County of Orange
Information Technology Security Manager (Technology Services Administrator)
County of Orange, Santa Ana, California, United States, 92725
Information Technology Security Manager (Technology Services Administrator)
OPEN TO THE PUBLIC
This recruitment will establish an Open eligible list used to fill current and future Information Technology Security Manager (Technology Services Administrator) vacancies within Auditor-Controller. This recruitment may also be used to fill positions in similar and/or lower classifications throughout the County of Orange.
DEADLINE TO APPLY
Qualified applicants are encouraged to apply immediately, as the recruitment will close on
WEDNESDAY, NOVEMBER 19, 2025, at 11:59 PM (PT).
ORANGE COUNTY Orange County is a destination region with diverse communities, schools, and attractions. Learn more about the County of Orange.
AUDITOR-CONTROLLER The Auditor-Controller Department is committed to serving Orange County by ensuring accountability over public spending, transparency of Taxpayer dollars, and engaging the public in government. We carry out our vision and mission by conducting the Public's business with the highest ethical and due diligence standards by supporting ethical and responsible financial decisions throughout the County.
THE OPPORTUNITY
The Auditor-Controller (A-C) is seeking a talented Information Technology (IT) professional with a strong background in data security and excellent analytical and communication skills to perform a variety of professional, technical, and analytical duties for the Security and Workflow team.
The Information Technology Security Manager for the Security and Workflow team supports the county-wide ERP financial, human resources, payroll, and procurement systems and other A-C supported applications to ensure appropriate internal controls, applicable functionality, policy, procedures and standards are compliant, consistent, support business needs, and mitigate risks while promoting business efficiencies and meeting industry standards.
The incumbent will be responsible for the following duties that are related to security and workflow:
Cybersecurity Program Support.
Provide operational services to ensure compliance with policies for the management of assets, controls, configurations, changes, vulnerabilities, incidents, risks, service continuity and external dependencies. Provide input into the strategic, tactical, and IT operational plans that help to determine the IT security direction, policy, standards, and objectives for county-wide and agency-specific data governance. Align cybersecurity and privacy principles with organizational business requirements, relevant to upholding confidentiality, integrity, and availability of information assets. Develop, maintain, and enforce security policies, procedures, standards, baselines, and guidelines. Work with county managers, department directors, and stakeholders to assess business requirements and implement security safeguards, countermeasures, and continuity operations. Maintain various technology disciplines and experiences including the design of security architecture for databases, platforms, and applications.
Project Support and Consultation.
Provide information and technology security analysis, recommendations and guidance on technical design, access, testing and deployment strategies. Coordinate with functional, technical and operational teams on system changes and enhancements. Identify information and technology security requirements and assess the status of existing security architecture and technologies. Prioritize proposed IT security improvement efforts to meet customer business needs.
Audit Support.
Provide audit support and information gathering. Coordinate with other units and departments on audit research, response and implementation. Rectify audit findings related to security and workflow. Implement, review, and manage auditing of security event logs, including methods of aggregation and data correlation for reporting and analysis.
DESIRABLE QUALIFICATIONS & CORE COMPETENCIES
The ideal candidate will demonstrate at least four (4) years of professional technical experience and a bachelor’s degree or higher in Cybersecurity, Information Technology, Computer Science or a closely related field which provides the required knowledge, skills, and abilities to perform the job's essential functions.
Technical Knowledge | Technical Experience
Knowledge of principles and practices of enterprise resource planning system (ERP) and related system and security management, including ERP system backend processes, data and control flow, implementation methodology and software development cycles
Knowledge of principles and practices of data security, including database administration, data classification, encryption, integrity controls, security controls, and handling requirements for sensitive information
Proficiency in access control mechanisms, data management, auditing, and backup/recovery strategies within both on-premises and cloud database environments
Proficiency in technical system configurations including system roles, access and workflow configurations
A strong understanding of internal controls, segregation of duties and risk management
Problem Solving and Analysis
Ability to assess and analyze complex and challenging issues and communicate information and actions needed in a timely and responsive manner
Ability to independently conduct research and accurately interpret relevant data to formulate recommendations for modifying program policies, procedures, and requirements
Ability to work in a time sensitive environment, to multi-task, while handling and prioritizing multiple projects and to meet deadlines with accurate and complete work product
Ability to develop new IT security improvements while complying with policies, standards, and objectives
Effective Communication
Strong ability to effectively communicate complex information in a clear and concise manner based on the audience needs
Ability to understand and meet the needs of varied departmental team members
Ability to work effectively with various levels of organization, including staff, supervisors, and upper-level management
Ability to prepare and present complex reports to various levels of staff including management and executives
MINIMUM QUALIFICATIONS
Click here to learn about the minimum qualifications for the Technology Services Administrator position, including physical and environmental conditions.
NOTE:
Foreign degrees require an evaluation of U.S. equivalency by an agency that is a member of the National Association of Credential Services (N.A.C.E.S.).
RECRUITMENT PROCESS
Human Resource Services (HRS) screens all application materials for minimum and desirable qualifications. After screening, candidates who meet the minimum and desirable qualifications will be referred to the next step in the recruitment process. All candidates will be notified via email of their status in the process.
Application Screening (Refer/Non-Refer): Applications and supplemental responses will be screened for qualifications that are highly desirable and most needed to successfully perform the duties of this job. Only those applicants that meet the qualifications as listed in the job bulletin will be referred to the next step.
Application Appraisal Panel | Application Screening (Weighted 100%): Applications and supplemental responses will be screened/rated for qualifications that are highly desirable and most needed to successfully perform the duties of this job. Only those candidates that meet the desirable qualifications listed in the job bulletin will be placed on the eligible list.
Veterans Employment Preference Policy (VEPP)
The County is committed to providing a mechanism to give preferential consideration in the employment process to veterans and their eligible spouses and will provide eligible participants the opportunity to receive interviews in the selection process for employment and paid internship openings. Please review the policy in the VEPP section above.
EMAIL NOTIFICATION
Email is the primary form of notification during the recruitment process. Please ensure your correct email address is included in our application and use only one email account.
NOTE : User accounts are established for one person only and should not be shared with another person. Multiple applications with multiple users may jeopardize your status in the recruitment process for any positions for which you apply.
Candidates will be notified regarding their status as the recruitment proceeds via email through the GovernmentJobs site. Please check your email folders, including spam/junk folders, and/or accept emails ending with governmentjobs.com and ocgov.com. If your email address should change, please update your profile at governmentjobs.com.
FREQUENTLY ASKED QUESTIONS
For additional information, please contact Sam Apraku at 714-834-3116 or at Samuel.Apraku@ac.ocgov.com.
Orange County, as an equal employment opportunity employer, encourages applicants from diverse backgrounds to apply.
#J-18808-Ljbffr
This recruitment will establish an Open eligible list used to fill current and future Information Technology Security Manager (Technology Services Administrator) vacancies within Auditor-Controller. This recruitment may also be used to fill positions in similar and/or lower classifications throughout the County of Orange.
DEADLINE TO APPLY
Qualified applicants are encouraged to apply immediately, as the recruitment will close on
WEDNESDAY, NOVEMBER 19, 2025, at 11:59 PM (PT).
ORANGE COUNTY Orange County is a destination region with diverse communities, schools, and attractions. Learn more about the County of Orange.
AUDITOR-CONTROLLER The Auditor-Controller Department is committed to serving Orange County by ensuring accountability over public spending, transparency of Taxpayer dollars, and engaging the public in government. We carry out our vision and mission by conducting the Public's business with the highest ethical and due diligence standards by supporting ethical and responsible financial decisions throughout the County.
THE OPPORTUNITY
The Auditor-Controller (A-C) is seeking a talented Information Technology (IT) professional with a strong background in data security and excellent analytical and communication skills to perform a variety of professional, technical, and analytical duties for the Security and Workflow team.
The Information Technology Security Manager for the Security and Workflow team supports the county-wide ERP financial, human resources, payroll, and procurement systems and other A-C supported applications to ensure appropriate internal controls, applicable functionality, policy, procedures and standards are compliant, consistent, support business needs, and mitigate risks while promoting business efficiencies and meeting industry standards.
The incumbent will be responsible for the following duties that are related to security and workflow:
Cybersecurity Program Support.
Provide operational services to ensure compliance with policies for the management of assets, controls, configurations, changes, vulnerabilities, incidents, risks, service continuity and external dependencies. Provide input into the strategic, tactical, and IT operational plans that help to determine the IT security direction, policy, standards, and objectives for county-wide and agency-specific data governance. Align cybersecurity and privacy principles with organizational business requirements, relevant to upholding confidentiality, integrity, and availability of information assets. Develop, maintain, and enforce security policies, procedures, standards, baselines, and guidelines. Work with county managers, department directors, and stakeholders to assess business requirements and implement security safeguards, countermeasures, and continuity operations. Maintain various technology disciplines and experiences including the design of security architecture for databases, platforms, and applications.
Project Support and Consultation.
Provide information and technology security analysis, recommendations and guidance on technical design, access, testing and deployment strategies. Coordinate with functional, technical and operational teams on system changes and enhancements. Identify information and technology security requirements and assess the status of existing security architecture and technologies. Prioritize proposed IT security improvement efforts to meet customer business needs.
Audit Support.
Provide audit support and information gathering. Coordinate with other units and departments on audit research, response and implementation. Rectify audit findings related to security and workflow. Implement, review, and manage auditing of security event logs, including methods of aggregation and data correlation for reporting and analysis.
DESIRABLE QUALIFICATIONS & CORE COMPETENCIES
The ideal candidate will demonstrate at least four (4) years of professional technical experience and a bachelor’s degree or higher in Cybersecurity, Information Technology, Computer Science or a closely related field which provides the required knowledge, skills, and abilities to perform the job's essential functions.
Technical Knowledge | Technical Experience
Knowledge of principles and practices of enterprise resource planning system (ERP) and related system and security management, including ERP system backend processes, data and control flow, implementation methodology and software development cycles
Knowledge of principles and practices of data security, including database administration, data classification, encryption, integrity controls, security controls, and handling requirements for sensitive information
Proficiency in access control mechanisms, data management, auditing, and backup/recovery strategies within both on-premises and cloud database environments
Proficiency in technical system configurations including system roles, access and workflow configurations
A strong understanding of internal controls, segregation of duties and risk management
Problem Solving and Analysis
Ability to assess and analyze complex and challenging issues and communicate information and actions needed in a timely and responsive manner
Ability to independently conduct research and accurately interpret relevant data to formulate recommendations for modifying program policies, procedures, and requirements
Ability to work in a time sensitive environment, to multi-task, while handling and prioritizing multiple projects and to meet deadlines with accurate and complete work product
Ability to develop new IT security improvements while complying with policies, standards, and objectives
Effective Communication
Strong ability to effectively communicate complex information in a clear and concise manner based on the audience needs
Ability to understand and meet the needs of varied departmental team members
Ability to work effectively with various levels of organization, including staff, supervisors, and upper-level management
Ability to prepare and present complex reports to various levels of staff including management and executives
MINIMUM QUALIFICATIONS
Click here to learn about the minimum qualifications for the Technology Services Administrator position, including physical and environmental conditions.
NOTE:
Foreign degrees require an evaluation of U.S. equivalency by an agency that is a member of the National Association of Credential Services (N.A.C.E.S.).
RECRUITMENT PROCESS
Human Resource Services (HRS) screens all application materials for minimum and desirable qualifications. After screening, candidates who meet the minimum and desirable qualifications will be referred to the next step in the recruitment process. All candidates will be notified via email of their status in the process.
Application Screening (Refer/Non-Refer): Applications and supplemental responses will be screened for qualifications that are highly desirable and most needed to successfully perform the duties of this job. Only those applicants that meet the qualifications as listed in the job bulletin will be referred to the next step.
Application Appraisal Panel | Application Screening (Weighted 100%): Applications and supplemental responses will be screened/rated for qualifications that are highly desirable and most needed to successfully perform the duties of this job. Only those candidates that meet the desirable qualifications listed in the job bulletin will be placed on the eligible list.
Veterans Employment Preference Policy (VEPP)
The County is committed to providing a mechanism to give preferential consideration in the employment process to veterans and their eligible spouses and will provide eligible participants the opportunity to receive interviews in the selection process for employment and paid internship openings. Please review the policy in the VEPP section above.
EMAIL NOTIFICATION
Email is the primary form of notification during the recruitment process. Please ensure your correct email address is included in our application and use only one email account.
NOTE : User accounts are established for one person only and should not be shared with another person. Multiple applications with multiple users may jeopardize your status in the recruitment process for any positions for which you apply.
Candidates will be notified regarding their status as the recruitment proceeds via email through the GovernmentJobs site. Please check your email folders, including spam/junk folders, and/or accept emails ending with governmentjobs.com and ocgov.com. If your email address should change, please update your profile at governmentjobs.com.
FREQUENTLY ASKED QUESTIONS
For additional information, please contact Sam Apraku at 714-834-3116 or at Samuel.Apraku@ac.ocgov.com.
Orange County, as an equal employment opportunity employer, encourages applicants from diverse backgrounds to apply.
#J-18808-Ljbffr