This is a reposting. If you previously submitted an application for this position, you do not need to reapply.
Under the general direction of the director of the Technology Services Division, the Information Technology Manager I serves as the Chief Information Security Officer for the California Department of Education (CDE). The position is responsible for managing the staff in the Information Security & Privacy Office (ISPO). The ISPO is responsible for the CDE’s information security program, including but not limited to, ensuring compliance with CDE and State security policies, identifying and remediating security gaps, and coordinating incident response and disaster recovery.ISPO Management, Leadership and Coordination
- Provides leadership, direction, and management for personnel in the ISPO.
- Performs personnel-related duties such as staff recruitment, performance, evaluation, training, and corrective actions.
- Leads the coordination for implementing CDE’s information security program, including the selection and operation of security-related products and services.
Information Security Technical Monitoring and Incident Response
- Ensures the ISPO is proactively monitoring information security-related products and services for signs of potential suspicious or malicious activity at CDE headquarters and remote sites and takes appropriate remediation steps if necessary.
- Ensures the ISPO is providing immediate response to all alerts from information security-related products and services, and coordinates the potential problem evaluation, and proper remediation steps.
- Develops, maintains, and organizes regularly testing of the CDE’s incident response and disaster recovery plans.
Information Security Compliance
- Ensures the CDE’s information security program follows California state security and privacy standards, policies, and procedures as documented in the State Administrative Manual (SAM 5300) and State Information Management Manual (SIMM 5300).
- Serves as the primary CDE contact for security and privacy program audits and assessments conducted by California state oversight agencies and third-party contractors. Reviews findings and develops corrective action plans to address any non-compliance issues documented in the reports.
- Ensures timely communication with CDE executive management regarding information security and privacy issues, risks, and compliance.
You will find additional information about the job in the Duty Statement.