Job Posting: Chief Information Security Officer

CA Student Aid Commission

JC-498468
-
Chief Information Security Officer
INFORMATION TECHNOLOGY MANAGER I

$9,387.00 - $12,579.00 per Month
New to State candidates will be hired into the minimum salary of the classification or minimum of alternate range when applicable.

Final Filing Date: Until Filled

Job Description and Duties

The California Student Aid Commission (CSAC) is seeking a Chief Information Security Officer who is a visionary technology leader passionate about advancing California’s mission to protect student information. CSAC invites dynamic, forward-thinking professionals to apply for the role of Chief Information Security Officer who will direct and lead the Information Security Office. In this role, you will be hands-on and be responsible for the direction, oversight, and operation of the Commission’s information security services. You will directly and through subordinate resources, provide expert consultation on complex information security practices and provide leadership and direction to a diverse group of information security professionals and contract staff with different skill sets.


This advertisement will remain open until the position has been filled. Applications will be reviewed every 2 weeks, with the first cutoff date being November 24, 2025.

You will find additional information about the job in the Duty Statement.

Working Conditions

  • Exposure to computer screens and other basic office equipment.
  • Work in a climate-controlled office environment, open office space with artifical lighting.
  • Attend meetings in designated conference rooms and be willing to travel to off-site locations.

  • Current residency in the State of California is required. This position is location is designated in Rancho Cordova, California and may be eligible for hybrid teleworking. The amount of telework is at the discretion of the Department and based on CSAC’s current telework policy. While CSAC supports telework, regular in-person attendance will be required at CSAC’s Rancho Cordova location based on operational needs. Teleworking from outside the State of California is strictly prohibited.

Minimum Requirements

You will find the Minimum Requirements in the Class Specification.

Additional Documents

Position Details

Job Code #:
JC-498468
Position #(s):
270-701-1405-XXX
Working Title:
Chief Information Security Officer
Classification:
INFORMATION TECHNOLOGY MANAGER I
$9,387.00 - $12,579.00
New to State candidates will be hired into the minimum salary of the classification or minimum of alternate range when applicable.
# of Positions:
1
Work Location:
Sacramento County
Telework:
Hybrid
Job Type:
Permanent, Full Time

Department Information

The California Student Aid Commission (CSAC), is the principal state agency responsible for administering financial aid programs for students attending public and private universities, colleges, and vocational schools in California. Our mission is to promote education equity by making postsecondary education affordable for all Californians. By joining us, you become part of a passionate and driven organization dedicated to its mission where all areas across the organization are aligned with the common goal of developing technical and analytical skills and leadership abilities, through promoting teamwork and cross-functional teams.

The Information Technology Services Division (ITSD) supports CSAC in the delivery of State services and information to internal and external stakeholders through IT service management using the IT Infrastructure Library framework. CSAC operates in an Oracle-based database environment and develops and maintains a cloud-based application that is used by students, colleges, and CSAC staff (also known as the “Grant Delivery System Modernization” project or “GDSM”).

Department Website: https://www.csac.ca.gov/

Special Requirements

Candidates are required to submit a Statement of Qualifications (SOQ). The SOQ is a narrative discussion of how the candidates’ education, training, experience, and/or skills qualify them for the position. The SOQ serves as documentation of each candidate’s ability to present information clearly and concisely in writing. Resumes and/or cover letters do not take the place of the SOQ.


Instructions: The SOQ must be typed in 12-point Arial font, single spaced with one-inch margins and must be a minimum of one (1) page, not to exceed two (2) pages in length, and clearly titled "Statement of Qualifications". Responses must be answered and numbered in the same order as the following questions:

1. Describe a time when you led a response to an information security incident. What did the investigation reveal? What remediation was required? What was implemented to prevent future occurrences?

2. Describe your experience leading enterprise information security programs. How have you aligned cybersecurity strategies with organizational goals, and what measurable outcomes resulted from your leadership?

3. Describe examples of how you’ve proactively addressed emerging cybersecurity threats or adopted innovative technologies to strengthen organizational resilience. What strategies did you use to gain stakeholder buy-in?

Applications received without a SOQ, following these instructions, will be rejected and disqualified from the hiring process.

Application Instructions

Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application.

Final Filing Date: Until Filled

Who May Apply

Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply. Individuals who are eligible for a Training and Development assignment may also be considered for this position(s).

Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process. Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).

How To Apply

Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at www.CalCareers.ca.gov. When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:

Address for Mailing Application Packages

You may submit your application and any applicable or required documents to:

CA Student Aid Commission
Human Resources Office (USPS)
Attn: Recruitment
P.O. Box 419027
Rancho Cordova, CA 95741

Address for Drop-Off Application Packages

You may drop off your application and any applicable or required documents at:

CA Student Aid Commission
Human Resources Office (DO)
Attn: Recruitment
11120 International Drive, Suite 100
Rancho Cordova, CA 95670
08:00 AM - 05:00 PM

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

  • Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at www.CalCareers.ca.gov. All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
  • Resume is optional. It may be included, but is not required.
  • Statement of Qualifications - A Statement of Qualifications (SOQ) is required and must be submitted with your application to be considered for this position. Applications received without the SOQ will be rejected and not considered. Please refer to the Special Requirements section of this job posting for the SOQ instructions.   
Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.

Desirable Qualifications

In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:
  • Possess in depth knowledge of data governance frameworks and best practices for protecting confidentiality, integrity, and availability of sensitive information in a public sector environment.
  • Possess expertise in Data Governance and Security.
  • Demonstrate ability to develop and implement long-term strategic plans and policies that align technology security services with organizational mission, vision, and goals.
  • Possess a track record of Ethical Leadership and Integrity.
  • Familiar with State and Federal requirements like NIST 800-53, SIMM and SAM.
  • Have security related certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.
  • Have working knowledge of the following IT domains; business technology management (i.e., policy and program development, IT procurement, etc.), client services, and information security.
  • Approach IT solutions from a security first perspective.
  • Demonstrated experience leading a team of IT professionals.
  • Enjoy developing and mentoring staff and highly functional teams.
  • Exceptional communication engagement skills.
  • Have high ethical standards, sound judgement, and integrity in all professional actions; proven ability to handle confidential and sensitive matters with discretion, and to model ethical conduct for others.
  • Experience with Cloud Services, Office365, GitHub, SharePoint and ManageEngine Service Desk Pro.
  • Strong understanding and experience with information security policies, procedures, processes and solutions.
  • Proactively identify challenges and opportunities, develop innovative solutions, and build coalitions across departments to achieve shared goals and best practices.
  • Experience with security incident management and investigations.
  • Knowledge of continuity planning.
  • Experience with risk management and mitigation.
  • Experience in security assessments, audits, and litigation.
  • Knowledge and experience in data privacy and classification.
  • Have a basic understanding and experience with project management.

Benefits

Benefit information can be found on the CalHR website and the CalPERS website.

Additional Application Instructions

A completed application package must include the following:

  • On the Examination/Employment Application (STD. 678) enter the Position Number, Position Title, and Job Control Number in the "Examination(s) or Job Title(s) For Which You Are Applying" section.
  • "To" and "From" dates (Month/Day/Year) and total hours worked per week for all employment history listed on the STD. 678.
  • Name, address, and phone numbers of current and former employers and supervisors.
  • "To" and "From" dates (Month/Day/Year) on the resume (if applicable).
  • State employees must list the specific departments for which they worked and indicate the specific civil service classification held (not working titles).
  • All required documents listed in the "Required Application Documents" section.
  • If you are meeting minimum qualifications with education, you must include a copy of your official/informal transcripts for verification. These transcripts must include your name and the name of the school. Official transcripts may be required upon appointment.
  • If you have a degree from outside of the United States, you must also submit an evaluation of this degree to determine its US equivalency. If you need an evaluation, you can visit this website https://www.naces.org/ to find organizations that provide these services.
All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification must be included in your completed Application Package to demonstrate how you meet the Minimum Qualifications for the position.

Failure to provide the information listed above may disqualify you from consideration for this recruitment.

Resumes, Cover Letters, etc. DO NOT replace the required, completed Examination/Employment Application (STD. 678).

Personally Identifiable Information:
Please do not include your Social Security Number, date of birth, veteran status, personal photos, LEAP information, or any other personally identifying information on any of your documents in your application package.

Diversity, Equity, and Inclusion at CSAC

Diversity Statement: Here at the CSAC, we want all of our employees to feel respected, valued, appreciated, and equipped to thrive. CSAC encourages employees to work together to fuel the creativity and innovation process necessary to serve our customers well. This commitment fosters and inclusive work environment where all backgrounds, cultures, and personal experiences are honored as we join in common cause to make college affordable for all California students.

Equal Opportunity Employer

The State of California is an equal opportunity employer to all, regardless of age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding and related medical conditions), and sexual orientation.

It is an objective of the State of California to achieve a drug-free work place. Any applicant for state employment will be expected to behave in accordance with this objective because the use of illegal drugs is inconsistent with the law of the State, the rules governing Civil Service, and the special trust placed in public servants.

Application Methods:
Electronic (Using your CalCareer Account)
By Mail
Drop-off
Print Job