Under the general direction of the Security Operations Manager, an Information Technology (IT) Manager I, the IT Specialist II (Information Security Specialist) works independently and as part of a team to establish a Risk Management Plan, perform and document risk assessments, and identify and monitor mitigation plans and activities. The incumbent is also responsible for developing and maintaining System Security Plans (SSP) and Incident Response Plans and for investigating security incidents.
This advertisement is posted as Open Until Filled and the advertisement will remain open until the vacancy is filled. Cut-offs for applications will be every other Monday, starting April 21, 2025, and applications will be reviewed per those cut-off dates. Hires can be made at any time based on the applications received by the cut-off dates.
You will find additional information about the job in the Duty Statement .
Working Conditions Part time telework is available for this position up to three days per week for California residents based on the requirements of the position and may be discussed during the interview process. Hiring interviews may be available virtually, using teleconferencing or video conferencing options.
While working on-site, the incumbent works in a professional office environment, in a climate-controlled area which may fluctuate in temperature and is under artificial light. The incumbent will be required to use a computer, mouse, and keyboard, and will be required to sit for long periods of time at a computer screen. The incumbent must be able to focus for long periods of time, multi-task, adapt to changes in priorities, and complete tasks or projects with short notice. The incumbent must develop and maintain cooperative working relationships and display professionalism and respect for others in all contact opportunities.
Minimum Requirements You will find the Minimum Requirements in the Class Specification.
- INFORMATION TECHNOLOGY SPECIALIST II
Additional Documents - Job Application Package Checklist
- Duty Statement
Position Details Job Code :
JC-467273
Position (s):
-001
Working Title:
Information Security Specialist
Classification:
INFORMATION TECHNOLOGY SPECIALIST II $8,374.00 - $11,220.00 A
Candidates who are new to California state service will be hired at the minimum salary of the classification. For classifications with alternate ranges, range placement is based on education/experience.
of Positions:
1
Work Location:
Sacramento County
Telework:
Hybrid
Job Type:
Permanent, Full Time
Department Information Are you looking for a different type of state government job? Something with a little more excitement and a more fast-paced and fluid environment? How about an opportunity to be part of one of the most remarkable transportation projects in California's history? The California High-Speed Rail Authority is a small and dynamic state agency that is looking for employees who are interested in a challenging and rewarding job opportunity.
Please let us know how you heard about our position by taking this brief survey. Completing this survey is not required to be considered for this vacancy.
Department Website:
Special Requirements A Statement of Qualifications (SOQ) is required and must be included. An SOQ is a narrative that describes your qualifications for this position. The SOQ must be no more than two (2) pages long, single-spaced, with one-inch margins, in 12-point font, organized and numbered as reflected below. Applicants who do not follow these instructions may be disqualified from the hiring process. You must respond to all the following items:
1. Describe your knowledge and experience of risk assessment frameworks such as NIST, ISO 31000, or COSO. How have you applied these frameworks to identify and assess organizational risks?
2. Provide examples of risk mitigation strategies you've developed and implemented. Include an example of a high-risk situation you successfully mitigated. What steps did you take to reduce/mitigate the risk?
3. How does a System Security Plan (SSP) address governance controls (e.g., policies, roles, compliance) and technical controls (e.g., firewalls, encryption, access control) to ensure the system's security?
4. Describe your experience, including role(s) and responsibilities, related to incident response. Provide an example of an incident you were involved with. Include the nature and criticality of the event. What was your role? What did you learn from the experience?
5. Describe a time when you were responsible for ensuring an audit finding or risk was mitigated or resolved. How did you ensure the technical staff, system owners, and other stakeholders understood the issue? How did you gain concurrence on your recommended mitigation/resolution?
Applications received without the SOQ may not be considered. Cover Letters, Resumes, and other materials do not take the place of the SOQ.
Artificial Intelligence (AI) tools can be useful in the development of written responses; however, it is important to use these tools responsibly and ethically. Responses within the SOQ must be your own original work and representative of your own knowledge, skills, and experience. Applicants must write in their own words and avoid plagiarism. Failure to comply may be cause for disqualification.
Application Instructions Dates printed on Mobile Bar Codes, such as the Quick Response (QR) Codes available at the USPS, are not considered Postmark dates for the purpose of determining timely filing of an application.
Final Filing Date: Until Filled
Who May Apply
Individuals who are currently in the classification, eligible for lateral transfer, eligible for reinstatement, have list or LEAP eligibility, are in the process of obtaining list eligibility, or have SROA and/or Surplus eligibility (please attach your letter, if available). SROA and Surplus candidates are given priority; therefore, individuals with other eligibility may be considered in the event no SROA or Surplus candidates apply.
Applications will be screened and only the most qualified applicants will be selected to move forward in the selection process. Applicants must meet the Minimum Qualifications stated in the Classification Specification(s).
How To Apply
Complete Application Packages (including your Examination/Employment Application (STD 678) and applicable or required documents) must be submitted to apply for this Job Posting. Application Packages may be submitted electronically through your CalCareer Account at . When submitting your application in hard copy, a completed copy of the Application Package listing must be included. If you choose to not apply electronically, a hard copy application package may be submitted through an alternative method listed below:
Address for Mailing Application Packages
You may submit your application and any applicable or required documents to:
CA High Speed Rail Authority
High Speed Rail Authority
Attn: Human Resources
770 L Street, Suite 620, MS 4
Sacramento , CA 95814
Address for Drop-Off Application Packages
You may drop off your application and any applicable or required documents at:
CA High Speed Rail Authority
High Speed Rail Authority
Human Resources
770 L Street, Suite 620, MS 4
Sacramento , CA 95814
08:00 AM - 05:00 PM
Required Application Package Documents
The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:
- Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at . All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
- Resume is optional. It may be included, but is not required.
- Statement of Qualifications - A Statement of Qualifications (SOQ) is required to apply. Please see above "Special Requirements" section for SOQ instructions.
Applicants requiring reasonable accommodations for the hiring interview process must request the necessary accommodations if scheduled for a hiring interview. The request should be made at the time of contact to schedule the interview. Questions regarding reasonable accommodations may be directed to the EEO contact listed on this job posting.
Desirable Qualifications In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:
• Associate or bachelor's degree in an information technology related field of study.
• Five (5) years of experience in Information Security Operations.
• Possess of one or more of the following certifications (active):
o Associate of (ISC)2
o Certified Information Systems Security Professional (CISSP)
o Certified Information Security Manager (CISM)
o Certified Information Systems Auditor (CISA)
o CompTIA Security+
o CompTIA PenTest+
o GIAC Information Security Fundamentals . click apply for full job details