City and County of San Francisco
Chief Information Security Officer (0933 Manager V) - Department of Public Healt
City and County of San Francisco, San Francisco, California, United States, 94199
Chief Information Security Officer (0933 Manager V) - Department of Public Health
Join to apply for the
Chief Information Security Officer (0933 Manager V) - Department of Public Health
role at
City and County of San Francisco
Company Description
The Department of Public Health prioritizes equitable and inclusive access to quality healthcare for its community and values the importance of diversity in its workforce. All employees at the Department of Public Health work to advance equity, inclusion, and diversity with a specific lens and focus on race, ethnicity, gender, sex, sexuality, disability, and immigration status.
Key Dates & Salary
Application Opening: Friday, November 21, 2025
Application Deadline: Application filing will close on or after Friday, January 9, 2026
Salary: $180,440 - $230,308 Annually (Range A)
Appointment Type: Permanent Civil Service
Recruitment ID: PBT-0933-160818
San Francisco Department of Public Health (SFDPH) mission: to protect and promote the health of all San Franciscans. SFDPH works through divisions including the San Francisco Health Network, Population Health Division, Behavioral Health Services, and Central Administration.
Job Description The San Francisco Department of Public Health is seeking a dynamic and experienced cybersecurity professional to join its IT leadership team. As a key strategic leader, the Chief Information Security Officer (CISO) (0933 Manager V) will be responsible for developing and executing a comprehensive information security strategy that safeguards the department’s systems, data, and services.
This role leads the implementation of an enterprise-wide security program that promotes collaboration, strengthens governance, and aligns cybersecurity initiatives with organizational goals. The CISO serves as a trusted advisor to senior leadership, providing expert guidance on risk management, security investments, and policy development. The CISO oversees a team of cybersecurity professionals within the SFDPH IT division and collaborates extensively with the CISO for the City and County of San Francisco.
The CISO reports directly to the Chief Information Officer (CIO).
Essential Job Functions
Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology. Advises executive leadership on identified risks and ensures timely execution of mitigation and remediation plans with integrity and discretion.
Directs the ongoing development of the department’s information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third‑party risk management.
Allocates and manages resources to support a robust security strategy. Identifies and advocates for strategic investments, oversees capital and operating budgets, and delivers ROI analyses and budget recommendations.
Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives. Develops tools and interventions to mitigate risks, establishes performance metrics, and monitors compliance through audits and assessments.
Builds alignment and support for security goals and initiatives across internal and external stakeholders. Communicates effectively with leadership at all levels on trends, risks, and the overall effectiveness of the security program.
Promotes awareness and understanding of regulatory requirements across the organization. Leads or collaborates on testing and auditing activities to ensure ongoing compliance and successful certifications.
Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI‑DSS.
Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations.
Serves as the department’s representative in security‑related matters with City agencies and partners.
Continuously monitors emerging trends, technologies, and best practices in cybersecurity to ensure the department’s security posture remains current and effective.
The Chief Information Security Officer (0933 Manager V) may perform other duties as assigned/required.
Qualifications
Education: Bachelor’s degree from an accredited college or university; AND
Experience: Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals.
Education Substitution: Additional experience as described above may be substituted for the required degree on a year‑for‑year basis. One (1) year is equivalent to thirty (30) semester units / forty‑five (45) quarter units.
Desirable Qualifications
Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification.
Application Process Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at https://careers.sf.gov/knowledge/experience-education/.
Applicants will receive a confirmation email from notification@smartrecruiters.com that their online application has been received in response to every announcement for which they file. Failure to receive this email means that the online application was not submitted or received.
All job applications for the City and County of San Francisco must be submitted through our online portal. Please visit https://careers.sf.gov/ to begin your application process.
Equal Employment Opportunity Statement The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.
#J-18808-Ljbffr
Chief Information Security Officer (0933 Manager V) - Department of Public Health
role at
City and County of San Francisco
Company Description
The Department of Public Health prioritizes equitable and inclusive access to quality healthcare for its community and values the importance of diversity in its workforce. All employees at the Department of Public Health work to advance equity, inclusion, and diversity with a specific lens and focus on race, ethnicity, gender, sex, sexuality, disability, and immigration status.
Key Dates & Salary
Application Opening: Friday, November 21, 2025
Application Deadline: Application filing will close on or after Friday, January 9, 2026
Salary: $180,440 - $230,308 Annually (Range A)
Appointment Type: Permanent Civil Service
Recruitment ID: PBT-0933-160818
San Francisco Department of Public Health (SFDPH) mission: to protect and promote the health of all San Franciscans. SFDPH works through divisions including the San Francisco Health Network, Population Health Division, Behavioral Health Services, and Central Administration.
Job Description The San Francisco Department of Public Health is seeking a dynamic and experienced cybersecurity professional to join its IT leadership team. As a key strategic leader, the Chief Information Security Officer (CISO) (0933 Manager V) will be responsible for developing and executing a comprehensive information security strategy that safeguards the department’s systems, data, and services.
This role leads the implementation of an enterprise-wide security program that promotes collaboration, strengthens governance, and aligns cybersecurity initiatives with organizational goals. The CISO serves as a trusted advisor to senior leadership, providing expert guidance on risk management, security investments, and policy development. The CISO oversees a team of cybersecurity professionals within the SFDPH IT division and collaborates extensively with the CISO for the City and County of San Francisco.
The CISO reports directly to the Chief Information Officer (CIO).
Essential Job Functions
Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology. Advises executive leadership on identified risks and ensures timely execution of mitigation and remediation plans with integrity and discretion.
Directs the ongoing development of the department’s information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third‑party risk management.
Allocates and manages resources to support a robust security strategy. Identifies and advocates for strategic investments, oversees capital and operating budgets, and delivers ROI analyses and budget recommendations.
Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives. Develops tools and interventions to mitigate risks, establishes performance metrics, and monitors compliance through audits and assessments.
Builds alignment and support for security goals and initiatives across internal and external stakeholders. Communicates effectively with leadership at all levels on trends, risks, and the overall effectiveness of the security program.
Promotes awareness and understanding of regulatory requirements across the organization. Leads or collaborates on testing and auditing activities to ensure ongoing compliance and successful certifications.
Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI‑DSS.
Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations.
Serves as the department’s representative in security‑related matters with City agencies and partners.
Continuously monitors emerging trends, technologies, and best practices in cybersecurity to ensure the department’s security posture remains current and effective.
The Chief Information Security Officer (0933 Manager V) may perform other duties as assigned/required.
Qualifications
Education: Bachelor’s degree from an accredited college or university; AND
Experience: Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals.
Education Substitution: Additional experience as described above may be substituted for the required degree on a year‑for‑year basis. One (1) year is equivalent to thirty (30) semester units / forty‑five (45) quarter units.
Desirable Qualifications
Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification.
Application Process Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at https://careers.sf.gov/knowledge/experience-education/.
Applicants will receive a confirmation email from notification@smartrecruiters.com that their online application has been received in response to every announcement for which they file. Failure to receive this email means that the online application was not submitted or received.
All job applications for the City and County of San Francisco must be submitted through our online portal. Please visit https://careers.sf.gov/ to begin your application process.
Equal Employment Opportunity Statement The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.
#J-18808-Ljbffr