Information Security Officer (Enterprise Architect) - IT Division

DescriptionPlease view the Information Security Officer (Enterprise Architect) Duty Statement for additional and specific information regarding this position.Under direction, the Enterprise Architect performs a variety of professional, technical. analytical and supervisory duties in the operation of the Court’s enterprise systems and networks. The duties include work in the areas of Unix/Oracle Administration, Database Administration, Windows Administration, Virtual Administration, Storage Administration and Network Administration.DISTINGUISHING CHARACTERISTICS Enterprise Architect is an advanced technical professional-level class requiring a high degree of professional skill and knowledge in administering and evaluating complex computer information systems. This class includes tasks such as: Manages research, development and implementation of enterprise-wide technology and architecture strategies; provides high-level architectural expertise to IT managers and technical staff; monitors the progress of new and emerging technologies, assesses their business viability and consults with management to assess and evaluate current strategies; and makes recommendations, gains approval and develops implementation strategies for new technologies. Incumbents have greater administrative responsibility in long and short-range planning, decision making, organizational planning and coordinating, and supervising the work of information technology professional and technical staff. Incumbents also have responsibility for budget control and review. Decisions are subject to review when general policy is involved.Examples of DutiesDuties may include, but are not limited to the following:Manage and provide oversight on enterprise-wide projects and programs. Participate in statewide initiatives and lead collaboration with other courts. Provide mentoring to other information technology technical staff and information technology staff leading projects. Plan, prioritize, schedule, assign and evaluate work of assigned personnel; assist with interviews and selection; procure and provide resources to staff as needed; train and motivate staff; provide or coordinate staff training; monitor and evaluate staff performance and quality of work; initiate formal and informal disciplinary actions as necessary.Develop, sell and implement new processes to improve the Information Technology Division’s efficiencies.Develop and design long and short-term strategic vision for the Court’s infrastructure.Coordinate and review the work plan for assigned functions, services and activities; assign work activities and projects; monitor work flow; review and evaluate work products, methods and procedures; meet with staff to identify and resolve problems; ensure work is performed accurately and that timelines are met; ensure compliance with established policies, procedures and related regulations.Oversee implementation and adoption of new technology acquisition, including performing some hands-on-technical implementation.Consult and advise on new application system project to drive architectural decisions.Develop and maintain enterprise system architecture strategy and roadmaps, working with internal information technology partners and business stakeholders.Design and implement integration scenarios for end-to-end system integration of new and existing solutions.Minimum QualificationsEducation: Bachelor’s Degree from an accredited college or university in Information Technology or closely related field.And- Experience: Five (5) years full-time experience applying the principles, processes and techniques of enterprise architecture, relating to area of expertise including, but not limited to Unix/Oracle Administration, Database Administration, Windows Administration, Virtual Administration, Storage Administration and Network Administration.Substitution: Additional relevant full-time experience may be substituted for the Bachelor’s Degree on a year-for-year basis.Certification: Relevant certification(s) in areas of expertise; such as CCIE, MCSE, VCP, Oracle and UNIX are highly desirable.Knowledge OfPrinciples and practices of supervision, training, staff development and performance management; principles and practices of effective team building, team leadership and conflict resolution; design, installation and maintenance of enterprise, distributed systems to courts, state agencies or other hosted court community; developing and documenting system configurations, including hardware specifications for UNIX and Windows environments; operating systems including, but not limited to UNIX and Microsoft; all networking functions from network hardware and software vendors and products, network security policies, techniques and procedures, network documentation, configuration, maintenance and diagnostic procedures and techniques; internet and intranet architecture; designing large scale data centers; designing, building and deploying business system applications; development of long and short-term strategic initiatives for the enterprise organization; principles and practices of technical problem solving; principles, processes and techniques of project management and related software; designing disaster recovery solutions, including planning, implementation and testing; principles, practices and techniques of providing customer service; change management principles and practices.Ability ToPlan, organize and supervise the work of information technology staff; provide leadership and direction to a professional and technical group of information technology and operational staff; motivate, train, coach, evaluate and discipline staff; establish, monitor and control projects and schedules to meet goals and objectives; identify and articulate problems; recommend and document solutions; establish and maintain effective and cooperative working relationships; provide customer service, be responsive and courteous to all those encountered during the course of work; understand highly complex information technology systems and issues; communicate both orally and in writing; promote and maintain a team environment; understand the Court’s strategic business objectives as they relate to information technology.Other InformationTYPICAL PHYSICAL REQUIRMENTSSit for extended periods; frequently stand and walk; normal manual dexterity and eye-hand coordination; lift, move or set-up personal computer equipment, printers or related equipment which may weigh up to 40 pounds; extensive use of a computer and computer-related equipment; corrected hearing and vision to normal range; verbal communication; use of office equipment, including telephone, calculator, copiers scanner and facsimile.TYPICAL WORKING CONDITIONSWork is performed in an office environment; periodic travel throughout Sacramento County and outside of Sacramento County as needed; continuous contact with court staff, judicial officers and the public.Other RequirementsMust be able to pass a criminal history information background check.Possession of a valid California driver’s license or the ability to utilize alternative method of transportation when needed to carry out job-related essential functions.The following is an explanation of the benefits, which apply to those employed in regular or limited-term positions:Vacation: Vacation with pay varies depending upon the employee representation unit. New employees typically earn ten (10) days per year and accrual rates normally increase according to years of service.Holidays: The Superior Court of California, County of Sacramento recognizes thirteen ½ (13 ½ ) holidays and floating holidays per year dependent upon the employees representation unit.Sick Leave: Employees accrue 4.6 hours per bi-weekly pay period, equivalent to fifteen (15) days per year.Parental Leave: Employees with at least one (1) year of service are eligible for paid parental leave upon the birth or adoption of a child.Retirement: Employees are covered by the Sacramento County Employee's Retirement System and Social Security.Group Health Insurance: The Court provides employee and dependant health insurance coverage. The employee portion of the cost is dependent upon the employees representation unit.Dental and Vision Services Plan: Employee and dependant dental and vision insurance plans are provided at no cost.Life Insurance: Basic employee life insurance is provided at no cost to the employee with additional optional life insurance available at the employee's cost.Medical and Childcare Flexible Spending Accounts: The ability to deduct portion of your salary before taxes to apply toward medical expenses and/or child care expenses.Deferred Compensation: the Court offers a Deferred Compensation Program.Sacramento Credit Union: The credit union offers loan facilities and systematic savings plans through payroll deduction.Long Term Disability: A long term disability plan is provided at no cost to employees.Transit Subsidy: The Court provides a transit subsidy to eligible employees based on current policy.01Describe your education, professional certifications, and work experience as they directly relate to the position of Information Security Officer. Include any relevant degrees, certifications (e.g., CISSP, CISM, Security+, CJIS-specific training), and professional affiliations. Identify which aspects of your background you consider most directly applicable to this role and explain why.02Describe your experience developing, implementing, or managing an information security governance program, including the creation or revision of security policies, standards, or procedures. Provide a specific example of a policy or control framework you built or materially improved, the process you used, and how you measured its effectiveness.03This position carries compliance obligations under the FBI CJIS Security Policy, IRS Publication 1075, and Judicial Council of California policies. Describe your experience ensuring organizational compliance with a federal, state, or criminal justice data security standard. Include how you identified compliance gaps, the steps you took to remediate them, and how you maintained ongoing compliance rather than a point-in- time posture.04Describe a significant security incident or risk management situation you led or played a major role in. Explain how the incident was detected, your specific actions during containment and response, how you communicated with leadership and affected parties, and what systemic changes resulted. If describing a risk management scenario rather than an active incident, explain how you assessed, documented, and presented the risk and what outcome followed.05Effective Information Security Officers must translate complex security risks into terms that executive leadership and non-technical stakeholders can act on. Describe a situation where you had to communicate a significant security risk, finding, or recommendation to an executive audience or governing body. What was the risk, how did you frame it, and what was the outcome? If your recommendation was not adopted, how did you handle that? Required Question