County of Alameda

Cybersecurity Analyst, ACERA (#1374)

Bargaining Unit: Unrep - General Mgmt (U15)
$68.94-$87.99 Hourly / $5,515.20-$7,039.20 BiWeekly /
$11,949.60-$15,251.60 Monthly / $143,395.20-$183,019.20 Yearly


DESCRIPTION
Under general direction, to maintain and enhance a comprehensive cybersecurity program, provide project management, liaison, and contract administration for the design, implementation, and modification of customer requirements for County computer systems, ensure projects are delivered on time, within budget, meet customer specifications, and performs related work as required.

DISTINGUISHING FEATURES

This classification of Cybersecurity Analyst, ACERA, is located in the Office of the Alameda County Employees’ Retirement Association (ACERA) and reports directly to the Retirement Chief Technology Officer, ACERA, or Assistant Chief Executive Officer, ACERA. The Cybersecurity Analyst, ACERA, manages the maintenance and implementation of the cybersecurity program, whereas the Retirement Chief Technology Officer, ACERA, sets the cybersecurity strategy. Additionally, the Cybersecurity Analyst, ACERA, manages the implementation of enterprise-wide strategic projects, whereas the Retirement Chief Technology Officer, ACERA, acts as a project sponsor.

The Cybersecurity Analyst, ACERA is distinguished from the next lower-level classification of Personal Computer & Network Systems Analyst, ACERA in that the latter works on smaller, less complex projects, receives direction throughout projects, and only works on cybersecurity matters tangentially.

EXAMPLES OF DUTIES
NOTE: The following are the duties performed by employees in the classification, however, employees may perform other related duties at an equivalent level. Each individual in the classification does not necessarily perform all duties listed.

  1. Monitors security vulnerabilities and cybersecurity threats in network and host environments.
  2. Devises risk-based strategies and implements IT solutions to minimize the risk of cyber-attacks.
  3. Provides technical advice and recommends policies, procedures, enhancements, and acquisition of hardware, software, and services of customers with the goal of maintaining or enhancing cybersecurity.
  4. Plans and oversees multiple projects to completion; identifies scope and objectives; identifies deliverables and establishes schedules and timelines; assigns work to the project team.
  5. Develops and improves cyber incident response management.
  6. Ensures that multiple projects are delivered on time, within budget, and to customer specifications.
  7. Develops cost and budget analysis for projects and cybersecurity initiatives.
  8. Develops and directs the implementation of operational plans to support County department/agency’s business goals.
  9. Identifies project resources and skill level of necessary resources.
  10. Works with department/business managers to evaluate current and anticipated Information Technology requirements with consideration towards cybersecurity.
  11. Meets with customers to establish production goals, priorities, major work schedules, and status of projects, including timelines, schedules, and resources.
  12. Develops and obtains consensus on service-level agreements.
  13. Develops plans for the entire project life cycle, which include the phases for requirements gathering, design, development, testing, and implementation of technology solutions to address complex business objectives.
  14. Performs IT security risk assessments and reports on ways to minimize threats.
  15. Tracks the latest IT security innovations and keeps abreast of the latest cybersecurity technologies.

MINIMUM QUALIFICATIONS
Education:

Possession of a bachelor’s degree from an accredited college or university with a major in Cybersecurity, Computer Science, Information Technology, Information Systems Management, or a closely related field. Possession of a cybersecurity certificate and a Project Management Professional (PMP) certificate are highly desirable.

AND

EITHER I
Experience:

The equivalent of one (1) year of full-time experience in the classification of Technology Project Manager or Personal Computer & Network Systems Analyst, ACERA in Alameda County classified service.

OR II

Experience:

The equivalent of six (6) years of full-time, progressively responsible experience in project management with demonstrated experience in managing the design, development, implementation, operation, and maintenance of a large complex information systems program in a multi-service public, or private sector organization, and of which three (3) years of full-time experience must be progressively responsible for the operation and maintenance of cybersecurity program of a multi-service public or private sector organization.

NOTE: The Civil Service Commission may modify the above Minimum Qualifications in the announcement of an examination.

KNOWLEDGE AND SKILLS
NOTE: The level and scope of the following knowledge and abilities are related to duties listed under the “Examples of Duties” section of this specification.

Knowledge of:

  • Principles and practices of technical project management and cybersecurity programs.
  • Security information and event management (SIEM), intrusion detection systems (IDS), and intrusion prevention systems (IPS).
  • Programming and scripting languages such as Python, JavaScript, and PHP.
  • Techniques of supervision and training.
  • Understands application of security and privacy technologies and current best practices.
  • Understands the application of cybersecurity, risk management and control frameworks (such as National Institute of Standards and Technology (NIST) Cybersecurity Framework, NIST Risk Management Framework, and NIST 800-53 controls).
  • Understands advanced methods and techniques of evaluating information security and developing appropriate solutions; converged voice and data network security; architecture and design.
  • Application development lifecycle.
  • Principles and techniques of software and system quality assurance, control, and security.
  • Principles and practices of technical problem solving.
  • Team dynamics and team building.
  • Principles, practices, and techniques of customer service.
  • Security of distributed, client/server, and desktop computer systems.
  • Principles and practices of producing project, technical, and cybersecurity documentation.
  • Concepts related to the backup and recovery of files.
  • Financing, estimating and budgeting, including planning and estimating, calculating overhead, design, development and implementation costs.
  • Principles of vulnerability management, including analysis, discovery, assessment, prioritization, remediation, and patch management.
  • Endpoint protection strategies.
  • Principles of identity and access management.
  • Principles of email security.
  • Network technologies.
  • Internet security technologies.
  • Security principles of Microsoft technologies.

Ability to:

  • Supervise technical, functional, cybersecurity, and operational managers and staff.
  • Function in a high-stress environment and meet project deadlines.
  • Develop security strategies to protect internal networks and cloud infrastructure.
  • Develop and implement an incident response plan to enact in the event of a cyber attack.
  • Research and advise on security IT infrastructure.
  • Monitor systems and networks for cybersecurity attacks.
  • Implement protective measures for business systems.
  • Research the latest cybersecurity strategies to stay updated.
  • Coordinate multiple projects and schedules.
  • Understand highly complex information technology and cybersecurity systems and methodologies.
  • Work effectively with all levels of management and with diverse work teams.
  • Define problems and develop alternate solutions.
  • Manage contract negotiations with cybersecurity and project vendors.
  • Analyze business problems and opportunities, and articulate business requirements.
  • Communicate clearly, both orally and in writing.
  • Make technical oral presentations to both technical and non-technical audiences.
  • Prepare a comprehensive report on the portfolio of projects managed.
  • Manage communication at the executive level with external Department/Agency representatives.
  • Demonstrate integrity when applying information security principles and practices, dealing with confidential/secret information, and handling issues of a highly sensitive nature.
  • Identify and define actual and potential issues or concerns pertaining to the confidentiality, integrity, and availability of ACERA data and systems.
  • Demonstrate strict confidentiality, professionalism, integrity, and compliance with applicable laws and regulations.


CLASS SPEC HISTORY
New Spec 1374.dox
IL:saa 06/20/2023
CSC Date:08/09/2023

BENEFITS

Alameda County offers a comprehensive and competitive benefits package that affords wide-ranging health care options to meet the different needs of a diverse workforce and their families. We also sponsor many different employee discount, fitness and health screening programs focused on overall well being.  These benefits include but are not limited to*:

For your Health & Well-Being

  • Medical – HMO & PPO Plans
  • Dental – HMO & PPO Plans
  • Vision or Vision Reimbursement
  • Share the Savings
  • Basic Life Insurance 
  • Supplemental Life Insurance (with optional dependent coverage for eligible employees)
  • Accidental Death and Dismemberment Insurance 
  • County Allowance Credit
  • Flexible Spending Accounts - Health FSA, Dependent Care and Adoption Assistance
  • Short-Term Disability Insurance
  • Long-Term Disability Insurance
  • Voluntary Benefits - Accident Insurance, Critical Illness, Hospital Indemnity and Legal Services
  • Employee Assistance Program

For your Financial Future

  • Retirement Plan - (Defined Benefit Pension Plan)
  • Deferred Compensation Plan (457 Plan or Roth Plan)

For your Work/Life Balance

  • 12 paid holidays
  • Floating Holidays
  • Vacation and sick leave accrual
  • Vacation purchase program
  • Management Paid Leave**
  • Catastrophic Sick Leave
  • Group Auto/Home Insurance
  • Pet Insurance
  • Commuter Benefits Program
  • Guaranteed Ride Home
  • Employee Wellness Program (e.g. At Work Fitness, Incentive Based Programs, Gym Membership Discounts)
  • Employee Discount Program (e.g. theme parks, cell phone, etc.)
  • Child Care Resources
  • 1st United Services Credit Union 

*Eligibility is determined by Alameda County and offerings may vary by collective bargaining agreement.  This provides a brief summary of the benefits offered and can be subject to change.

** Non-exempt management employees are entitled to up to three days of management paid leave. Exempt management employees are entitled to up to seven days of management paid leave.