The URL can be used to link to this page

Home My WebLink About2022-08-04 CSC Agenda Packet Date:Thursday, August 4, 2022 Time:5:15 p.m. Location:City Hall, Bldg. #C, Conference Room B-129 276 Fourth Avenue, Chula Vista Welcome to your Civil Service Commission Meeting The Civil Service Commission has transitioned back to holding live, in-person meetings. Public Comments: Public comments may be submitted to the Civil Service Commission in the following ways: In-Person comments during the meeting. Join us for the Civil Service Commission meeting at the time and location specified on this agenda to make your comments. Please visit www.chulavistaca.gov/boardmeetings for current mask requirements and other safety protocols. • Submit an eComment. Visit www.chulavistaca.gov/boardmeetings, locate this meeting, and click on the comment bubble icon. Click on the item you wish to comment on, and then click on "Leave Comment." The commenting period will close one hour before the meeting. All comments will be made available to the Commission and the public. • Mail or email comments. Submit comments via email to CSC@chulavistaca.gov or by mail to Civil Service Commission, 276 Fourth Ave, Chula Vista, CA 91910. Please send comments early; written comments received within one hour of the meeting may not be distributed until the following day. • Accessibility: Individuals with disabilities are invited to request modifications or accommodations in order to access and/or participate in a Civil Service Commission meeting by contacting the Human Resources Department Staff at CSC@chulavistaca.gov (California Relay Service is available for the hearing impaired by dialing 711) at least forty-eight hours in advance of the meeting. Pages 1.CALL TO ORDER 2.ROLL CALL Commissioners Gersten, Sepulveda, Vice Chair Fish and Chair Carbuccia 3.PUBLIC COMMENTS Persons may address the Commission on any subject matter within the Commission’s jurisdiction that is not listed as an item on the agenda. State law generally prohibits the Commission from discussing or taking action on any issue not included on the agenda, but, if appropriate, the Commission may schedule the topic for future discussion or refer the matter to staff. If you wish to speak on any item, please fill out a "Request to Speak" form and submit it to the Secretary prior to the meeting. 4.ACTION ITEMS The Item(s) listed in this section of the agenda will be considered individually by the Commission and are expected to elicit discussion and deliberation. If you wish to speak on any item, please fill out a "Request to Speak" form and submit it to the Secretary prior to the meeting. 4.1.Approval of Regular Meeting Minutes of July 7, 2022.3 Staff Recommendation: Approve the minutes 4.2.Consideration to Approve the Addition of the Following Classification to the Classification Plan per Civil Service Rule 1.02 A (3) 6 Information Technology Security Analyst (PROF) Staff Recommendation: Approve the new classification OTHER BUSINESS 5.STAFF COMMENTS 6.CHAIR'S COMMENTS 7.COMMISSIONERS' COMMENTS 8.ADJOURNMENT to the regular meeting on September 1, 2022, at 5:15 p.m. Materials provided to the Civil Service Commission related to any open-session item on this agenda are available for public review by contacting the Human Resources Department at CSC@chulavistaca.gov. 2022/08/04 CSC Agenda Page 2 of 10 1 REGULAR MEETING OF THE CIVIL SERVICE COMMISSION Meeting Minutes July 7, 2022, 5:15 p.m. City Hall, Bldg. #C, Conference Room B-129 276 Fourth Avenue, Chula Vista Present: Chair Carbuccia, Commissioner Sepulveda, Commissioner Gersten Absent: Vice Chair Fish Also Present: Director of Human Resources Chase, Secretary Ladron de Guevara Others Present Fire Chief Muns, Human Resources Manager Tomlinson _____________________________________________________________________ 1. CALL TO ORDER A regular meeting of the Civil Service Commission of the City of Chula Vista was called to order at 5:15 p.m. in Conference Room #B129, located in Building C, 276 Fourth Avenue, Chula Vista, California. 2. ROLL CALL Chair Carbuccia called the roll. 3. PUBLIC COMMENTS None. 2022/08/04 CSC Agenda Page 3 of 10 2 4. ACTION ITEMS 4.1 Approval of Regular Meeting Minutes of September 2, 2021 and April 7, 2022. Moved by Commissioner Gersten Seconded by Commissioner Sepulveda Yes (3): Chair Carbuccia, Commissioner Sepulveda, and Commissioner Gersten Result:Carried (3 to 0) 4.2 Consideration to Approve the Addition of the Following Classification to the Classification Plan per Civil Service Rule 1.02 a (3) Director of Human Resources Chase gave a presentation on this item. Moved by Commissioner Gersten Seconded by Commissioner Sepulveda Yes (3): Chair Carbuccia, Commissioner Sepulveda, and Commissioner Gersten Result:Carried (3 to 0) 4.3 Selection of Chair and Vice Chair for Fiscal Year 2022-2023 Commissioner Gersten moved to nominate Chair Carbuccia and Vice Chair Fish to continue as the Chair and Vice Chair for fiscal year 2022- 2023. Moved by Commissioner Gersten Seconded by Commissioner Sepulveda Yes (3): Chair Carbuccia, Commissioner Sepulveda, and Commissioner Gersten Result:Carried (3 to 0) OTHER BUSINESS 5. STAFF COMMENTS 2022/08/04 CSC Agenda Page 4 of 10 3 Director of Human Resources Chase announced that negotiations with the Fire labor group have been completed and the contract will be going to City Council on July 12, 2022. 6. CHAIR'S COMMENTS Chair Carbuccia wanted to thank the School Resource Officers of the City of Chula Vista for their participation in the leadership training held earlier that day. 7. COMMISSIONERS' COMMENTS None. 8. ADJOURNMENT The meeting was adjourned at 5:32 p.m. Minutes prepared by: Felipe Ladron de Guevara, Secretary _________________________ Felipe Ladron de Guevara, Secretary 2022/08/04 CSC Agenda Page 5 of 10 CITY OF CHULA VISTA DRAFT INFORMATION TECHNOLOGY SECURITY ANALYST DEFINITION To implement, maintain and perform information technology security analysis of systems and plans and carries out security measures to protect systems and digital assets, including working with malware/antivirus tools, patch management, firewalls, scanners and other security tools; perform other related duties as required. SUPERVISION RECEIVED AND EXERCISED Receives general supervision from the Director of Information Technology Services. ESSENTIAL FUNCTIONS – Functions may include, but are not limited to, the following: Implement, monitor, evaluate and recommends information technology security measures and programs in accordance with department policies, procedures and standards. Assist in the development of information security strategies, implement said strategies and plans to prevent the unauthorized use, release, modification, loss or destruction of data and other information assets. Work with staff to integrate advanced protection methodologies with the City's systems and network, hardware and software infrastructure; work with staff to secure development and production environments; ensure security patches and configuration changes are implemented in a timely manner; ensure ongoing use of monitoring and detection techniques to verify that security measures are functional and enforced; coordinate the implementation of periodic, comprehensive system security audits. Participate in the development of appropriate security incident notification procedures for City and departmental management; coordinate investigations of security compromises with City management, outside auditors and consultants and appropriate law enforcement agencies when warranted by the nature of the intrusion or compromise. Conduct risk assessments to identify vulnerabilities and assist in the development of appropriate methods for avoiding or mitigating potential risk; take appropriate action to prevent future breaches. Conduct routine and periodic unannounced security inspections and audits systems administration processes to ensure sound control systems are in place for the granting of user access and privileges and to ensure the timely removal of access for employees leaving City employment. Develop and/or assist in the development of broad-scale testing plans and exercises to ensure organizational capability to implement business continuity plans in the event of a variety of emergencies; conduct audits of detailed plans and planning processes to ensure accountability for 2022/08/04 CSC Agenda Page 6 of 10 CITY OF CHULA VISTA Information Technology Security Analyst 2 keeping plans up to date; regularly examine and update plans and disaster scenarios. Conduct annual and other periodic information security management training for Information Technology and City staff. Assist in the development of security policies, standards and best practices; develop and recommend compliance strategies for information technology security programs; assess risks of noncompliance with information security policies, standards, and guidelines and report findings. Document security breaches and damage caused by breaches; compile and validate security related statistical data and prepares reports. Research the latest information technology security trends and recommend security enhancements. Maintain a working knowledge of Information Technology Infrastructure Library (ITIL) standards and procedures and government security standards and how these apply to the City’s information technology infrastructure. Assist in the development, implementation, and evaluation of security awareness training programs and train staff on security protocols, policies, and procedures. May work with law enforcement and vendors to manage security threats. Provide comprehensive reports of all events, incidents and breaches to Department management. Monitor trends and developments in information security technologies; consult with vendors and other sources on industry and product functionality and capabilities. Build and maintain positive working relationships with co-workers, other employees and the public using principles of good customer service. Perform related duties as assigned. MINIMUM QUALIFICATIONS Knowledge of: Information technology security architecture, design and engineering with a primary focus on Cisco technologies, tools and solutions. Information security frameworks, software, hardware, and technologies. Current information security compliance standards and regulations. Current and emerging security tools, techniques, and programs. Innovative problem-solving techniques and practices. 2022/08/04 CSC Agenda Page 7 of 10 CITY OF CHULA VISTA Information Technology Security Analyst 3 Information technology systems, software, database management, policies and procedures, including computer networks, security, mini-computers, telecommunications, copiers and other electronic office automation systems. Firewalls, intrusion prevention systems, including Cisco appliances and software operations. System and program design parameters. Vulnerability scanning tools. Plan, design, installation, maintenance and operation of local and wide area network equipment and operating systems. Operating systems such as Microsoft, Linux, Mac operating systems, local and wide area communications networks, and software applications. Current network hardware, protocols, and standards. Standards and best practices in network security. Risk assessment process and practices. Applicable data privacy laws and practices. Operating principles and practices of desktop and server hardware and software related to the establishment and maintenance of internal and external networks. Applicable Federal, State, and local laws, codes and regulations concerning the operation of computer systems and networks. Occupational hazards and standard safety practices necessary in the area of computer operations. Techniques for dealing effectively with the public, vendors, contractors and city staff, in person and over the telephone. Techniques for providing a high level of customer service to the public and city staff, in person and over the telephone. English usage, spelling, grammar, and punctuation. Ability to: Prioritize and respond expeditiously to data threats or policy deviations. Advise on the acquisition, design and construction of computer systems and other related equipment. 2022/08/04 CSC Agenda Page 8 of 10 CITY OF CHULA VISTA Information Technology Security Analyst 4 Prepare clear and concise reports, correspondence, policies, procedures and other written materials. Present technical information orally and in writing in a non-technical way for employees, community groups and decision-makers. Interpret, explain, and ensure compliance with City policies and procedures. Analyze and present recommendations to City management on vendor products and services. Interpret and apply City and department policies, procedures, rules and regulations. Communicate clearly and concisely, both orally and in writing. Establish and maintain effective working relationships with those contacted in the course of work. Work with various cultural and ethnic groups in a tactful and effective manner. Experience and Training Any combination of education and/or experience and training that would likely provide the required knowledge and abilities is qualifying. A typical way to obtain the knowledge and abilities would be: Experience: Three years of recent, paid work experience assisting with the implementation, administration, and monitoring of IT security solutions and programs and experience working with information security and vulnerability scanning tools is required. Training: Equivalent to a Bachelor’s degree in computer science, information security or a closely related field. License or Certificate Possession of a valid California driver’s license. Possession of Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP) and CompTIA Security+ certifications are desirable. 2022/08/04 CSC Agenda Page 9 of 10 CITY OF CHULA VISTA Information Technology Security Analyst 5 PHYSICAL DEMANDS: On an intermittent basis, sit at desk for periods of time, walk and stand. Intermittently twist and reach office equipment; use telephone and keyboard. See in the normal vision range with or without correction to read typical business documents and computer screens; hear in the normal range with or without correction. WORKING ENVIRONMENT Primary work is performed indoors in a carpeted and air -conditioned office environment with adequate lighting and moderate noise level. Some movement is required from office to office and there is exposure to the external environment when going to outlying offices and meetings. Work is frequently disrupted by the need to respond to in-person and telephone inquiries. Employees are required to be available for rotating on-call assignments and may be required to work during irregular work hours such as early mornings, evenings and weekends to respond to requests for after-hours and/or immediate computer support. 2022/08/04 CSC Agenda Page 10 of 10