Information Security Officer - IT Division

Information Security Officer - IT Division

Salary

$5,504.22 - $6,690.40 Biweekly

Location

Tani G. Cantil-Sakauye Courthouse, CA

Job Type

Full-Time

Job Number

2026-12274B

Department

Court Wide

Opening Date

06/10/2026

Closing Date

7/1/2026 11:59 PM Pacific

• Description
• Benefits
• Questions

Description

Under general direction, the Information Security Officer is responsible for the leadership, oversight, and execution of the Court's information security, cybersecurity, privacy, and risk management programs. The Information Security Officer establishes and enforces security governance, policies, and controls to protect the confidentiality, integrity, and availability of Court information systems and data. This position provides strategic security leadership, oversees security operations and incident response, ensures regulatory and Judicial Council of California compliance, manages security risk across enterprise and Software-as-a-Service (SaaS) environments, and advises judicial officers and executive leadership on information security matters.

Examples of Duties

Duties may include, but are not limited to the following:

• Provides enterprise-wide leadership for cybersecurity, information security, and privacy programs.
• Develops, implements, and maintains the Court's information security governance framework, including policies, standards, procedures, and controls.
• Establishes and oversees security programs covering network security, application security, cloud and SaaS security, endpoint protection, identity and access management, and data protection.
• Develops and maintains the Court's short and long-term information security strategy and roadmap, aligned with Court objectives and enterprise architecture.
• Conducts and oversees security risk assessments, threat modeling, and vulnerability management across on-premises, cloud, and SaaS environments.
• Ensures security requirements and controls are embedded into system design, procurement, and enterprise architecture decisions.
• Develops, manages, and monitors the information security budget; oversees procurement and lifecycle management of security tools, services, and SaaS solutions.
• Conducts vendor security due diligence, including risk assessments, contract security terms, and compliance reviews; ensures third-party vendors and service providers meet Court security, privacy, and data protection requirements.
• Oversees the Court's security incident response program, including detection, investigation, containment, remediation, and post-incident review.
• Ensures compliance with Federal Bureau of Investigations (FBI) Criminal Justice Information Systems (CJIS) Security Policy, Internal Revenue Service (IRS) Publication 1075, Judicial Council of California policies, and applicable state and federal data protection requirements.
• Supports internal and external audits, assessments, and compliance reviews; tracks and remediates findings.
• Oversees disaster recovery, business continuity, and cyber resilience planning and testing.
• Advises judicial officers, executive leadership, and management on security posture, risks, incidents, and mitigation strategies.
• Plans, prioritizes, schedules, assigns, and evaluates work of assigned personnel; assists with interviews and selection; trains and motivates staff; monitors and evaluates staff performance.
• Coordinates with statewide judicial branch security initiatives, external agencies, and partner courts.
• Promotes a culture of security awareness, accountability, and compliance across the Court.

Minimum Qualifications

Education: Bachelor's Degree from an accredited college or university in Information Technology, Information Security, Computer Science, or a closely related field.

• And-

Experience: Five (5) years full-time experience in information security, information assurance, or a closely related field, including responsibility for security governance, compliance, risk management, or security architecture.

Substitution: Additional relevant full-time information security experience may be substituted for the Bachelor's Degree on a year-for-year basis.

Certification: Relevant security certifications are highly desirable.

Preferred certifications include: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Chief Information Security Officer (CCISO), Certified in Risk and Information Systems Control (CRISC), International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001 Lead Auditor, or Computing Technology Industry Association (CompTIA) Security+.

CJIS training and cloud security certifications, including Amazon Web Security (AWS) Security, Azure Security Engineer, and Google Cloud Security, are also valued.

Knowledge of:

Information security governance, risk management, and compliance frameworks (National Institute of Standards and Technology (NIST) Cybersecurity Framework, NIST 800-53, ISO 27001, Center for Internet Security Critical Security Controls (CIS Controls); federal and state data security standards, particularly FBI CJIS Security Policy, IRS Publication 1075, and Judicial Council of California information security policies; security incident detection, response, and forensic processes; enterprise security architecture, including identity and access management, network security, endpoint protection, encryption, and logging/monitoring; cloud and SaaS security models, shared responsibility frameworks, and third-party risk management; vulnerability management, threat modeling, and risk assessment methodologies; security budget development, procurement processes, and vendor risk management in public sector environment; principles and practices of supervision, training, staff development and performance management; principles and practices of effective team building, team leadership and conflict resolution; design, installation and maintenance of enterprise, distributed systems to courts, state agencies or other hosted court community; networking functions from network hardware and software vendors and products, network security policies, techniques and procedures, network documentation, configuration, maintenance and diagnostic procedures and techniques; internet and intranet architecture; development of long and short-term strategic initiatives for the enterprise organization; principles and practices of technical problem solving; principles, processes and techniques of project management and related software; designing disaster recovery solutions, including planning, implementation and testing; principles, practices and techniques of providing customer service; change management principles and practices.

Ability to:

Plan, organize and supervise the work of information security and information technology staff; provide leadership and direction to a professional and technical group of staff; motivate, train, coach, evaluate and discipline staff; establish, monitor and control projects and schedules to meet goals and objectives; translate complex security risks into business impact for judicial officers, executive leadership and non-technical stakeholders; understand highly complex information technology systems and issues; identify and articulate security problems and recommend documented solutions; establish and maintain effective and cooperative working relationships with judicial officers, executive leadership, court staff, vendors, and external agencies; communicate effectively both orally and in writing; promote and maintain a team environment; understand the Court's strategic business objectives as they relate to information security.

Other Information

Must be able to pass a criminal history background check.

Possession of a valid California driver's license or the ability to utilize an alternative method of transportation when needed to carry out job-related essential functions.

To view the Sacramento Superior Courts Benefits Summary Sheet please click here.

The following is an explanation of the benefits, which apply to those employed in regular or limited-term positions:

Vacation: Vacation with pay varies depending upon the employee representation unit. New employees typically earn 10 days per year and accrual rates normally increase according to years of service.

Holidays: The Superior Court of California, County of Sacramento recognizes 14 holidays and 5 floating holidays per year.

Sick Leave: Employees accrue 5.0 hours per bi-weekly pay period.

Parental Leave: Employees with at least 1 year of service are eligible for paid parental leave upon the birth or adoption of a child.

Retirement: Employees are covered by the Sacramento County Employees Retirement System (SCERS) and Social Security.

Group Health Insurance: The Court offers several choices of employee and dependent health insurance coverage, with a significant portion paid by the employer.

Dental and Vision Services Plan: Employee and dependent dental and vision insurance plans are provided at no cost.

Life Insurance: Basic employee life insurance is provided at no cost to the employee with additional optional life insurance available at the employees cost.

Medical and Childcare Flexible Spending Accounts: The ability to deduct a portion of your salary before taxes to apply toward medical expenses and/or child care expenses.

Deferred Compensation: The Court offers a Deferred Compensation Program.

Sacramento Credit Union: The credit union offers loan facilities and systematic savings plans through payroll deduction.

Tuition Reimbursement: The Court reimburses up to $3,000.00 dollars of an employees educational expenses as outlined in its Tuition Reimbursement policy.

Long Term Disability: A Long Term Disability (LTD) plan is provided at no cost to employees.

Transit Subsidy: The Court provides a transit subsidy to eligible employees based on current policy.

01

Describe your education, professional certifications, and work experience as they directly relate to the position of Information Security Officer. Include any relevant degrees, certifications (e.g., CISSP, CISM, Security+, CJIS-specific training), and professional affiliations. Identify which aspects of your background you consider most directly applicable to this role and explain why.

02

Describe your experience developing, implementing, or managing an information security governance program, including the creation or revision of security policies, standards, or procedures. Provide a specific example of a policy or control framework you built or materially improved, the process you used, and how you measured its effectiveness.

03

This position carries compliance obligations under the FBI CJIS Security Policy, IRS Publication 1075, and Judicial Council of California policies. Describe your experience ensuring organizational compliance with a federal, state, or criminal justice data security standard. Include how you identified compliance gaps, the steps you took to remediate them, and how you maintained ongoing compliance rather than a point-in- time posture.

04

Describe a significant security incident or risk management situation you led or played a major role in. Explain how the incident was detected, your specific actions during containment and response, how you communicated with leadership and affected parties, and what systemic changes resulted. If describing a risk management scenario rather than an active incident, explain how you assessed, documented, and presented the risk and what outcome followed.

05

Effective Information Security Officers must translate complex security risks into terms that executive leadership and non-technical stakeholders can act on. Describe a situation where you had to communicate a significant security risk, finding, or recommendation to an executive audience or governing body. What was the risk, how did you frame it, and what was the outcome? If your recommendation was not adopted, how did you handle that?

Required Question

Employer Sacramento Superior Court

Address 500 G Street

Sacramento, California, 95814

Phone (916) 874-7828

Website https://www.saccourt.ca.gov/