Purpose: |
|
Under direction of the Information Security Office (ISO), this position promotes, supports, and implements the City’s Information Security Program by managing related projects, teams, operations, and programs. |
Duties, Functions and Responsibilities: |
|
Essential duties and functions, pursuant to the Americans with Disabilities Act, may include the following. Other related duties may be assigned.
- Provides leadership and manages the development and delivery of information security and privacy standards, architecture, and systems to provide information security and privacy guidance across one or more departments.
- Manages incident response and business continuity procedures to respond to and recover from information security and privacy incidents.
- Evaluates and selects information security applications and systems.
- Implements processes and methods for auditing and addressing non-compliance to information security and privacy standards; recommends mitigation of non-compliant environments.
- Manages and participates in the planning and implementation of security and privacy administration for all information security and privacy projects.
- Makes recommendations and oversees the implementation of changes to work methods and procedures to make them more effective or to strengthen information security and privacy measures.
- Aligns information security and privacy tasks to the priorities established by the City or the information security program; monitors assets to detect security and privacy vulnerabilities and incidents.
- Assists management in stakeholder engagements, resource acquisition, strategic planning, interdepartmental collaboration, and office development.
- Functions as business partner; builds business relationships with stakeholder representatives; and frequently interacts with representatives to discuss information security and privacy risk, incident response, policies, controls, and training.
- Establishes strategic goals that support the department’s or City-wide objectives by gathering pertinent business, financial, service, and operations information; identifying and evaluating trends and options; choosing a course of action; defining objectives; and evaluating outcomes.
- Oversees and manages contract compliance.
|
Responsibilities - Supervisor and/or Leadership Exercised: |
|
May be responsible for the full range of supervisory activities: selection, training, evaluation, counseling, and recommendation for dismissal.
|
Knowledge, Skills, and Abilities: |
|
Must possess required knowledge, skills, abilities, and experience and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.
- Knowledge of Federal, State, and Local laws and ordinances and other requirements governing technology, security, privacy, and risk.
- Knowledge of computer networks, hardware, and software, including applications and programming.
- Knowledge of the practical application of information security and/or privacy architecture and engineering, including applying principles, techniques, procedures, and tools to the design and implementation guidance of security and privacy controls.
- Knowledge of business and management principles involved in strategic planning, resource allocation, human resources modeling, leadership technique, production methods, and coordination of people and resources.
- Skill in handling multiple tasks and prioritizing.
- Skill in oral and written communication tailoring to stakeholder needs.
- Skill in planning and organizing.
- Skill in data analysis and problem solving.
- Skill in handling conflict and uncertain situations.
- Skill in using computers and related software applications.
- Skill in ensuring complex application, process, or configuration information is documented and maintained.
- Skill in installing and maintaining applications, operating systems, or equipment.
- Skill in providing technical support in a variety of work environments.
- Skill in adapting communication styles to maximize amount and quality of information.
- Ability to collaborate and compile clear and concise reports.
- Ability to take initiative and seek innovative solutions.
- Ability to communicate complex information clearly and effectively to various audiences.
- Ability to establish and maintain effective communication and working relationships with City personnel, vendors, contract service providers, and the public.
- Ability to cooperate with others by sharing information, presenting ideas and concerns, and asking and answering questions.
- Ability to work with frequent interruptions and changes in priorities.
- Ability to work, collaborate, and, when required, lead in a team environment.
- Ability to perform complex information security and privacy analysis, audits, reviews, and other logistics requirements and performance reporting.
- Ability to document and flowchart computer-based systems.
- Ability to understand audit data, documents, and reports.
- Ability to facilitate and deliver training.
- Ability to process information, commit to definite course of action, and maintain composure.
- Ability to perform self-management behaviors in conscious and productive way.
- Ability to provide exceptional customer service at all times.
- Ability to maintain highest standards of conduct, integrity, and professionalism in all matters.
- Ability to exercise tact, objective judgment, and effective conflict resolution skills when confronted with confrontational or adversarial situations.
- Ability to continuously learn and grow through the development of new skills, pursuit of applicable professional certifications, and involvement in professional organizations.
|
Minimum Qualifications: |
|
- Graduation with a Bachelor’s degree from an accredited college or university, plus four (4) years of related experience, including one (1) year of experience which were in personnel, project, or program management.
- Graduation with a Master's degree from an accredited college or university may substitute for experience up to two (2) years.
- Experience may substitute for education up to four (4) years.
- Industry certifications may be considered as substitution for education.
|
Licenses and Certifications Required: |
|
None.
|