Cybersecurity Architect

Job Description and Duties

THIS POSITION MAY BE ELIGIBLE FOR A HYBRID WORK SCHEDULE. THE AMOUNT OF TELEWORK IS AT THE DISCRETION OF THE DEPARTMENT AND IS SUBJECT TO CHANGE AS BUSINESS NEEDS ARISE.

The Employment Development Department (EDD) has an immediate opening for a Cybersecurity Architect (Information Technology Specialist III). This role involves applying state-of-the-art cybersecurity, fraud, and vulnerability management best practices to design and develop enterprise-wide protection architecture that can identify, address and mitigate fraud and vulnerability risks.

Key responsibilities include: being able to communicate well as a technical project lead and mentor, developing technical requirements, designing secure solutions, developing detection and prevention tools, collaborating on security risk assessments and audits, developing and maintaining documentation, security systems configuration and administration, enhancing operations, conducting fraud and forensic investigations, monitoring system capabilities, vulnerability and threat testing, incident response, staff training, and EDD modernization.

The Cybersecurity Architect:

• Follows administrative direction from the Cybersecurity Operations Section Chief with a high degree of independence and expertise.
• Has an advanced enterprise-wide level of understanding of EDD's information technology (IT) architecture.
• Applies a master-level of technical IT expertise to connect strategic intent and practical technical application in the development of a full range of fraud detection, threat detection and prevention, vulnerability management, incident response, resiliency, recovery policies, cybersecurity standards, analytics and concepts governing methods for data storage to support incident and fraud detection.
• Collaborates with IT Branch Divisions and EDD business units in the planning, designing, testing and implementing a cybersecurity threat detection and mitigation architecture.
• Develops prerequisites for networks, firewalls, routers, and other network devices.
• Performs vulnerability and fraud assessments, security testing, and risk analysis.
• Continuously researches and implements updated security standards and best practices in compliance with applicable state and federal laws, rules and regulations.
• Recognizes the criticality of understanding human behavior and its role in creating possible fraud, threats, and vulnerabilities, and addresses them in the architecture framework.
• Mentors and coaches technical staff in the Cybersecurity Operations Section in the field of cybersecurity as needed.

This position may be eligible for a hybrid work schedule. The amount of telework is at the discretion of the Department and is subject to change as business needs arise. Employees are required to report to their headquarters office on their assigned in-office days. Travel expenses to and from the assigned headquarters are the responsibility of the employee.

Effective July 1, 2025, specific Bargaining Units and associated Excluded State employees are subject to a salary reduction between 2% - 4.62% in exchange for hours in the Personal Leave Program 2025 (PLP 2025) per month. For more details, please click here to visit the California Department of Human Resources (CalHR) website.

Position exists at 1416 9th Street Sacramento, CA 95814 ARU 390

If you have questions about the actual position, please contact the “Hiring Unit Contact” listed below under Contact Information

You will find additional information about the job in the .

Working Conditions

Visa Sponsorship

This position is not eligible for visa sponsorship. Applicants must be authorized to work in the US without the need for visa sponsorship by the start date of employment.

Typical office environment.

This position is headquartered at the New Labor Agency Building (NLAB), a newly remodeled high-rise building. Located in the heart of Downtown Sacramento and in close proximity of the State Capitol and the Golden1 Center, this beautiful and modern building provides the following amenities: Break areas, wellness/lactation rooms, coffee points, a fitness center with private showers, a Career Center for EDD Employees, a micro market, building-wide WiFi, an outdoor terrace, bike storage, nearby public transit options, and much more.

Apply today for the opportunity to work in this state-of-the-art building!

Special Requirements

It is strongly encouraged to apply through your CalCareer Account at .

Please only submit ONE application. Electronic applications submitted through your CalCareer Account are highly recommended and will be received/processed faster than other methods of filing.

If you are unable to apply electronically through your CalCareer account, please mail a completed and signed State Examination/Employment Application STD Form 678 and application package to the mailing address provided in the “Application Instructions’ section below and ensure the following:

• Clearly indicate the Job Code #, Position Number and the Classification Title of this position in the “Examination or Job Title(s) For Which You Are Applying” section located on Page 3 of your State Examination/Employment STD Form 678.
• Clearly indicate the basis of your eligibility (list, transfer, reinstatement, etc.) in the “Explanations” section located on Page 3 of your State Examination/Employment Application STD Form 678.
• Remove and do not submit the “Equal Employment Opportunity” questionnaire (Page 10) with your completed State Examination/Employment Application STD Form 678. This page is for examination use only.
• Do not include your full Social Security Number on your documents and/or do not provide any LEAP information.

Examination/Assessment

To apply for this position, you must obtain list eligibility by taking and passing the examination. If you already have list eligibility for this classification, you do not need to retake the examination unless your list eligibility has expired.

Click the examination link below for more information and to take the exam:

For more information about the State hiring process, click here . To watch tutorials on how to apply for a State job, click here .

Desirable Qualifications

In addition to evaluating each candidate's relative ability, as demonstrated by quality and breadth of experience, the following factors will provide the basis for competitively evaluating each candidate:

• Experience with administration, design, and maintenance of enterprise logging solutions / security information event management (SIEM) solutions.
• Experience with administration, design, and maintenance of vulnerability scanning, management, and remediation.
• Experience with administration, design, and maintenance of endpoint detection and response (EDR) solutions.
• Experience with fraud investigations, detection rules, and prevention tools/policies.
• Experience with Linux OS and/or RedHat server configurations and deployment.
• Experience with Windows Server configurations and deployment.
• Experience with the configuration and deployment of cloud solutions.
• Experience with large-scale enterprise deployments and information technology (IT) projects.
• Working knowledge of infrastructure security, protocols, authentication, and authorization.
• Working knowledge of cybersecurity controls and standards.
• Experience with information security audits.
• Ability to gather, write, and communicate detailed requirements and designs.
• Experience with creating and delivering presentations to all levels of staff including management and executive leadership.
• Possess effective interpersonal and professional qualities with the ability to build valuable internal and external relationships with a wide variety of people.
• Ability to effectively communicate verbally and in writing to all levels of management and staff.
• Uses rigorous logic & methods to solve difficult problems with effective solutions. Works with concepts and complexity comfortably.
• Makes good decisions based on analysis, experience, and judgment.
• Uses time & resources effectively & efficiently.
• Produce results working independently and in a team.
• Ability to learn emerging technologies that may become necessary to support the organization's business and long-term strategic plan.
• Bachelor's or Master's degree in information technology, computer science, or a related field of study.
• One or more of the following desired certifications:
• Certified Cyber Forensics Professional (CCFP)
• Certified Ethical Hacker (CEH)
• Certified Expert Penetration Tester (CEPT)
• Offensive Security Certified Professional (OSCP)
• Information Systems Security Architecture Professional (ISSAP)
• Certified Information Security Manager (CISM)
• Certified SCADA Security Architect (CSSA)
• Certified Information Systems Security Professional (CISSP)
• Security+
• Network+

Benefits

Benefit information can be found on the CalHR website, , and the CalPERS website, .

Statement of Qualifications Requirements

A Sta tement of Qualifications (SOQ) is Required. The SOQ serves as documentation of each candidate’s ability to present information clearly and concisely in writing. The SOQ is not a resume or cover letter. Resumes and/or Cover Letters DO NOT take the place of the SOQ. Applications received without an SOQ may not receive further consideration and may be excluded from the hiring process.

The SOQ will be considered the first phase of the hiring process for this position. If your qualifications are competitive, you may be invited to an interview. The SOQ should be typed and not more than two pages in length, not less than 12-point font, single-spaced, with margins not less than one inch, including your first and last name at the top of the page, and must include a response to the statement(s) below, including specific examples:

Please restate the questions with your response.

We ask that you not use Artificial Intelligence assistance when composing your written response. Written responses are an attempt to assess and gain an understanding of your personal writing and communication skills and abilities.

1.) Describe a recent enterprise technology project where you provided cybersecurity leadership. What critical people, process, and technology controls were implemented? What challenges did you face in achieving compliance with applicable federal, state, and local regulatory requirements?

2.) Describe how your work experience and education qualifies you for the role and responsibilities of this position based on the desirable qualifications.

Résumés and/or cover letters DO NOT take the place of the SOQ. Applications received without an SOQ or SOQs that do not include a response to the statement(s) above may not receive further consideration and may be excluded from the hiring process.

Required Application Package Documents

The following items are required to be submitted with your application. Applicants who do not submit the required items timely may not be considered for this job:

• Current version of the State Examination/Employment Application STD Form 678 (when not applying electronically), or the Electronic State Employment Application through your Applicant Account at All Experience and Education relating to the Minimum Qualifications listed on the Classification Specification should be included to demonstrate how you meet the Minimum Qualifications for the position.
• Resume is required and must be included.
• Statement of Qualifications - A Statement of Qualifications (SOQ) is Required. Please see “Statement of Qualifications Requirements” section for more information about the SOQ.
• Other - A Cover Letter is required and must be included.