Cybersecurity Engineer

Department: Information Technology Location: San Diego, CA Job Type: Full-Time Work Model: Hybrid (2 days in office per week) **A 4% Cost of Living Adjustment will be applied to all salaries effective July 1, 2026. About the San Diego Housing Commission (SDHC) The San Diego Housing Commission (SDHC) is an award-winning public agency that provides housing assistance and homelessness solutions for low-income households. SDHC supports more than 17,000 households annually and helps create and preserve over 23,000 affordable rental units citywide. Technology plays a critical role in ensuring these programs operate efficiently and effectively. Compensation & Benefits SDHC offers a competitive salary and an exceptional benefits package, including: 9/80 compressed work schedule (office closed every other Friday) 14 paid holidays Employer-paid pension contribution Sharp or Kaiser medical plans, dental, vision Tuition reimbursement Wellness programs and rewards Additional benefits as detailed on SDHC’s employee benefits page. Why Join SDHC? This role directly supports SDHC’s mission to improve housing outcomes for thousands of San Diego residents. You’ll have the opportunity to: Make meaningful community impact through technology Work with multiple departments on varied, high-visibility projects Grow your skills with enterprise systems and modern AI tools Develop your career in a collaborative, mission-driven environment. Position Summary: We’re seeking a Cybersecurity Engineer to enhance and evolve our established security program. In this role, you’ll build on existing security capabilities to ensure we stay ahead of emerging threats while designing, implementing, and maintaining security architectures across our systems, networks, and cloud platforms. Working closely with IT leadership, system administrators, and application developers, you’ll shape improvements in vulnerability management, threat detection, incident response, automation, and compliance. This is a high-impact, hands-on technical role where your expertise will directly strengthen the resilience and future-readiness of our technology environment Examples of Essential Job Functions Research, Design, implement, and maintain security architectures, systems (firewalls, intrusion detection/prevention systems, endpoint protection, VPNs, encryption, secure access solutions), and tools. Develop and deploy network security measures. Conduct regular vulnerability assessments, penetration testing, security scans, risk assessments, and monitoring. Develop and implement strategies to mitigate identified vulnerabilities and ensure timely patch management. Monitor security systems and logs for threats and anomalies, respond to security incidents, and provide forensic investigations. Configure, manage, and utilize security tools and technologies, including security and compliance scanners and monitors. Automate security processes, workflows, and scanning. Analyze threat intelligence reports and adjust security measures accordingly. Stay current with emerging threats, vulnerabilities, and attack vectors. Ensure compliance with regulatory standards, and guides. Develop and maintain security documentation. Collaborate closely with System Administrators, Help Desk, and application development teams to ensure organizational compliance across the network infrastructure. Maintain incident response and disaster recovery (DR) plans and coordinate annual tests on both Provide senior leaders and executives with concise and relevant information to support informed risk management decisions regarding technology and information processing. Possess excellent analytical, verbal and written communication skills to accurately document, report, and present findings to a variety of audiences including senior management. Excellent interpersonal skills to influence and guide all levels of employees, including senior managers. Performs other duties as assigned. Typical Qualifications Knowledge of: Operational characteristics, services, and activities of iinformation technology. Proficiency in network security concepts and protocols. Experience with cloud security platforms (AWS, Azure). Knowledge of operating systems (Windows, Mac, Linux, Android, Apple) and their security configurations. Design, operations, properties, and capabilities of networks and network cabling. Familiarity with threat intelligence platforms and tools. Experience with incident response and forensic investigations. Applicable Federal, State, and local laws, regulatory codes, ordinances, and procedures relevant to assigned area of responsibility. Techniques for providing a high level of customer service by effectively dealing with the public, vendors, contractors, and Commission staff. Deep understanding of security architectures, systems, and tools (firewalls, IDS/IPS, endpoint protection, VPNs, encryption, SIEM, vulnerability scanners, penetration testing tools, etc.) English usage, grammar, spelling, vocabulary, and punctuation. Ability to: Conduct complex research projects on a wide variety of cybersecurity issues, evaluate alternatives, make sound recommendations, and prepare effective technical reports. This includes analyzing threat intelligence, vulnerability assessments, and security incident data. Coordinate and plan security-focused projects, including application security enhancements, vulnerability remediation efforts, and security tool deployments. Research, develop, and recommend cost-effective technical security system improvements, including new tools, technologies, and processes. Prepare clear and concise security documentation, including incident response plans, security procedures, vulnerability reports, and presentations. Assist in the development and delivery of security awareness training programs for staff. Analyze and troubleshoot security incidents, using logic and expertise to solve problems and contain threats. Participate in forensic investigations as needed. Contribute to the establishment and maintenance of a security patching and vulnerability management schedule. Collaborate with the infrastructure team on system patching and updates as needed. Interpret, explain, and ensure compliance with relevant cybersecurity policies, procedures, laws, codes, regulations, and industry standards. Maintain accurate records of security incidents, vulnerability assessments, and other relevant security data. Organize and prioritize a variety of security projects and tasks effectively and meet deadlines. Use English effectively to communicate in person, over the telephone, and in writing, including explaining complex technical issues to non-technical audiences. Use tact, initiative, prudence, and independent judgment within established policy, procedural, and legal guidelines. Establish, maintain, and foster positive working relationships with those contacted in the course of work, including systems administrators, application developers, and other stakeholders. Maintain strict confidentiality and adhere to Commission policies, procedures, and administrative regulations. Develop, document, and maintain security policies, procedures, and associated training plans. Provide support to the infrastructure team for system administration tasks, including software and hardware improvements, upgrades, patches, reconfigurations, backups, and restores, as needed to ensure security coverage. This is a secondary responsibility. Represent the Commission as a technical expert on external projects related to cybersecurity. Identify security issues, analyze and interpret data, and develop innovative solutions to complex matters. Contribute to the development of new security processes or systems and resolve complex technical problems. Serve as a leader on security projects and be a technical expert in one or more cybersecurity areas. Education and Experience: Equivalent to graduation from an accredited four-year college or university with major coursework in Computer Science, Cybersecurity, Information Systems, or a related field. Licenses and Certifications: Possession of, or ability to obtain, a valid California Driver’s License by time of appointment