The San Francisco Fire Department is seeking an Information Security Officer (ISO) to join its team. Reporting to the CIO, the ISO is responsible for maintaining an information risk management and cybersecurity program for the San Francisco Fire Department (SFFD). The ISO will work with all areas of the SFFD to develop a "best in class" information security and compliance program to assess appropriate technology platform risks, protect SFFD information assets, and ensure compliance with the City and County of San Francisco (CCSF) Information Security Policies.

The ideal candidate is a holistic, mission-driven information security leader who can assess cybersecurity risk across many dimensions of the organization and translate those insights into practical, department-specific solutions. They will work hand in hand with SFFD leadership and closely with the City and County's Cybersecurity Officer-tailoring enterprise security requirements and policies to fit the unique operational realities of a fire department. This individual brings strong experience protecting sensitive data, including PII and PHI, and developing policies for secure data handling, endpoint scrubbing, and system hygiene. Calm under pressure and hands-on in execution, the ideal candidate blends deep technical expertise with sound judgment and collaboration, helping build a best in class security program that safeguards critical public safety systems while enabling the department to operate effectively and securely.

Preferred Skills

• Minimum of 6 years' experience managing information security programs, developing and applying information security, risk management, and privacy practices in local, state, or federal government.
• Minimum of 6 years' practical experience designing and implementing IT security solutions, with a deep understanding of various security threats and preventative measures.
• Familiarity with cybersecurity frameworks such as NIST, CIS Controls, PCI-DSS, CCM, etc.
• Strong demonstrated knowledge of LAN/WAN, systems administration, Active Directory, PowerShell, group policy, virtualization, cloud, and IT security technologies.
• Experience with systems access management, change management, security monitoring and intrusion detection, vulnerability management, endpoint security management, cloud security, data loss prevention, encryption, network security, disaster recovery, data management, physical security, and vendor management.
• Experience with CrowdStrike, Splunk, Google SecOps, Cisco, Palo Alto Firewalls, Windows Server, Intune, Tenable, OCI, Microsoft Entra, Microsoft 365, Endpoint Security, and Enterprise Mobility in the cloud.
• IT certifications (1 or more) such as Security+, CISSP, CISA, CISM, CySA+, CRISC, C-ISO, SSCP, CASP, CEH, GIAC

Duties and Responsibilities include, but are not limited to the following:

• IT & CYBER SECURITY RISK MANAGEMENT:
  • Continuously identifying, updating, and maintaining information regarding potential security vulnerabilities, risks, and threats to the enterprise information technology infrastructure, and distributing technology security information to appropriate staff.
  • Provide instructions and coordination regarding software configuration standards for Servers and desktop systems that are or may be attached to the enterprise network, where necessary to ensure information technology security.
  • Support corporate risk leadership to review enterprise IT and cyber risks, assess capabilities, prioritize security and risk strategies, and communicate risk intelligence in a way that drives business decision-making.
• ISO PROGRAM GOVERNANCE & MANAGEMENT:
  • Develop policies, procedures, standards, and partner with agency employees and consultants to ensure understanding of and adherence to CCSF Information Security Policies.
  • Coordinates work activities, program functions with other CCSF agencies, and external business partners related to cyber/information security.
  • Work with the CCSF's external IT auditors during the annual Cyber Security Assessment.
  • Support the development, implementation, and monitoring of a comprehensive enterprise information security, compliance, and risk management program.
  • Oversee security awareness strategy and programs, including annual employee training and ongoing awareness campaigns to ensure all department employees understand and adhere to information technology policies and standards.
  • Responsible for ensuring compliance with CCSF Information Security Policies
• CYBER SECURITY OPERATIONS/ACTIVITIES:
  • Track cyber security incidents and vulnerability reports, direct teams for remediation of issues.
  • Ensure identity and access management is properly documented in the ticketing system.
  • Produce documentation when/where needed.
  • Ensure all systems are equipped and updated with necessary cyber protection tools
  • Continuously check for security gaps, document findings, and take necessary measures to rectify issues discovered.
  • Verify patches and software updates are correctly done. Missing patches and inconsistencies should be resolved.
  • Analyze vulnerability reports and operationalize them by providing specific guidance to IT Support teams for remediation.
  • Assess endpoint system health and suggest improvement or remediation steps.
  • Monitor various security tools dashboards, scrutinize numbers, identify anomalies, and communicate with appropriate internal and external partners.

The ISO position is classified under IS Engineer - Journey, Class 1042. For more information on the position and its requirements, the candidate should review the program details. Additional experience can be substituted for education. A typical way to qualify for this position is:

Education: An associate degree in computer science, computer engineering, information systems, or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [ie, at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field].

Experience: One (1) year of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of an enterprise network.

CPS HR Consulting is conducting this recruitment in cooperation with SF Fire. Any candidate hired will be a permanent, Full time employee of the City and County of San Francisco.