Skip to content
 
SF Careers Logo with City Seal
 
 

Career Opportunity

CYBER ASSURANCE PRINCIPAL ENGINEER (1044) - Department of Technology

Recruitment: RTF0152650-01111888

Published: April 11, 2025

Contact:

Lawlun Leung - lawlun.leung@sfgov.org

Apply using SmartRecruiters, the City and County of San Francisco's application portal.

Share

Department: Technology
Job class: 1044-IS Engineer-Principal
Pay range: $77.925/hr - $110.9125/hr
Role type: Permanent Exempt What does this mean?
Hours:
 

About:

IMPORTANT: Applicants must complete the supplemental questionnaire prior to starting the online application process. The application will not be reviewed without a completed supplemental questionnaire;  https://forms.office.com/g/8EfjaqZmQN

Are you ready to make an impact in one of the most innovative cities? The Department of Technology (DT) is looking for passionate IT professionals to help shape the future of technology in San Francisco! As the centralized technology services provider for the City and County of San Francisco (CCSF), DT delivers critical infrastructure and services to over 33,000 employees—supporting public safety, municipal broadband, cybersecurity, cloud solutions, and more! With a $140M+ annual budget and a team of 300+ experts, DT is leading the charge in digital transformation. DT provides services through our core areas of IT Excellence:  

  • IT Project Management Office  

  • Enterprise Application Services  

  • Cloud Center of Excellence  

  • IT Operations and Support including the Service Desk and NOC  

  • City Infrastructure including the Network, Telcom and Data Centers  

  • Office of Cybersecurity including Cyber Defense, Identity Management, and Disaster Recovery  

  • Public Safety Systems and Municipal Broadband Fiber  

  • SFGovTV Broadcasting Services  

  • IT Finance and Administration Services 

  • Emerging Technologies 

Why Join Us?  At DT, you won’t just work on IT—you’ll power a city. Your expertise will directly impact the residents of San Francisco, from closing the digital divide to ensuring secure, efficient city operations. 

Benefits of Working for CCSF   In addition to challenging and rewarding work, the City provides a generous suite of benefits to its employees: 

  • Competitive pay, benefits, and retirement options 

  • Career growth opportunities through training, internal mobility, and subsidized education 

  • Diverse work environment in a diverse city 

  • We offer employees the ability to work from home one (1) day a week while spending the other four (4)  days in our San Francisco office, promoting both collaboration and work-life balance 

Join the team that’s shaping the future of technology in San Francisco. Apply today and be part of a dynamic, innovative, and mission-driven IT team!  

Role description

The Cyber Architecture and Assurance team is one of four teams in the Office of Cybersecurity, focused on developing cybersecurity policies and standards, ensuring application and platform architectures meet OCS (Office of Cybersecurity) cybersecurity standards. We are active in empowering IT groups throughout the City and County in their risk mitigation practices, providing real-time assurance data and toolsets to IT professionals and management throughout the City and County enterprise. We are a service-oriented, dynamic and diverse group, who are firmly committed to our mission. The Office of Cybersecurity is helmed by the City Chief Information Officer (CCISO).

The Cyber Assurance Program project is moving into its compliance phase. As we continue to enhance the program, expand our visibility, gaining critical security intelligence, we are seeking to align and empower City IT stakeholders with cybersecurity best practices, actively remediating risk in accordance with established policies, automating many of the operational security practices needed to ensure the protection of City and County department and constituent data. One of the primary assurance tools our team utilizes is the Tanium platform. This position will work closely with our current principal engineer in maintaining and leveraging all aspects of the platform to realize OCS assurance program and project objectives.

We are seeking a highly motivated and technically experienced contributor to serve as a Tanium administrator, engineer, and thought leader to serve as partner to our lead Tanium engineer, and to assist in our mission of reducing cyber risk throughout the City and County. This position reports to the Office of Cybersecurity’s Cyber Defense Supervisor, who currently supervises the Office of Cybersecurity Cyber Defense and Cyber Architecture and Assurance teams.  As a Principal Assurance Engineer, you will be responsible for maintaining, promoting, training and leveraging our Tanium platform in service to Assurance program objectives and cybersecurity IT stakeholders throughout the City and County, among other duties described pertaining to our general mission.

Position Responsibilities 

  • Deploy, configure, maintain, secure, assess, troubleshoot and optimize cyber assurance platforms, interfacing with vendor support and or Technical Account Managers as needed.
  • Onboard, train and support cyber assurance platform users, supporting departments in assessing and remediating risk throughout the City enterprise.
  • Develop Tanium based content and deploy solutions addressing a range of use cases for use by City and County Information Technology and Cybersecurity staff for Windows, macOS, and Linux.
  • Recommend, assess, and assist departments in their compliance, security, and risk reduction efforts pertaining to all elements of Information Technology including operating systems, networks, and data storage.
  • Develop and maintain documentation, policies, trainings and FAQs as needed.
  • Assess and report on department or agency compliance with Office of Cybersecurity policies, department/ group security posture, and related challenges.
  • Provide data and or Information Technology security guidance as a consultant for enterprise, department, and internal Department of Technology projects, requests, procurements, and change controls.
  • Assist in developing cyber assurance related objectives and projects to meet those objectives. Work with departments and or internal teams to meet project objectives.
  • Conduct department and agency outreach, surveys and program development.

How to qualify

Desirable Qualifications

  1. 3 years’ experience of Linux and Microsoft Windows server administration and support. 

  2. 3 years’ experience diagnosing and resolving IP network issues. 

  3. 3 years’ experience using and supporting Tanium operational modules and on-prem appliances in a large, federated company, enterprise, or government agency comprising multiple agencies or businesses. 

  4. Comprehensive Tanium experience - Tanium Certified Operator (TCO) or Tanium Certified Administrator (TCA) preferred 

  5. CompTIA Security + , Certified Information Systems Security Professional (CISSP) or similar security related certification. 

  6. VMware virtualization or Amazon WEB Services (AWS) or Microsoft Azure Cloud Services experience 

  7. Microsoft Server Operating System certification 

  8. Intermediate Linux administration and BASH script development 

  9. PowerShell, Python or VBScript script development 

  10. macOS desktop management and support experience 

  11. Windows desktop management and support experience 

  12. Self-starter, strong detail and service orientation, with excellent follow through are attributes needed for this position

Minimum Qualifications 

Education:

An associate degree in computer science, computer engineering, information systems, or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field].

Experience:

Five (5) years of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of an enterprise network.

License and Certification:

Substitution:

Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in one of the fields above or a closely related field.

Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree.

What else should I know?

Job Type:

The Permanent Exempt - Full Time position is excluded by the Charter from the competitive civil service examination process and shall serve at the discretion of the appointment officer. The anticipated duration of this project position is thirty-six (36) months and will not result in an eligible list or permanent civil service hiring.

Work Location

Incumbent will conduct the majority of work at the Department of Technology, (1 S Van Ness, Ave San Francisco, CA 94103).  However, there may be situations where the incumbent will be required to work at other sites throughout the City of San Francisco as necessary

Nature of Work

The incumbent must be willing to work on-site at our San Francisco office in person four (4) days a week and one day remote as determined by the department. Travel within San Francisco may be required.

Compensation: $77.9250 - $98.0125 (hourly)/$162,084 - $203,866 (annually) 

How to Apply:

  • Application Deadline: Applicants are encouraged to apply immediately as this recruitment may close at any time, but not before Friday, May 2, 2025, at 11:59PM.
    •  Applicants must complete the supplemental questionnaire; https://forms.office.com/g/8EfjaqZmQN
    • Your application MUST include a resume.  To upload, please attach using the "additional attachments" function.
  • You may contact Lawlun Leung via email at lawlun.leung@sfgov.org with questions regarding this opportunity.
  • Late or incomplete submissions will not be considered. Mailed, hand delivered or faxed documents/applications will not be accepted.


Right to Work:

All persons entering the City and County of San Francisco workforce are required to provide verification of authorization to work in the United States.  

 

The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.