IT Manager I

Office of Information Technology

Annual Salary Range: $123,747 - $164,976

FLSA Exempt / Non-Union Represented

This position allows for up to 4 days of remote work per week

About the Office

The Office of Information Technology (IT) is responsible for enabling State Bar’s internal and external stakeholders by the management, implementation, and maintenance of an organization's technology to support of State Bar’s mission and goals. The office’s primary goals are to build and maintain functional capabilities, to support innovation and to ensure that all systems are running smoothly, efficiently, and securely to support the needs of the organization and its stakeholders.

The Ideal Candidate

The ideal candidate is a strategic and technical leader responsible for managing an organization's cybersecurity efforts. They excel in implementing and maintaining robust security measures to protect IT infrastructure, systems, and data. With strong collaboration skills, they work with internal teams and external partners to integrate security across operations, enhance cybersecurity visibility through dashboards, and automate security monitoring and incident response workflows.

Definition

Under general direction, the Cybersecurity Manager leads and manages the organization’s cybersecurity efforts. This role combines strategic leadership with hands-on technical expertise to ensure the security of our IT infrastructure, systems, and data. The ideal candidate will shape the organization's security strategy while implementing and maintaining robust security measures.

Examples of Essential Duties

Duties may include, but are not limited to the following.

• Execute the organization's risk-based cybersecurity strategy to protect systems, data, and operations.
• Establish, enforce, and continuously improve security policies, standards, and procedures aligned with organizational goals.
• Collaborate with internal teams and external partners to integrate security across all aspects of operations.
• Enhance cybersecurity visibility by developing dashboards that provide actionable insights for executives and IT teams.
• Oversee the design and implementation of secure IT architectures in collaboration with technical teams.
• Automate security monitoring and incident response workflows using SOAR frameworks.
• Oversee security monitoring and analytics capabilities through SIEM and threat-hunting tool.
• Work with cybersecurity partners to investigate and report on security events.
• Conduct risk assessments, vulnerability assessments; implement remediation strategies.
•  Ensure compliance with applicable regulatory and industry security and privacy standards relevant to the State Bar.
• Oversee encryption solutions and ensure timely application of security patches and updates.
• Develop, test, and maintain an incident response plan; investigate and remediate security incidents.
• Conduct engaging security awareness training to promote a security-first culture.
• Evaluate and implement advanced security tools to enhance the organization’s security posture and resilience.
• Maintain detailed documentation of security policies, procedures, and incidents.
• Execute cloud security strategy to support the State Bar’s Hybrid & Multi-Cloud solutions across various providers. 
• Research and evaluate emerging technologies to enhance the organization’s security posture and resilience.
• Provide actionable reports to senior management on cybersecurity risks, status, and improvement initiatives.

Employment Standards

Knowledge of:

• Cybersecurity tools and technologies, including Next-Generation Firewalls (NGFWs), Extended Detection and Response (XDR), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), and Security Information and Event Management (SIEM) systems.
• Secure system and network design principles, including Zero Trust Architecture (ZTA) and Defense in Depth.
• Cloud security frameworks and tools (e.g., Microsoft Defender for Cloud, Microsoft Sentinel, and CIS Cloud Controls).
• Encryption technologies and secure data handling practices, including data at rest, in transit, and during processing.
• Systems Hardening
• Compliance frameworks and regulatory security and privacy standards (e.g., FedRAMP, NIST, ISO 27001, GDPR, HIPAA, PCI DSS).
• Emerging cybersecurity threats, trends, and innovations, including AI/ML implications in security and supply chain risk management.
• Incident response frameworks,
• Methods for conducting risk assessments, vulnerability assessments, penetration testing and threat intelligence.
• Security training and awareness best practices to foster a security-conscious culture.
• Effective documentation and reporting methods for policies, procedures, and incident records.

Ability to:

•  Oversee the implementation and management of security technologies.
• Design and implement secure networks and systems, incorporating ZTA and Defense in Depth principles.
• Interpret and apply compliance frameworks and regulatory standards.
• Analyze and resolve security incidents proactively using problem-solving skills.
• Communicate complex security concepts to technical and non-technical audiences.
• Mentor and develop high-performing cybersecurity teams.
• Collaborate across organizational levels and external stakeholders to develop security solutions.
• Adapt to changing priorities while maintaining alignment with organizational goals.
• Present strategies and recommendations clearly and persuasively.
• Maintain confidentiality and professionalism in handling sensitive information.

Minimum Qualifications

Education

• Bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience).

Experience

• Minimum of five (5) years of experience in IT security, combining leadership and hands-on technical roles.

Applicants who meet the Minimum Qualifications will be required to successfully complete the State Bar’s selection process for this classification.

License, Certificate, Registration Requirements

• Professional certifications such as CISSP or equivalent are a plus but not required.

Applicants who meet the Minimum Qualifications will be required to successfully complete the State Bar’s selection process for this classification.

About the State Bar

The State Bar of California’s mission is to protect the public and includes the primary functions of licensing, regulation, and discipline of attorneys; the advancement of the ethical and competent practice of law; and support of efforts for greater access to, and inclusion in, the legal system.

Our Values

Clarity | Investing in Our People | Excellence | Respect | Growth Mindset

Learn more about our values.

DEI Statement

We are a diverse, equitable, and inclusive workplace where all of our employees and prospective employees experience fairness, dignity, and respect.

Learn more about our commitment to DEI.