PRINCIPAL CYBERSECURITY ENGINEER Job at City and County of San Francisco in San

3 days ago Be among the first 25 applicants

Overview

San Francisco International Airport (SFO) is an enterprise department of the City and County of San Francisco. SFO has a workforce of approximately 1,900 City employees and is committed to being a diverse, equitable, and inclusive employer. Our mission is to deliver an airport experience where people and our planet come first.

APPOINTMENT TYPE: Permanent Exempt. This position is excluded by the Charter from the competitive civil service examination process and shall serve at the discretion of the Appointing Officer.

Details

• Application Opened: Monday, October 6, 2025
• Application Deadline: Thursday, October 16, 2025
• Compensation: $165,334 to $207,974 Annually
• Work Schedule: Full-time, 40 hours per week
• Work Location: San Francisco International Airport – ITT Division
• Recruitment ID: PEX-9976-160108

Position Summary

Under the direction of the Director, Cybersecurity and Compliance, the Principal Cybersecurity Engineer analyzes, plans, designs, implements, maintains, troubleshoots, and enhances the confidentiality, integrity, and availability of large complex systems and networks. This position contributes to the overall security of Airport information assets and technologies through the creation and ongoing support of preventative detective and corrective controls. The Principal Cybersecurity Engineer identifies, refines, and analyzes cybersecurity data across a wide variety of sources to report against agreed-upon key performance indicators measuring the efficacy of these controls. This position works closely with Airport's operations and engineering teams to remediate cybersecurity issues and concerns.

You are excited about this opportunity because you will:

• Serve as a primary subject matter expert for information security and cyber-security for SFO: maintain skills and expertise within areas of cybersecurity and information security for ICT and ICS environments. Contribute to requirements definitions on SFO initiatives and projects, including analysis of risks aligned with IT and OT reference architecture and standards.
• Work with clients to identify business and technical cybersecurity requirements. Determine cybersecurity requirements for the development or enhancement of large complex systems and networks that comprise the backbone of the Airport's information technology and infrastructure; determine the suitability of existing solutions to meet these requirements. Lead the design, implementation, and monitoring of all remote-access mechanisms associated with Airport information assets.
• Assess the effectiveness of existing processes, procedures, controls, and safeguards to prevent cyber-security breaches across SFO's infrastructure. Facilitate a consistent and positive security posture across multiple independent information systems throughout SFO. Assess and provide recommended cloud security controls to facilitate security of SFO cloud presence, including adequate accounting of data access controls. Identify and remediate threats and vulnerabilities to these assets.
• Maintain and continually improve SFO’s vulnerability management program, including patch management, vulnerability scanning, and reporting monthly status on the program’s effectiveness. Recommend and implement new or revised security measures based on risk analysis for purposes of protecting SFO information systems and resources, performing periodic analysis of security measure effectiveness, and documenting deviations from intended mitigation.
• Identify and respond to cybersecurity threats and incidents as directed by the Cybersecurity and Compliance Director. Provide technical expertise to enable the Airport’s ability to identify and remediate exploitable cyber-related vulnerabilities present within the SFO’s infrastructure including the ability to detect and block emerging cyberattacks as they occur. Review cybersecurity vulnerabilities, advisories, and alerts from various sources; determine applicability to Airport information systems and data, assess potential impact on operations; coordinate follow-up activities based on severity and exploitability. Provide technical expertise to enable incident response in line with US-CERT and DoJ guidelines.
• Lead the design, implementation, and monitoring of technical controls related to information security across all Airport divisions. Collaborate with engineering peers to analyze, detect, identify, and correct cybersecurity issues; oversee multiple cybersecurity projects to meet schedule, budget, and scope.
• Direct and coordinate cybersecurity reviews of software architecture, programs, and code; administer penetration testing of SFO networks and systems; ensure remediation from pen tests is documented and corrected in a timely fashion. Coordinate corrective measures while adhering to change control policies.
• Liaise with other Airport sections and City departments; maintain relationships with vendors and contractors; facilitate communication with federal agencies on information security matters.
• Prepare documentation related to cybersecurity standards and procedures; develop and review documentation prior to distribution. Demonstrate and provide training on cybersecurity technologies to IS and non-IS professionals; collaborate with vendors and support teams to resolve complex problems.
• Design and implement controls to protect confidentiality, integrity, and availability of Airport information systems, including SAML, encryption, SSH, SSL, multi-factor authentication; configure security products and monitor network performance with tools such as Splunk or SolarWinds; utilize packet capture tools like Wireshark.

Qualifications

• Education: An associate degree in computer science, computer engineering, software engineering, or a closely related field, or equivalent total credits/units (60 semester or 90 quarter credits with relevant coursework).
• Experience: Five (5) years of experience analyzing, installing, configuring, enhancing, and/or maintaining components of an enterprise network.
• Desirable Qualifications: Two (2) or more years of experience designing, implementing, and managing security policy on Palo Alto Networks firewalls; experience managing a vulnerability management program using tools such as Crowdstrike EDR/MDR; experience creating network and data-flow diagrams for firewall policies; experience with Microsoft Entra ID hybrid joined devices, Intune, and Windows Hello; experience contributing to large IT cybersecurity projects within a large government department; ability to obtain National Security Clearance.

Additional Information

Every application is reviewed to ensure minimum qualifications are met; review our Enrollment and Verification guidelines. Do not falsify education, training, or work experience. Resumes are not accepted in lieu of a complete application. Applications completed improperly may affect eligibility or scores. See notes on selection procedures and TSA security clearance requirements. CCSF is an equal opportunity employer and encourages diverse applicants.

How To Apply

Applications for City and County of San Francisco jobs are online. Visit the official SmartRecruiters page and follow instructions to apply. Applicants should ensure an accurate registered email and allow CCSF mail to pass through spam filters.

Analyst contact: Ronnie Jones at charon.jones@flysfo.com for questions regarding the recruitment or application process.

EEO and Compliance

All information will be kept confidential according to EEO guidelines. The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of sex, race, age, religion, or other protected category. See also Disability Accommodation, Right to Work, and Diversity statements on the city career site.