Senior IT Security Engineer
Apply NowCompany: County of Santa Clara, CA
Location: San Jose, CA 95123
Description:
Salary : $230,156.16 - $279,755.84 Annually
Location : San Jose Metropolitan Area, CA
Job Type: Full-Time
Job Number: 25-G4F-A
Department: County Executive
Division: Information Security Office
Opening Date: 03/07/2025
Closing Date: 3/21/2025 11:59 PM Pacific
Bargaining Unit: 92
Description
Under general supervision, to execute the security strategy set by the IT Security Architect, and to engineer, implement and maintain the security measures for the protection of computer systems, networks and information, in accordance with security policies and guidelines.
Typical Tasks
Employment Standards
Sufficient education, training, and experience to demonstrate the possession and direct application of the following knowledge and abilities:
Training and Experience Note:
Possession of a Bachelor's Degree from an accredited college in Computer Science, Information Systems or other related field;
and
Nine (9) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. is required.
OR
Training and experience equivalent to the possession of a Bachelor's degree. Relevant analytical, administrative, lead, supervisory or management experience that includes interpreting rules and regulations, gathering data and formulating recommendations, and report writing can substitute for education on a year-for-year basis;
and
Eleven (11) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. is required.
Special Requirements
Knowledge of:
Ability to:
The County offers comprehensive first-class medical, dental, and vision benefits plans for County employees and their dependents, including plans with no deductibles, no co-pays, no co-insurance, and no prescription drug co-pays. Learn more
The County also offers generous paid time off with significant vacation, sick time, and 13 paid County holidays annually! Details are included in the with the bargaining unit applicable to the job classification.
In addition to the amazing perks above, the County also offers the additional benefits below.
Retirement Benefits
The County offers robust retirement plans including a (similar to the private sector's 401(k) plan) and the In addition to lifetime retirement income available through the CalPERS pension plan, the 457(b) Deferred Compensation plan provides a great way to save for retirement and supplement the defined benefit pension available to employees. These plans help our employees build a plan for their future and contribute to their family's long-term financial well-being.
Health Flexible Spending Account
The empowers employees to manage healthcare expenses efficiently with tax-free contributions (up to $3,200 for the 2024 calendar year). Secure tax-free solutions for your healthcare expenses and enjoy the flexibility to manage your healthcare finances effectively with the HFSA.
Dependent Care Assistance Program (DCAP)
The enables employees to utilize tax-free funds for dependent care services, facilitating a convenient and cost-effective approach for managing your dependent care expenses. The County also offers the , an employer-funded DCAP, for employees with annual income under $120,000.
Life and AD&D
The County offers life and disability benefits including , Insurance, These benefits ensure financial security and income support when you and your family need it most.
Employee Assistance Program (EAP)
The County prioritizes employee mental health and well-being and offers a top-tier through Concern providing confidential counseling sessions covering stress, anxiety, relationships, grief, as well as financial/legal services, personal coaching, child and elder care referrals, and comprehensive crisis support.
Employee Wellness
The offers free wellness programing, fitness classes and resources; including Elevate My Wellness an all-in-one platform designed to elevate your well-being journey.
Education Reimbursement
A generous program is available, including Education Reimbursement for employees seeking additional training and professional development.
NOTE: Benefit and Retirement information may vary from bargaining unit to bargaining unit. Due to changes in State Law, current pension provisions described in the union contracts are not automatically applied. Specific pension benefits for new hires who start on or after January 1, 2013 may be different than indicated in the union contracts.
Click here to access all Memoranda of Understanding and most recent Summary of Changes.
01
Completion of the following supplemental questions is REQUIRED and is an integral part of the recruitment evaluation process. Initially, it will be used to determine if an application Passes or Fails at the review stage. For those applications passing employment standards, this information could be critical in subsequent assessments. Answers should be as complete as possible, a response of "see resume" or "see application" will deem an application incomplete and the application will be rejected.
When prompted to describe your experience, please include a detailed description in the following format for EACH employer referenced:
a) Employer name
b) Job title
c) Description of work performed, pertaining to the question asked.
Do you understand the requirement to provide complete answers?
02
What is the highest level of education you have completed?
03
Do you possess a Bachelor's Degree or higher in Computer Science, Information Systems, or other related field?
04
If you answered no to the question above, or have a related degree, please list the field your degree is in.
05
How many years of work experience do you have performing analytical, administrative, lead, supervisory, or management duties? Relevant experience includes interpreting rules and regulations, gathering data, formulating recommendations, and report writing.
06
Describe your supervisory experience. For each position in which you supervised staff, specify the number of staff you supervised, the position title(s) of the staff you supervised, and your experience with hiring, training, mentoring, evaluating, and disciplining staff. Response must include the name of employer(s), job title(s), dates of employment and total hours worked per week. If no experience, type "N/A".
07
How many years of work experience do you have combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification?
08
Describe your work experience of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Response must include the name of employer(s), job title(s), dates of employment and total hours worked per week. If you do not have this experience, type "N/A".
09
Select the IT Security field below in which you have the most experience in (select one):
10
Select a major IT Security application/system that you have the most knowledge of (select one):
11
Have you worked on a major IT Security initiative from initial idea to operationalizing?
12
If you selected yes to the question above, which best describes your role in the major IT Security initiative (select one):
13
Do you have hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.?
14
Describe your work experience leading the development, design, testing, delivery and implementation of security solutions which included defining and validating baseline security configurations for operating systems, applications, networking and telecommunications equipment. If you do not have such experience, type "N/A".
15
Describe your work experience facilitating partnerships and collaborating with multiple stakeholders throughout an organization including engineers, managers, and business/clinical teams. If you do not have such experience, type "N/A".
16
How did you find out about this job?
17
If you selected an event/fair or other in the question above, please specify. If not, type "N/A".
Required Question
Location : San Jose Metropolitan Area, CA
Job Type: Full-Time
Job Number: 25-G4F-A
Department: County Executive
Division: Information Security Office
Opening Date: 03/07/2025
Closing Date: 3/21/2025 11:59 PM Pacific
Bargaining Unit: 92
Description
Under general supervision, to execute the security strategy set by the IT Security Architect, and to engineer, implement and maintain the security measures for the protection of computer systems, networks and information, in accordance with security policies and guidelines.
Typical Tasks
- Participates in workstream planning process including inception, technical design, development, testing and delivery of security solutions;
- Collaborates closely with infrastructure, architecture and application teams to design security solutions that incorporate present and future views of security;
- Leads the design and implementation of security solutions for intrusion detection and notification, security auditing, alerting, and response, virus detection and removal, password complexity enforcement, and media protection;
- Defines and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment;
- Collaborates with IT Security Architects on optimization of the security footprint (tools enhancement, hardware improvements, new software tools, etc.);
- Troubleshoots, diagnoses and resolves high severity security issues or problems escalated by senior leadership;
- Collaborates in the development of security implementation requirements, acceptance criteria, and assists in generating statements of work (SOWs);
- Participates in discussions with architecture team around security standards and practices;
- Communicates and influences other engineers, managers and business/clinical teams on ensuring policies and procedures regarding use of security products, techniques, and patterns are followed;
- Directs efforts to identify discrepancies resulting from security audits, develops plans for corrective action, and tracks actions to closure;
- Recommends security products by researching needs and evaluating corporate standards list;
- Reviews security information system schematics, diagrams, and other program documentation to assist with development and preparation of cost estimates;
- Designs and implements security solutions for intrusion detection and notification, security auditing, alerting, and response, virus detection and removal, password complexity enforcement, and media protection;
- Performs capacity and future growth planning of the enterprise security infrastructure to ensure a highly available security environment;
- Analyzes and reports on key security metrics and Key Performance Indicators (KPIs);
- Certifies the security functionality of network components and services within the release;
- Implements security solutions for intrusion detection and notification, security auditing, alerting, and response, virus detection and removal, password complexity enforcement, and media protection;
- Reviews audit trails to detect potential security violations;
- Verifies security systems by developing and implementing test scripts and running security scans;
- Validates baseline security configurations for operating systems, applications, networking and telecommunications equipment;
- Maximizes security footprint by monitoring security tools, troubleshooting escalated security problems and incidents, scheduling security upgrades, identifying security gaps, and evaluating and implementing enhancements;
- Troubleshoots, diagnoses, and resolves problems; keeps customers informed about network security problems and resolutions;
- Communicates status and documents problems and resolutions for future reference;
- Evaluates vendor solutions to ensure compliance with requirements and cost-effectiveness;
- Maintains enterprise IT standards across the network security;
- Responsible for managing Tier 2 and Tier 3 incidents response;
- Reviews privileges and permissions of users;
- May be assigned as a Disaster Service Worker, as required;
- Performs other related duties.
Employment Standards
Sufficient education, training, and experience to demonstrate the possession and direct application of the following knowledge and abilities:
Training and Experience Note:
Possession of a Bachelor's Degree from an accredited college in Computer Science, Information Systems or other related field;
and
Nine (9) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. is required.
OR
Training and experience equivalent to the possession of a Bachelor's degree. Relevant analytical, administrative, lead, supervisory or management experience that includes interpreting rules and regulations, gathering data and formulating recommendations, and report writing can substitute for education on a year-for-year basis;
and
Eleven (11) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. is required.
Special Requirements
- Ability to travel to alternate locations in the course of work.If driving, possession of a valid California Driver's License prior to appointment and the ability to qualify for and maintain a County driver authorization.
- Depending on the position, related certifications may be required or desirable.
Knowledge of:
- Infrastructure, architecture and application teams to design security solutions;
- Principles of leadership;
- Methods to optimize the security footprint (tools enhancement, hardware improvements, new software tools, etc.);
- High severity security issues or problems;
- Security implementation requirements, acceptance criteria, and statements of work (SOWs);
- Security standards and practices;
- Discrepancies resulting from security audits, corrective action, and actions for closure;
- Security information system schematics, diagrams, and other program documentation;
- Capacity and future growth planning of the enterprise security infrastructure;
- Services provided by vendors;
- Security products, needs and corporate standards list;
- Security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.;
- Network technologies and network monitoring tools;
- Web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols;
- Cloud solutions;
- Principles of effective customer service;
- Security solutions for intrusion detection and notification;
- Test scripts and security scans;
- Baseline security configurations for operating systems, applications, networking and telecommunications equipment;
- Vendor solutions that ensure compliance with requirements and cost-effectiveness;
- Enterprise IT standards across network security;
- Tier 2 & Tier 3 incident response;
- Key metrics and KPIs.
Ability to:
- Develop, test and deliver security solutions;
- Collaborate with others to design security solutions that incorporate present and future views of security;
- Lead the design and implementation of security solutions;
- Define and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment;
- Troubleshoot, diagnose and resolve high severity security issues or problems;
- Communicates effectively with engineers, managers and business/clinical teams;
- Directs efforts to identify discrepancies resulting from security audits;
- Review security information system schematics, diagrams, and other program documentation;
- Design security solutions;
- Certify security functionality of components and services;
- Perform capacity and future growth planning of the enterprise security infrastructure;
- Evaluate services provided by vendors and recommend changes;
- Implement security solutions;
- Review audit trails to detect potential security violations;
- Verify security systems;
- Validate baseline security configurations for operating systems, applications, networking and telecommunications equipment;
- Monitor security tools, troubleshoot security problems and incidents, identify security gaps, and evaluate and implement enhancements;
- Communicate effectively with customers and others;
- Evaluate vendor solutions to ensure compliance with requirements and cost-effectiveness;
- Maintain enterprise IT standards across the network security;
- Manage Tier 2 & Tier 3 incident response;
- Review privileges and permission of users;
- Track and monitor on key metrics and KPIs.
The County offers comprehensive first-class medical, dental, and vision benefits plans for County employees and their dependents, including plans with no deductibles, no co-pays, no co-insurance, and no prescription drug co-pays. Learn more
The County also offers generous paid time off with significant vacation, sick time, and 13 paid County holidays annually! Details are included in the with the bargaining unit applicable to the job classification.
In addition to the amazing perks above, the County also offers the additional benefits below.
Retirement Benefits
The County offers robust retirement plans including a (similar to the private sector's 401(k) plan) and the In addition to lifetime retirement income available through the CalPERS pension plan, the 457(b) Deferred Compensation plan provides a great way to save for retirement and supplement the defined benefit pension available to employees. These plans help our employees build a plan for their future and contribute to their family's long-term financial well-being.
Health Flexible Spending Account
The empowers employees to manage healthcare expenses efficiently with tax-free contributions (up to $3,200 for the 2024 calendar year). Secure tax-free solutions for your healthcare expenses and enjoy the flexibility to manage your healthcare finances effectively with the HFSA.
Dependent Care Assistance Program (DCAP)
The enables employees to utilize tax-free funds for dependent care services, facilitating a convenient and cost-effective approach for managing your dependent care expenses. The County also offers the , an employer-funded DCAP, for employees with annual income under $120,000.
Life and AD&D
The County offers life and disability benefits including , Insurance, These benefits ensure financial security and income support when you and your family need it most.
Employee Assistance Program (EAP)
The County prioritizes employee mental health and well-being and offers a top-tier through Concern providing confidential counseling sessions covering stress, anxiety, relationships, grief, as well as financial/legal services, personal coaching, child and elder care referrals, and comprehensive crisis support.
Employee Wellness
The offers free wellness programing, fitness classes and resources; including Elevate My Wellness an all-in-one platform designed to elevate your well-being journey.
Education Reimbursement
A generous program is available, including Education Reimbursement for employees seeking additional training and professional development.
NOTE: Benefit and Retirement information may vary from bargaining unit to bargaining unit. Due to changes in State Law, current pension provisions described in the union contracts are not automatically applied. Specific pension benefits for new hires who start on or after January 1, 2013 may be different than indicated in the union contracts.
Click here to access all Memoranda of Understanding and most recent Summary of Changes.
01
Completion of the following supplemental questions is REQUIRED and is an integral part of the recruitment evaluation process. Initially, it will be used to determine if an application Passes or Fails at the review stage. For those applications passing employment standards, this information could be critical in subsequent assessments. Answers should be as complete as possible, a response of "see resume" or "see application" will deem an application incomplete and the application will be rejected.
When prompted to describe your experience, please include a detailed description in the following format for EACH employer referenced:
a) Employer name
b) Job title
c) Description of work performed, pertaining to the question asked.
Do you understand the requirement to provide complete answers?
- Yes
- No
02
What is the highest level of education you have completed?
- High School or GED equivalent
- College (1 to 29 semester units / 1 to 44 quarter units)
- College (30 to 59 semester units / 45 to 89 quarter units)
- College (60 to 89 semester units / 90 to 134 quarter units)
- College (90 to 119 semester units / 135 to 179 quarter units)
- College (120 or more semester units / 180 or more quarter units)
- Associate's Degree
- Bachelor's Degree
- Master's Degree
- Doctoral Degree
03
Do you possess a Bachelor's Degree or higher in Computer Science, Information Systems, or other related field?
- Yes
- No
04
If you answered no to the question above, or have a related degree, please list the field your degree is in.
05
How many years of work experience do you have performing analytical, administrative, lead, supervisory, or management duties? Relevant experience includes interpreting rules and regulations, gathering data, formulating recommendations, and report writing.
- No experience
- Less than one year
- One to less than two years
- Two to less than three years
- Three to less than four years
- Four to less than five years
- Five or more years
06
Describe your supervisory experience. For each position in which you supervised staff, specify the number of staff you supervised, the position title(s) of the staff you supervised, and your experience with hiring, training, mentoring, evaluating, and disciplining staff. Response must include the name of employer(s), job title(s), dates of employment and total hours worked per week. If no experience, type "N/A".
07
How many years of work experience do you have combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification?
- None to less than nine years of experience
- Nine to less than ten years of experience
- Ten to less than eleven years of experience
- Eleven to twelve years of experience
- Twelve years or more of experience
08
Describe your work experience of combined IT and security work experience with a broad range of exposure to systems analysis, application development, and/or systems administration, with at least three (3) years of experience at a level comparable to the County's IT Security Engineer classification. Response must include the name of employer(s), job title(s), dates of employment and total hours worked per week. If you do not have this experience, type "N/A".
09
Select the IT Security field below in which you have the most experience in (select one):
- Cloud Security
- Computer Programming and/or scripting
- Cryptography
- Digital Forensics
- Governance, Risk, and Compliance (GRC)
- Incident Response
- IT Security Auditing
- IT Security Leadership/Executive
- IT Security Project Management
- Malware Analysis
- Penetration Testing
- Security Operations Center (SOC) Analyst
- Security Operations Center (SOC) Management
- None of the above
10
Select a major IT Security application/system that you have the most knowledge of (select one):
- Anti-virus application(s)
- Computer forensic tool(s)
- DDoS mitigation services/application(s)
- Email security and protection application(s)
- Firewalls/Routers
- Log aggregation and management system(s)
- Security and event management system(s)
- Security orchestration and automation system(s)
- Ticketing and incident management system(s)
- Vulnerability scanning application(s)
- Web Application Gateway(s)
- None of the above
11
Have you worked on a major IT Security initiative from initial idea to operationalizing?
- Yes
- No
12
If you selected yes to the question above, which best describes your role in the major IT Security initiative (select one):
- Executive/leadership oversight
- Executive/leadership sponsor
- Implementer
- IT Project lead
- IT Project manager
- IT Security Architect
- IT Security Engineer
- IT Security Manager
- Network Architect
- Network Engineer
- Operationalizing
- Technology researcher
- Not Applicable
13
Do you have hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.?
- Yes
- No
14
Describe your work experience leading the development, design, testing, delivery and implementation of security solutions which included defining and validating baseline security configurations for operating systems, applications, networking and telecommunications equipment. If you do not have such experience, type "N/A".
15
Describe your work experience facilitating partnerships and collaborating with multiple stakeholders throughout an organization including engineers, managers, and business/clinical teams. If you do not have such experience, type "N/A".
16
How did you find out about this job?
- Contacted by County Recruiter
- Contacted by a Recruitment Firm
- County Employee Referral
- County of Santa Clara Career Website
- County of Santa Clara Job Interests Email Notification
- Indeed
- Virtual Job Fair
- In Person Job Fair
- In-Person Networking Professional Event
- Virtual Networking Event
- Community Event
- Glassdoor
- Governmentjobs.com
- Professional Association
- Search Engine (Google, Bing, online search, etc.)
- Hospital Website: SCVMC, O'Connor Hospital, St. Louise Regional Hospital Website
- Handshake
- Student Career Center
- County Text Message
- Other (Specify in the next question)
17
If you selected an event/fair or other in the question above, please specify. If not, type "N/A".
Required Question