Responsibilities

Under the direction of Cyber Security Defense Operations Manager, you will

• Identify log sources required for sufficient visibility into security events
• Work with City Departments to collect the identified logs
• Perform ETL functions necessary for consumption of the logs into the SEIM.
• Perform tuning of the SIEM filters and correlations to continuously improve monitoring.
• Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders.
• Ensure that Service Level Agreements are met.
• Maintain standard operating procedures, processes, and guidelines.
• Automate security analysis, administration and remediation procedures, workflows and tasks.
• Maintain awareness of trends in security regulatory, technology, and operational requirements.
• Participate in audits.
• Provide 24-hour on-call support to ensure rapid recovery from software or hardware problems for mission-critical systems and networks.

Requirements

This role is not fully remote, but the incumbent may adopt a hybrid schedule with supervisor approval.

If hired, the incumbent must be a resident of California or relocate within 4 weeks.

An associate degree in computer science, or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in computer science or a closely-related field].

Substitution:

Experience in analyzing, installing, configuring, enhancing and/or maintaining the components of an enterprise network may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in computer science or a closely related field.

Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree.

About SAN FRANCISCO DEPARTMENT OF TECHNOLOGY

Why Work for the Department of Technology (DT)? DT is the centralized technology services provider in the City and County of San Francisco (CCSF). We deliver technology infrastructure and services to approximately 33,000 employees! With an annual operating budget of over $140M and approximately 260 employees, DT provides a host of services that range from Public Safety radio and wiring and Network services to Enterprise Support and the Cloud.

Benefits of Working for CCSF:  In addition to challenging and rewarding work, the City provides a generous suite of benefits to its employees.

• Job security, pension, and robust retirement options
• Competitive pay with consistent bi-yearly or yearly increases
• Hybrid Work with a minimum of 20% of time spent in our office in San Francisco, California for all IT related roles
• Generous paid time off, family leave, and more!
• Diverse work environment in a diverse city
• Union protections and representation
• Career development and growth — move between departments, learn on the job, or take subsidized/reimbursed classes!

PEOPLE-CENTERED SOLUTIONS — have a powerful, meaningful effect on the community each day with people at the heart of every solution!

CLOSING THE DIGITAL DIVIDE — bring the benefits of the internet to low-income and marginalized residents!

SHINE A LIGHT ON WHAT MATTERS — join an award-winning production team at SFGovTV to help residents watch legislators or learn more about what makes this City great!

DRIVE INNOVATION — deliver new, cutting-edge technology to residents and city partners to help San Francisco serve its residents!