SENIOR INFORMATION TECHNOLOGY SPECIALIST, ISD (CYBER SECURITY)

Position/Program Information

EXAM NUMBER

W2572L

When to Submit Your Application
We will be accepting online applications from Monday, July 14, 2025, 8:00 a.m. (PT) until Friday, July 25, 2025, 5:30 p.m. (PT). All applications must be received before 5:30 p.m. (PT) on July 25, 2025, to be accepted.

Type of Recruitment:
We welcome applications from everyone!

No out-of-class or withhold experience will be accepted.

Check Out Our Outstanding Benefits!
Los Angeles County offers one of the strongest public-sector benefits packages in the nation:

• Flexible Benefit Plans - Benefits may be purchased using tax-free County contribution of an additional 14.5%-17% of the employee's monthly salary.
• Robust Retirement Packages - Contributory-defined benefit plan; optional tax-deferred income plans that may include a county matching contribution up to 4% of employee's salary.
• Generous Maternity and Family Leave Benefits
• Flexible Schedules (Telework - where appropriate)
• Rideshare, Parking, and Transit Benefits
• 13 paid holidays per year
  

Who We Are
The Internal Services Department (ISD) plays a major role in supporting all County of Los Angeles departments and commissions. With an annual budget of over $905 million and 2,158 budgeted positions along with over 5,120 contracted workers of varying professions in facilities management, information technology, environmental, administrative, purchasi n g and contracting, ISD is the County's trusted partner and provider of choice.
The Opportunity

We are looking for a shown leader that is able to balance multiple projects while redefining Information Technology strategies into goals and objectives to fill our vacancy for Senior Information Technology Specialist, ISD in our Cyber Governance and Operations Branch. The Senior Information Technology Specialist, ISD leads, plans, coordinates, communicates, analyzes, and manages resources to achieve results.

Essential Job Functions

Acts as a project manager and/or consultant to countywide and departmental project managers, project teams, departmental or user management in the highly specialized field of IT cybersecurity.
Serves as a cybersecurity advisor to executive departmental management, translates complex IT security concepts into actionable strategies to address evolving threats, regulatory requirements, and operational priorities.

Recommends and writes countywide security policy and standards concerning systems, software, and the network infrastructure and encourages recommended standards to County departments.

Performs and/or directs comprehensive risk assessments and/or analyses for current and newly deployed applications, systems, and multi-cloud environments. Develops and implements enterprise-wide vulnerability management programs. Establishes processes for continuous monitoring and improvement to mitigate security risks effectively.
Develops and delivers comprehensive security metrics, dashboards, and reports to communicate the County’s security posture to leadership and stakeholders, drives informed decision-making and continuous improvement.

Develops and/or reviews security requirements and designs for large-scale, complex applications and infrastructure, ensuring compatibility with Countywide security policies, standards, and procedures while addressing data security, application security, and well-architected framework principles.

Designs, manages, and utilizes complex security platforms and technologies (e.g., identity and assess management, application security, multi-cloud security, privileged access management, endpoint security, infrastructure security, cyber analytics, GRC, ..., etc.) to protect against malicious activities and advanced persistent threats.

Investigates and assesses new security technologies and trends and recommends cybersecurity solutions.

Works with Countywide Computer Emergency Response Team (CCERT) to design, test, and implement intrusion detection utilities and provide expertise in the monitoring and analysis of all countywide systems.

Supports County departments by leading cybersecurity incident investigations, coordinating cross-functional response efforts, and resolving complex technical challenges to minimize downtime and prevent recurrence.
Identifies security issues with regards to data integrity and security risks associated with internet and intranet application deployments and works with countywide departmental customers to implement compensating controls to minimize risks as well as measures to remediate identified vulnerabilities

Examines Requests for Proposals (RFPs), Requests for Quotations (RFQs), and Requests for Information (RFIs), determining their scope, feasibility, and costs. Reviews vendor deliverables to ensure compliance with County security policies, standards, and contract requirements.

Represents the Internal Services Department (ISD) in Countywide security committees, contributing to the development of priority plans and strategies for protecting County data and information technology assets. Provides high-level liaison with customer departments.

Assists division managers in integrating cybersecurity considerations into organizational business plans, ensuring alignment between security initiatives and operational goals.

Requirements

Requirements to Qualify

Option I: Three (3) years of experience, within the last five (5) years, at the level of Information Technology Specialist, ISD.

• Two (2) years of the required experience must have included either (1) the development, implementation, or maintenance of a comprehensive security program of information technology programs, procedures, or equipment to prohibit unauthorized access, modification or destruction of any computer system, network, program or data or (2) risk analysis of computer systems or operations or (3) the auditing of computer systems to ascertain the compliance with organizational policies and procedures and to identify security risks.

OR
Option II: Three (3) years management experience in the field of information technology, within the last five (5) years, at the level of Section Manager IT, ISD **.

• Two (2) years of the required experience must have included either (1) the development, implementation, or maintenance of a comprehensive security program of information technology programs, procedures, or equipment to prohibit unauthorized access, modification or destruction of any computer system, network, program or data or (2) risk analysis of computer systems or operations or (3) the auditing of computer systems to ascertain the compliance with organizational policies and procedures and to identify security risks.

A large organization is defined as an organization that consists of at least 10,000 users.

License:
A valid California Class C Driver License or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.
Physical Class II - Light: This class includes administrative and clerical positions requiring light physical effort that may include occasional light lifting to a 10-pound limit and some bending, stooping, or squatting. Considerable ambulation may be involved.
Desirable Qualifications:
Security-related, non-entry-level certifications from the recognized providers listed below must be active and must be professional or expert levels.
- Computing Technology Industry Association (CompTIA) certifications
- Information Systems Audit and Control Association (ISACA) certifications
- International Information System Security Certification Consortium (ISC)2 certifications
- Global Information Assurance Certification (GIAC) certifications
- EC-Council certifications
- Offensive Security certifications
- InfoSec Institute certifications

Experience with cybersecurity frameworks such as National Institute of Standards and Technology (NIST), International Standards Organization 27001 and 27002 (ISO 27001 and 27002), Service Organization Control Type 2 (SOC2), Health Insurance Portability and Accountability Act (HIPAA).

Additional Information

Our Assessment Process
This examination will consist of a multiple choice and/or simulation assessment(s), weighted at 100%, assessing:

• Learning Potential
• Responsibility
• Customer Focus
• Knowledge of Cyber Risk Management
• System and Application Security
• Network Security
• Security Management

MULTIPLE CHOICE AND/OR SIMULATION ASSESSMENT(S) ARE NOT REVIEWABLE BY CANDIDATES PER CIVIL SERVICE RULE 7.19.

Applicants must meet the requirements and achieve a passing score of 70% or higher on the examination in order to be placed on the eligible list.

NOTE:

Eligibility Information

The names of candidates receiving a passing score in the assessment will be placed on the Eligible List in the order of their score group for a period of twelve (12) months following the date of promulgation. Passing this examination and being placed on the Eligible List do not guarantee an offer of employment.

Vacancy Information
The resulting list will be used to fill a vacancy in the Cyber Governance and Operations Branch of the Internal Services Department.

APPLICATION AND FILING INFORMATION:

We only accept applications filed online. Applications submitted by U.S. mail, fax, or in person are not accepted. Apply online by clicking on the "Apply" green button at the top right of this posting. This website can also be used to get application status updates.

Please fill out the application completely. Provide relevant job experience including employer's name and address, job title, beginning and ending dates, number of hours worked per week, and description of work performed.

We may verify information included in the application at any point during the examination and hiring process, including after an appointment has been made. Falsification of information could result in refusal of application or rescission of appointment. Copying verbiage from the Requirements or class specification as your work experience will not be sufficient to demonstrate meeting the requirements. Doing so may result in an incomplete application and may lead to disqualification.

We will send notifications to the email address provided on the application, so it is important that a valid email address is provided. If choosing to unsubscribe or opt out from receiving our emails, it is possible to view notices by logging into governmentjobs.com and checking the profile inbox. It is every applicant's responsibility to take steps to view correspondence, and we will not consider claims of missing notices to be a valid reason for re-scheduling an exam part. Register the below domains as approved senders to prevent email notifications from being filtered as spam/junk mail.

• info@governmentjobs.com
• talentcentral@shl.com
• noreply@proctoru.com
• donot-reply@amcatmail.com
• HVasquez@isd.lacounty.gov

New email addresses need to be verified. This only needs to be done once per email address and can be done at any time by logging in to govermentjobs.com and following the prompts. This is to improve the security of the online application and to prevent incorrectly entered email addresses.

Federal law requires that all employed persons have a Social Security Number, so include yours when applying.

For those who do not have access to a computer or the internet, we provide access to complete an application at public libraries throughout the county.

All applicants must file their application online using their own user ID and password. Using a family member's or friend's login information may erase a candidate's original application record.

Have questions about anything listed above?
Contact us:
Exam Number: W2572L
Department Contact Name: Hugo Vasquez
Department Contact Phone: (323) 881-3670
Department Contact Email: hvasquez@isd.lacounty.gov
California Relay Services Phone: ( 800) 735-2922
ADA Coordinator Phone: ( 323) 267-3432
Teletype Phone: ( 800) 899-4099
Alternate Teletype Phone: ( 800) 897-0077

For detailed information, please click here

Closing Date/Time: 7/25/2025 5:30 PM Pacific

• 

• Los Angeles County

• (800) 970-5478

Show more