Purpose: |
|
Under direction of the Information Security Office (ISO), this position promotes, supports, and implements the City’s Information Security Program as a senior member. |
Duties, Functions and Responsibilities: |
|
Essential duties and functions, pursuant to the Americans with Disabilities Act, may include the following. Other related duties may be assigned.
- Participates in the development and implementation of procedures to support information security and privacy strategies and policies.
- Participates on project teams of large enterprise or department projects to support compliance with applicable information security and privacy policies and standards.
- Assists in conducting information security or privacy awareness activities, such as presentations, training development, and other awareness methods.
- Performs information security and privacy control assessments for systems.
- Evaluates cybersecurity and privacy tools; reviews proposals for purchases of new hardware and software; and analyzes the potential impact from using these technologies.
- Coordinates, performs, and tracks vulnerability and penetration testing; monitors and reviews log information from various networks or systems.
- Participates in information security, privacy, or risk assessments and remediation efforts for new and existing assets and data.
- Analyzes log files from a variety of sources to investigate any potential compromise of City networks or other electronic resources; and participates in cybersecurity incident response and investigation.
- Leads incident response activities for information security and privacy incidents.
- Assists in providing contract oversight.
|
Responsibilities - Supervisor and/or Leadership Exercised: |
|
May provide leadership, work assignments, evaluation, and guidance to others.
|
Knowledge, Skills, and Abilities: |
|
Must possess required knowledge, skills, abilities, and experience and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.
- Knowledge of City practices, policies, and procedures.
- Knowledge of Federal, State, and Local laws and ordinances and other requirements governing technology, security, privacy, and risk.
- Knowledge of applicable processes, techniques, and methods.
- Knowledge of data networks, systems, security and privacy capabilities, and security and privacy tools.
- Knowledge of principles and practices of systems and network operating system implementation and support.
- Skill in handling multiple tasks and prioritizing.
- Skill in oral and written communication.
- Skill in planning and organizing.
- Skill in data analysis and problem solving.
- Skill in handling conflict and uncertain situations.
- Skill in using computers and related software applications.
- Skill in documenting and maintaining complex application and process or configuration information.
- Skill in installing and maintaining applications, operating systems, or equipment.
- Skill in providing technical support in a variety of work environments.
- Ability to collaborate and compile clear and concise reports.
- Ability to take initiative and seek innovative solutions.
- Ability to communicate complex information clearly and effectively to various audiences.
- Ability to establish and maintain effective communication and working relationships with City personnel, vendors, contract service providers, and the public.
- Ability to cooperate with others by sharing information, presenting ideas and concerns, and answering questions.
- Ability to work with frequent interruptions and changes in priorities.
- Ability to work, collaborate, and when required, lead in a team environment.
- Ability to perform complex information security and privacy analysis, audits, reviews, and other logistics requirements and performance reporting.
- Ability to document and flowchart computer-based systems.
- Ability to understand audit data, documents, and reports.
- Ability to facilitate and deliver training.
- Ability to continuously learn and grow through the development of new skills, pursuit of applicable professional certifications, and involvement in professional organizations.
|
Minimum Qualifications: |
|
- Graduation with a Bachelor’s degree from an accredited college or university, plus three (3) years of related experience.
- Graduation with a Master’s degree from an accredited college or university may substitute for experience up to two (2) years.
- Experience may substitute for education up to four (4) years.
- Industry certifications may be considered as substitution for education.
|
Licenses and Certifications Required: |
|
None.
|