Health Services Information Security Specialist

County Of Sonoma   Santa Rosa, CA   Full-time     Information Services / Technology (IT)
Posted on August 25, 2023
Apply Now

Position Information


The County of Sonoma's Department of Health Services (DHS) seeks an experienced and customer-focused Information Security Specialist professional to join their team.

Health Services Information Security Specialist description image

Starting salary up to $53.90/hourly ($112,495/annually) and a competitive total compensation package!

As a Health Services Information Security Specialist, you will perform security-related monitoring, auditing, reporting, response, mitigation, and prevention tasks on an ongoing basis to ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other information privacy  and security regulations.  Additional responsibilities include:

  • Implementing security-group management and role-based access including analysis, maintenance, and monitoring to ensure appropriate and controlled access to sensitive information and systems
  • Analyzing and monitoring daily system activity reports and event management using various department programs and reports including Security Information Event Management (SEIM) systems, electronic health record (EHR) logs, and network drive access logs
  • Reviewing and analyzing monthly server vulnerability scan reports and working with DHS and County Information Systems Department (ISD) teams to address vulnerabilities
  • Reporting enterprise and local level issues and events to the ISD Security Unit and working collaboratively to resolve issues  
  • Software management, including identifying and assessing software for HIPAA compliance and security risk, ensuring encryption keys are active on all devices, and verifying that devices receive security updates
  • Identifying, tracking, and auditing the inventory of all hardware that can access or store Protected Health Information (PHI) and Personal Identifiable Information (PII) 
  • Serving as the system administrator and configuration specialist for the Governance, Risk, and Compliance (GRC) Software
  • Performing data classification management including identification and security of protected information in network drives and databases
  • Ensuring the Mobile Device Manager (MDM) application remains active on all assigned devices; remediating when appropriate; initiating device deactivation when determined necessary

The ideal candidate for this position has a problem-solving mindset, is detail oriented and has excellent time management and organizational skills. Additionally, they have completed coursework and training in information security and possess demonstrated experience in developing standard operating procedures and incident response plans. They also have experience monitoring and managing an information security program, and implementing security methods, tactics, and procedures in the government and/or public utility sector. The ideal candidate will also possess the following competencies:

  • Technical Acumen – A solid understanding of technical systems and how cyber security works within them
  • Analytical skills – The ability to determine the root cause of problems
  • Sense of Urgency – The ability to act quickly to address cyber-security incidents
  • Motivational Skills – An understanding of how to drive a culture of safe IT habits
  • Attention to detail – The competency to ensure that all threat vectors are addressed, and documentation is complete 
  • Communication Skills – The ability to communicate technical issues to non-technical staff
  • Team Orientation – A talent for working cooperatively with other teams such as DHS-IT, ISD, Privacy, Fiscal, and others
  • Customer Focus - An understanding that our purpose is data security as well as easing the burden on staff

Note: In addition to the foregoing, it is highly desirable that the ideal candidate possess an IT Security Certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA Security+, or other recognized IT security certification.  

What We Offer

Working at the County of Sonoma offers expansive opportunities for growth and development, the ability to be a part of a challenging and rewarding work environment, and the satisfaction of knowing you're working to better our communities. You can also look forward to flexible work arrangements and excellent benefits* including:

  • Hybrid Telework - A hybrid telework schedule that meets the needs of our staff, department operations, and the communities we serve may be available depending on the assignment
  • Salary Advancement - A salary increase after 1,040 hours (6 months when working full-time) for good work performance; eligibility for a salary increase for good performance every year thereafter, until reaching the top of the salary range
  • Paid Time Off - Competitive vacation and sick leave accruals, 12 paid holidays, and an additional 8 floating holiday hours per year
  • County Paid Health Premium Contributions - 100% premium contribution for the majority of employee-only and employee + family health plan options
  • Staff Development/Wellness Pay - Annual benefit allowances of up to $500 and ongoing education/training opportunities
  • Post-Retirement Health Reimbursement Arrangement - County contribution to a Health Reimbursement Arrangement to help fund post-retirement employee health insurance/benefits
  • Retirement - A pension fully integrated with Social Security
  • Paid Parental Leave - May be eligible for up to 8 weeks (320 hours) after 12 months of County employment

*Salary is negotiable within the established range. Benefits described herein do not represent a contract and may be changed without notice. Additional information can be found in the Service Employees International Union Local 1021 Memorandum Of Understanding (SEIU MOU) and our Employee Benefits Directory.

Bring Your Commitment to Public Service to the County of Sonoma 
The County of Sonoma is the place to live, grow, and build your career legacy. When you join the County of Sonoma, you'll have the freedom to explore the beauty of our county - its picturesque coastline, majestic redwoods, historic towns, fine dining, award-winning wineries, and a wide variety of entertainment and cultural activities. For additional information about the beauty of our community and the valuable services and support that the County provides our communities, please visit and  

This recruitment is being conducted to fill a Health Services Information Security Specialist position. This employment list may also be used to fill future full-time, part-time, or extra-help (temporary) positions as they occur during the active status of the list. Qualified County employees who wish to be considered for future positions should consider applying to this recruitment. The Civil Service title for this position is Department Information Services Specialist II.  

Minimum Qualifications

Any combination of training and experience which would provide the opportunity to acquire the knowledge and abilities listed. Normally this would include:

Education: The equivalent to completion of twelve semester or eighteen quarter units in information systems, computer science or closely related field; AND

Experience: Two years of experience in developing and maintaining information technology systems in a multi-platform information systems environment, including at least one year of experience developing and/or modifying applications.

License: Possession of a valid driver's license at the appropriate level including special endorsements, as required by the State of California, may be required depending upon assignment to perform the essential job functions of the position.

Knowledge, Skills, and Abilities

Knowledge of: IT systems components and architecture; customer support techniques; basic network principles; commonly used software applications; system performance monitoring and troubleshooting; technical documentation methods and procedures; IT systems security methods and techniques; oral and written communication techniques; network equipment, tools and peripherals; operating systems installation and configuration procedures; installation, configuration, and maintenance of desktop components; operating environments; commonly used query languages; data management concepts and methods; server maintenance techniques; file formats used in the delivery of Web content; browser technical requirements.

Ability to: efficiently troubleshoot system problems; provide training to other technical staff; communicate factual and procedural information clearly, orally and in writing; gather and analyze basic facts and draw conclusions; install, configure, and test software on customer workstations; prepare and update manuals, instructions, and operating procedures; provide information and assistance to customers; ensure the application of appropriate security measures in accord with established procedures; assist in implementing and maintaining network and systems services; monitor network and systems performance and troubleshoot minor problems; document and initiate response to security problems; provide guidance and training to customers in accessing network and systems services; assist customers in installing and using applications; maintain database operations; assist in returning disrupted database systems to normal operations; create reports and manipulate data in response to customer requirements; convert user-developed content into workable Web pages; carry out server maintenance functions; test new browser versions for compatibility with existing services.

Selection Procedure & Some Helpful Tips When Applying


  • Your application information and your responses to the supplemental questions are evaluated and taken into consideration throughout the entire selection process.
  • You should list all employers and positions held within the last ten years in the work history section of your application. Be as thorough as possible when responding to the supplemental questions.
  • You may include history beyond ten years if related to the position for which you are applying. If you held multiple positions with one employer, list out each position separately.
  • Failure to follow these instructions may impact your competitiveness in this process or may result in disqualification.

Please visit Getting a Job with the County of Sonoma to review more detailed information about the hiring process, including the application process, examination steps, and department selection process.

Responses to supplemental questions will be scored using position-specific criteria. Please provide specific and detailed responses of a reasonable length to allow for a thorough assessment of your qualifications. Responses that state "See Resume" or "See Application" may be considered insufficient and therefore may not be scored.

The selection procedure will consist of the following examination:

An Application & Supplemental Questionnaire Appraisal Examination (weight 100%) will be conducted to evaluate each applicant's application and supplemental questionnaire for satisfaction of minimum qualifications (pass/not pass); and for educational coursework, training, experience, knowledge, and abilities which relate to this position. Each applicant will be evaluated based on the following criteria:

  • Relevance of work history, related experience, and achieved level of education and/or training as described in the application and responses to the supplemental questions.

Candidates demonstrating possession of the minimum qualifications will be placed on an employment list in order of most qualified to least qualified based on the achieved score received in the Application & Supplemental Questionnaire Appraisal Examination which evaluates the education, training, experience, skills, knowledge, abilities, and other qualifications that you demonstrate in your application and/or response to the supplemental questionnaire. Please be aware that resumes and cover letters are not typically evaluated in the Application & Supplemental Questionnaire Appraisal Examination. Scores may be adjusted based on such factors as the number of candidates, anticipated vacancies, past practice, and natural breaks in the scores achieved by this group of candidates.


A background investigation is required prior to employment. Candidates referred to departments for a selection interview are typically required to sign authorization and release forms enabling such an investigation. Failure to sign prescribed forms will result in the candidate not being considered further for that vacancy. Reference information will not be made available to applicants.

Additional requirements, such as successful completion of a physical exam, drug screen, etc., may apply, depending on the duties and responsibilities of the position. If you receive a conditional job offer for the position, the requirements upon which the offer is contingent will be outlined in the conditional job letter. You may also review the Job Classification Screening Schedule to determine the requirements for this position.


Applications are accepted online at Paper applications may be submitted by person, fax (707-565-3770), email, or through the mail. All applications and appropriate supplemental information as outlined in the job bulletin must be RECEIVED by the time and date specified on the first page of this job announcement. Applications received after the recruitment closes will not be accepted.

The County of Sonoma values diversity and is dedicated to creating a workplace environment that provides individuals with a sense of belonging. We are committed to having a diverse workforce that is representative of the communities we serve. The County is proud to be an Equal Opportunity Employer where all aspects of employment are based on merit, competence, performance, and business need.

HR Analyst: BH
HR Technician: RR