Principal Information Systems Engineer - Security Specialty - City and County of San Francisco - Multiple Departments Citywide – 1044
Published: August 25, 2023
Contact:Lilimae Marie Santander - Lilimae.Santander@sfgov.org
Apply using SmartRecruiters, the City and County of San Francisco's application portal Learn More
San Francisco is a vibrant and dynamic city, on the forefront of economic growth & innovation, urban development, arts & entertainment, as well as social issues & change. This rich tapestry of culture and ideas is sustained by our City's commitment to heighten the quality of life for the diverse population of San Franciscans and residents of the greater Bay Area. Our employees play an important role not only in making our City what it is today, but also in shaping the future of San Francisco.
Application Opening: 5/25/2022
Application Deadline: Continuous
How to Apply:
Applications for Principal Information Systems Engineer - Security Specialty are only accepted through an online process. Visit https://careers.sf.gov/interest/tech/ to begin the application process. Select “Apply Now” at the top of the job ad and follow instructions on the screen.
Applicants may be contacted by email about this announcement and, therefore, it is their responsibility to ensure that their registered email address is accurate and kept up-to-date. Also, applicants must ensure that email from CCSF is not blocked on their computer by a spam filter. To prevent blocking, applicants should set up their email to accept CCSF mail from the following addresses (@sfgov.org, @sfdpw.org, @sfport.com, @flysfo.com, @sfwater.org, @sfdph.org, @asianart.org, @sfmta.com, @sfpl.org, @dcyf.org, @first5sf.org).
Applicants will receive a confirmation email that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received.
Under general supervision, assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, personal computers, mobile devices, LANS, WANs, servers, data storage and the physical and logical components that integrate these systems together as an enterprise networking backbone.
The 1044 Principal Security Engineer is the highest level in the Engineer series and may be assigned to function as a supervisor, expert or project leader. When assigned as a supervisor, develops, coordinates and executes policies, methods and procedures and supervises personnel. When assigned as an expert, performs work requiring a very high level of technical knowledge of a specific area or ability to integrate at a high level the knowledge of several areas (this is not considered to be a part of the normal career path for employees in this series; rather it is reserved for those employees with a mastery of specific technologies or a particular expertise). When assigned as a project leader, manages and provides technical leadership of projects involving large-scale, complex and highly analytical tasks. Positions at this level are distinguished from Senior IS Engineers, in that the latter performs more specific and small-scale, though complex, analytical tasks. Work is performed within a broad framework of general policy and requires creativity and resourcefulness to accomplish goals and objectives, and in applying concepts, plans and strategies which may deviate from traditional methods and practices. Serves as a lead technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and reducing risk of system and/or asset compromises.
1. Architects, designs, implements, maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation, use and expected outputs of these systems.
2. Analyzes and recommends security controls and procedures in acquisition, development and change management lifecycle of information systems, and provides oversight to ensure compliance.
3. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance.
4. Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities and trends to IT or executive management.
5. Oversees the response to information system security incidents, including investigation of, countermeasures to and recovery from computer-based attacks, unauthorized access and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement.
6. Oversees the administration of authentication and access controls, including provisioning, changes and deprovisioning of user and system accounts, security/access roles and access permissions to information assets.
7. Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; oversees risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
8. Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
9. Oversees the development and administration of information security training and awareness programs.
*This position may include additional duties as assigned.*
How to qualify
These minimum qualifications establish the education, training, experience, special skills and/or license(s) which are required for employment in the classification.
An associate degree in computer science or a closely-related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in computer science or a closely-related field].
Five (5) years of experience analyzing, installing, configuring, enhancing and/or maintaining the components of an enterprise network.
Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in computer science or a closely-related field.
Verification: Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process.
If education verification is required, you must provide a copy of your diploma showing major or transcripts showing coursework completed. Information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at http://sfdhr.org/how-verify-education-requirements.
If experience verification is required, you must submit a letter from your employer on the employer's business letterhead stating your name, job title(s), dates of service in complete form (mm/dd/yy), a detailed description of duties performed and the verification letter must be signed by the employer or appropriate designee, such as a Human Resources Representative. Performance evaluations showing duties performed and dates of employment may also be submitted as verification documentation. Resumes are NOT verification.
All work experience, education, training and other information substantiating how you meet the minimum qualifications must be included on your application by the filing deadline. Information submitted after the filing deadline will not be considered in determining whether you meet the minimum qualifications. Resumes will not be accepted in lieu of a completed City and County of San Francisco application. Applications completed improperly may be cause for ineligibility, disqualification or may lead to lower scores.
Note: Any applicant whose application is deemed not qualified may reapply after 1 month upon successfully meeting the minimum qualifications for the given specialty area.
Note: Falsifying one’s education, training or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco.
Additional Department Specific Requirements
Positions with the San Francisco Airport
Transportation Security Administration (TSA) Security Clearance: Candidates for employment with the San Francisco Airport Commission are required to provide a complete employment history for the past ten (10) years and an explanation of all gaps in employment during that period. The past ten (10) years of the candidate's employment will be verified. In addition, candidates will be required to undergo a criminal history check, including FBI fingerprints, in order to determine eligibility for security clearance and may be required to undergo drug/alcohol screening. Per Civil Service Commission Rule Section 110.9.1, every applicant for an examination must possess and maintain the qualifications required by law and by the examination announcement for the examination. Failure to obtain and maintain security clearance may be basis for termination from employment with the Airport Commission.
Customs Clearance: This position with the San Francisco Airport Commission requires that the incumbent be qualified for unescorted access to the San Francisco International Airport U.S. Customs Security Area. An application for a U.S. Custom Access Seal may be submitted to Customs ONLY after employment has commenced. Employment in this position requires that the incumbent submit an application for, successfully acquire and maintain a Customs Access Seal. Per Civil Service Commission Rule 110.9.1, every applicant must possess and maintain the qualifications required by law and by the examination announcement for this examination. Failure to acquire or maintain customs access, a requirement for this position, may be basis for termination from employment with the Airport Commission. Customs Access Seal requirements and procedures are located in the Code of Federal Regulations, Title 19, Part 122, Sections 181 or 189.
Positions with the Sherriff’s Department
Security clearance issued by the Sheriff’s Department is required prior to appointment of positions with Jail Health Services and must be maintained for continued employment. Failure to demonstrate/show proof of security clearance may result in dismissal and/or termination of employment.
Positions with the Port
Positions with the San Francisco Port Commission require that incumbents are able to obtain a Transportation Worker Identification Credential (TWIC) certificate as a condition of employment. Additionally, candidates must be insurable under the Port's automobile liability insurance policy. Insurability must be maintained throughout employment.
What else should I know?
Applicants are required to complete a Supplemental Questionnaire as part of the online application process. The purpose of the Supplemental Questionnaire is to allow candidates to self-certify their qualifications for the position. Applicants must also complete the official application.
Tech Engineer – Security Core Exam (Weight: 100%)
Candidates self-certifying meeting the Minimum Qualifications will be invited to participate in the online Tech Engineer – Security Core Exam. Candidates will be sent a web link via email that will allow them to take the online Tech Engineer – Security Core Exam that is designed to measure basic analytical and technical abilities associated with the target job, which may include but not be limited to:
• Knowledge of security operations including concepts, investigations, and incident management
• Knowledge of security engineering
• Knowledge of communication and network security
• Knowledge of asset security operations
• Knowledge of identity and access management including controlling access and managing identity
• Knowledge of mobile security including managing and securing mobile devices and software
• Knowledge of security assessment and testing
This computer-administered test can be taken at home or at a time and location of one’s convenience, but only within a two-week period specified on the test notification. Candidates must have access to a computer and reliable internet connection to participate in this exam. The test consists of 20 questions and it must be completed within 50 minutes. Questions are presented one at a time on the computer screen. There is no penalty for guessing. Candidates may not return to questions presented earlier in the exam; they can only move forward. A passing score must be attained on this test in order to continue further in the selection process. Test questions and answers are not available for public inspection or review.
Note: A passing score must be achieved on all examination components in order to be placed on the Eligible List. The hiring department may administer additional position-specific procedures to make final hiring decisions. Achieving a passing score in one class does not guarantee placement on eligible lists for the other classes. You must apply to each class for which you would like to be considered. There are different exams for each of the SF Civic Tech specialty areas (Applications, Networks, Security and Systems), and each class (1041, 1042, 1043 and 1044) has a different passing score for each exam.
Candidates’ scores on the Tech Engineer – Security Core Exam may also be applied to other announcements involving other job titles, when directed by the Human Resources Director.
Score Banking: Scores attained on the Tech Engineer – Security Core Exam will be 'banked' for three years, starting from the date of the examination. This means that, during this three-year time period, candidates need not take this test again. Rather, if another announcement you applied to and are deemed qualified for requires the Tech Engineer – Security Core Exam and is held within one year of your Tech Engineer – Security Core Exam date your score will be automatically applied to that announcement. However, after one year, a candidate has the option to either (a) apply their test score to the other announcement or (b) re-take the test. Re-testing is permitted no sooner than one year from the date of the test and only in association with a candidate’s eligibility for another announcement to which the candidate has applied and is deemed qualified. If a candidate opts to re-test, the re-test score becomes the candidate’s official score since it is the most recent.
If a significant modification is made to this exam in the future, the application of “banked” scores may no longer be appropriate. In such a rare circumstance, candidates with “banked” scores would be required to re-take the exam sooner than the three-year period specified above should they apply to another job opportunity where the modified exam is used.
Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created, and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e.g., as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission.
Upon passing the exam, candidates will be placed on the eligible list for a period of 12 months.
To find Departments which use this classification, please see https://sfdhr.org/sites/default/files/documents/Forms-Documents/Position-Counts-by-Job-Codes-and-Department-FY-2021-22.pdf .
Certification: The certification rule for the eligible list resulting from this examination will be Rule of the List. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions.
Additional Information Regarding Employment with the City and County of San Francisco
- Information About The Hiring Process
- Conviction History
- Employee Benefits Overview
- Equal Employment Opportunity
- Disaster Service Worker
- ADA Accommodation
- Veterans Preference
- Seniority Credit in Promotional Exams
- Right to Work
- Copies of Application Documents
- Diversity Statement
Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules or regulations. [Note: The correction of clerical errors in an announcement may be posted on the City's Career website at https://careers.sf.gov/. The terms of this announcement may be appealed under Civil Service Rule 110.4. Such appeals must be submitted in writing to the Department of Human Resources, 1 S Van Ness Avenue, 4th Floor, San Francisco, CA 94103-5413 by close of business on the 5th business day following the issuance date of this examination announcement. Information concerning other Civil Service Commission Rules involving announcements, applications and examination policies, including applicant appeal rights, can be found on the Civil Service Commission website at http://sfgov.org/civilservice/rules.
The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.