Cybersecurity Risk Assessment Analyst - Department of Technology (1052)

Position Overview

The Office of Cybersecurity was established in 2022 by the Board of Supervisors under Mayor London Breed as a Citywide Office within the Department of Technology. We create citywide policies, act as a frontline against cyber attacks, and help other departments build resilience to cyber-threats, ensuring that City services and what San Francisco does for you remain cybersafe. The Technology Risk and Resilience Team is excited to hire a Cybersecurity Risk Assessment Analyst who will play a critical role in identifying, assessing, controlling, and monitoring risks across the Citywide enterprise. This position offers firsthand experience in supporting and maturing a Governance, Risk, and Compliance program.

Key Responsibilities

• Perform cyber risk assessments against City cybersecurity requirements.
• Conduct Vendor Risk Assessments to evaluate the security posture of vendors.
• Support the cyber awareness training and education program, including phishing simulations.
• Track and monitor risk mitigation plans.
• Develop routine reports in accordance with Governance, Risk, and Compliance (GRC) metrics.
• Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks and hazards.
• Conduct technical research to aid in threat assessment or risk mitigation activities.
• Perform assessments of adherence to standards.
• Review policies and associated procedures/processes.
• Stay updated on industry changes as they relate to security.

Required Qualifications

• Must be willing to work a 40-hour week as determined by the department.
• Travel within San Francisco may be required.
• Must be a resident of the State of California or be willing to relocate within 4 weeks of employment.

Benefits & Perks

• Location: Department of Technology, 1 S Van Ness Ave, San Francisco, CA 94103
• Schedule: Primarily on-site with a hybrid schedule option (minimum two days in the office every two weeks) based on supervisor approval
• Benefits: Permanent Exempt - Full Time position with an anticipated project duration of 36 months (appointment at the discretion of the appointment officer and excluded from the competitive civil service examination process)