortinet?

• Yes
• No

23

If you answered "Yes" to the above question, please list the name of the certification(s) and the granting authority here.
24

The position requires the ability to respond to emergency situations and call outs as necessary 24 hours a day, 7 days a week. Are you able and willing to abide by these requirements?

• Yes
• No

25

The position requires the ability to work varying shifts, nights, weekends, holidays, overtime, respond to call backs, and work standby duty. Are you able and willing to abide by the requirements?

• Yes
• No

26

Individuals selected for the position are 'at will' and may be terminated at any time with or without cause. Are you able and willing to abide by these requirements?

• Yes
• No

27

I understand that communications to me regarding this recruitment will be communicated by email, and that I will need to monitor my inbox/spam/junk email folder regularly to ensure that I do not miss any relevant communication.

• Yes
• No

28

I hereby understand and declare that the statements on this supplemental questionnaire are true and complete to the best of my knowledge. As applicable, I hereby authorize the Agency and/or designees to contact the references listed to verify the information I have supplied. I hereby release from liability all persons and organizations furnishing such information. I understand that the Agency reserves the right to validate information received on the supplemental questionnaire and that I will be subject to disqualification and/or termination if any statement in this supplemental questionnaire is found to be untrue or determined to be misleading.

• Yes
• No

Required Question