Information Technology Security Officer

Salary : $160,596.80 - $204,963.20 Annually
Location : CITY OF CARSON, CA
Job Type: FULL-TIME
Job Number: 2500300
Department: INFORMATION TECHNOLOGY & SECURITY
Opening Date: 06/18/2026
Closing Date: 7/3/2026 11:59 PM Pacific


THE POSITION
The City of Carson is now accepting applications for the position of Information Technology Security Officer

Applications will be accepted starting June 18, 2026, until July 03, 2026, at 11:59pm.
The ideal candidate will be a highly seasoned professional with a strong background working in a government agency or supporting public-sector clients. They will bring proven applied experience leading enterprise-level cybersecurity programs and possess deep expertise in cybersecurity incident response, vulnerability remediation, and cybersecurity risk assessment. In addition to their cybersecurity experience, they will have a strong background in network engineering, system administration with a focus on improving reliability due to implementation of cybersecurity and IT best practices.
Vacancy Information

There is one (1) current full-time (FLSA: Exempt) vacancy with a 4/10 schedule, working Monday through Thursday from 7:00 a.m. to 6:00 p.m. (including a 1-hour unpaid lunch break). Work hours and/or the work schedule may be adjusted based on the operational needs of the City. This position is fully on-site. Remote work is not available for this position.
Job Summary:

The purpose of this classification is to ensure the security operation of the City's data, computer systems, servers, and network connections. Employees in this classification are responsible for developing, planning, organizing, managing, implementing, maintaining, and performing cybersecurity risk analysis of systems; scrutinizing network traffic; establishing vulnerability scans; checking server and firewall logs; conducting user activity audits, and troubleshooting, as well as also analyzing and resolving security breaches and vulnerability issues in a timely and efficient manner This position will assist with developing IT security policies. Work is performed under general direction of the Director of Information and Technology with considerable latitude for the use of initiative and independent judgment.

ESSENTIAL DUTIES

Essential Duties and Responsibilities:

(These functions are representative and may not be present in all positions in the class. Management reserves the right to add, modify, change or rescind related duties and work assignments.)

• Plans, organizes, manages, and participates in the development, implementation, and monitoring of the City's information security programs, information technology risk management programs, and information security policies; supervises and reviews the work of professionals and serves as a subject matter expert in information security.
• Develops and executes a cyber security strategy that is aligned with internal stakeholders, organizational priorities, facilitates city operations, and meets industry standards.
• Directs and participates in the identification of security risks, development and implementation of security management practices, and the measurement and monitoring of security protection measures.
• Ensures compliance with regulatory requirements such as Criminal Justice Information Services (CJIS), Payment Card Industry Data Security Standards (PCI), Health Insurance Portability and Accountability Act (HIPAA), California Privacy Protection Agency, and federal, state, and local laws.
• Monitors agency infrastructure, devices, and information systems for security integrity; provides planning and guidance to information technology staff on vulnerability management and security incident response procedures.
• Oversees portfolio of cyber risk and security applications and procedures, implements new security processes and related technologies to ensure a continuous improvement of the City's cyber security posture.
• Oversees assigned staff in performing their responsibilities and provides guidance as necessary.
• Analyzes information, situations, problems, policies, and procedures to identify, recommend, and implement solutions systemically.
• Formulates, recommends, and executes enterprise-wide policies and procedures for detecting, deterring, and mitigating information security threats.
• Serves as a subject matter expert and internal consultant on data security implications for proposed information technology projects and programs and makes recommendations to align new technologies to security standards.
• Prepares oral and written reports for executive leadership, the City Manager's Office, and City Council.
• Develops cyber security, cyber risk, and security awareness training programs for City staff; monitors training effectiveness by documenting and reporting data point trends on user awareness and vulnerability assessments.
• Builds and maintains positive relationships with City stakeholders.
• Attends City/Industry-related functions.
• Performs other duties as required

QUALIFICATIONS

Qualification Guidelines:
A typical way to obtain the requisite qualifications to perform the duties of this class is as follows:

Education and/or Experience :

Option A:
Bachelor's degree in Business Administration, Computer Information Systems, Information Technology or closely related field from an accredited college or university and five (5) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment.


Option B
Master's degree in Computer Science or closely related field is highly desirable from an accredited college or university and four (4) years of paid experience performing IT security management; and at least two (2) years in an administrative or management capacity responsible for cyber security risk assessment, implementation of security management practices, monitoring of security protection measures, managing SIEM, vulnerability management, and other security tools in an enterprise environment.


Knowledge of:

• Computers and Electronics: Electric circuit boards, processors, chips, and computer hardware and software
• Principles, methods, and practices of systems/network administration and maintenance.
• Agency policies and procedures and practices regarding data security.
• Network security design principles, practices, and related tools and software.

Skills and/or Ability to:

• Ability to objectively assess situations or circumstances using all the relevant information, apply experience, evaluate the problem objectively, calculate risks, and make an ethical and informed decision.
• Manage the performance of staff by coaching for performance.
• Motivating, developing, and directing people as they work.
• Acknowledge, value and support diversity of thought, opinion and approach with customers and colleagues regardless of background, culture and organizational level.
• Execute work that adheres to the City's stated principles of Diversity, Equity, and Inclusion including, but not limited to, your "duty to act" to ensure fair and equitable treatment of all persons and historically underrepresented groups.
• Fostering an inclusive and supportive environment in which everyone in the City has an opportunity to thrive.
• Incorporating an equity perspective to day-to-day work in all responsibilities, decisions and actions of providing public service.
• Effectively communicating information and ideas in writing, as well as through speech, so others will understand.
• Persuasion: Convincing others to approach things differently.
• Working independently and with minimal supervision.
• Speech recognition: Identifying and understanding the speech of another person.
• Project analysis; weighing the costs/benefits of a potential action.

License and/or Certificate:

Possession of at least one of the following certifications is required:
Certification as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Certified Information Security Manager (CISM), Certified Risk and Information Systems Control (CRISC), or equivalent information security certification.

WORKING CONDITIONS

Physical Requirements and Working Conditions:
Employee accommodation(s) for physical or mental disabilities will be considered on a case-by-case basis. Positions in this class normally:

• Require vision (which may be corrected) to read small print.
• Require mobility of arms to reach and dexterity of hands to grasp and manipulate small objects.
• Perform work which is primarily sedentary.
• Is subject to the internal environmental conditions of modern and aged public buildings, facilities and physical structures and HVAC systems.
• May be required to work at a computer terminal for prolonged periods.
• May be required to work evenings and/or weekends.

Recruitment Process: This recruitment will close at 11:59 pm on July 03 , 2026 . The City of Carson reserves the right to close this recruitment at any time once a sufficient number of qualified applications have been received. To be considered, please submit an online application, including a cover letter, resume, and proof of education in PDF format. Applications that fail to include all necessary documents will be considered incomplete and will not be taken into consideration. Applications will be reviewed for depth and breadth of experience, and for level and relatedness of education. The most qualified candidates will be invited to participate in the recruitment process, which will consist of the following sections:

• SME Review, no weight
• Oral Exam, weighted 100%
• Final Selection Interview

The Human Resources Department reserves the right to adjust, modify, delete and/or change the above exam types and/or weights. Supplemental questionnaires are used to evaluate applicant's indicated abilities with the ideal candidate profile. The Human Resources Department reserves the right to invite those amongst the highest scoring to the next phase of the recruitment.


Appointment:

Any offer of employment, or acceptance of an employment offer, is contingent upon passing live scan, background check and other required tests. All new employees are required to take a loyalty oath.
Other Information:

The City of Carson is an Equal Opportunity Employer , dedicated to fostering a diverse and inclusive workplace. We believe in the strength that comes from different perspectives and experiences, and we are committed to building a workforce that reflects the vibrant diversity of our community. This commitment is embraced at all levels of our organization, from our management staff to our policymakers. We partner with our staff and community organizations to ensure our policies and practices remain transparent and equitable. As part of this commitment, we regularly publish updated demographic information on our workforce, including data on diversity and pay equity by race and gender.


In accordance with the California Fair Chance Act, the City of Carson will consider all qualified applicants, including those with a criminal history. Applicants are not required to disclose their criminal history or undergo a background check until receiving a conditional job offer. If any concerns arise from a background check, and the conviction is directly related to the role, applicants will have the opportunity to provide context, present mitigating evidence, or dispute the report's accuracy. For more information about the Fair Chance Act, please visit


The City of Carson intends to provide reasonable accommodations in accordance with the Americans with Disabilities Act of 1990. If you need a special accommodation during the recruitment process or would like this information in an alternative format, please contact Human Resources at View phone number on click.appcast.io.

IMPORTANT NOTICE : This recruitment is open.


CURRENT CITY OF CARSON EMPLOYEES: Please do not use your City of Carson email address as part of this application. You must indicate a personal email address in order to receive communication and/or notices from Human Resources throughout the recruitment process.

For more information, please click on the link below.
01


The following supplemental questions will be used to assist us in screening your application. You are required to answer each of the following questions truthfully and completely. This questionnaire will be used to determine if you meet the minimum qualifications for this job. Your responses to this questionnaire may also be used to evaluate your qualifications beyond the minimum requirements, as part of the application screening process. As such, please take the time necessary to answer the questions thoroughly. Applications submitted without a completed supplemental questionnaire, or those that say see resume or application, may not be considered. It is imperative that your responses to the questionnaire provide a true and accurate reflection of your background. Additionally, your answers MUST be supported by the information you have entered in your general application. Responses which cannot be substantiated by information contained in your application will be deemed invalid. Falsification, exaggeration and misrepresentation will result in your disqualification. Your responses will be evaluated as submitted. Do you agree to answer the following questions truthfully and completely AND understand that falsification or overstatement of your qualifications is grounds for disqualification of your application?

• Yes
• No

02


Please select the option that best describes your education and experience :(Proof of education must be attached at the time of submission with your application)

• Option A: Bachelor's degree in Business Administration, Computer Information Systems, Information Technology, or a closely related field AND five (5) years of IT security management experience AND two (2) years in an administrative/management cybersecurity role.
• Option B: Master's degree in Computer Science or a closely related field AND four (4) years of IT security management experience AND two (2) years in an administrative/management cybersecurity role.
• I do not meet either option.

03


Please indicate which, if any, of the following certifications you currently hold:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Global Information Assurance Certification (GIAC)
• Certified Ethical Hacker (CEH)
• Computer Hacking Forensic Investigator (CHFI)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Equivalent information security certification (please specify on next question)
• I do not currently hold any of these certifications

04


If you indicated that you possess an equivalent Information Security certification in the previous question, please specify the name of the certification and include the year obtained:
05


Do you have professional experience working in a government agency?

• Yes - 3 or more years
• Yes - 1-2 years
• No

06


Which of the following regulatory frameworks or standards have you worked with in a professional capacity? (Select all that apply)

• CJIS (Criminal Justice Information Services)
• PCI DSS (Payment Card Industry Data Security Standard)
• HIPAA
• California Privacy Protection Act (CPPA)
• Other federal, state, or local data security regulations
• None

07


Which of the following security tools have you actively managed or configured? (Select all that apply)

• SIEM
• Vulnerability Management Tools (e.g., Qualys, Nessus)
• Firewall / IDS / IPS management
• Endpoint Detection & Response (EDR) tools
• Other security monitoring tools
• None

08


Have you supervised or led a cybersecurity or IT security team?

• Yes
• No

09


Are you comfortable presenting cybersecurity concepts and recommendations to non-technical stakeholders, such as executive leadership or elected officials?

• Yes-frequently
• Yes-occasionally
• No

10


This position requires full-time work onsite at our office. Are you able to commit to working onsite as required?

• Yes
• No

11


Did you attach your proof of education and certifications? (Please note proof is required at the time of application)

• Yes
• No

Required Question