Cyber Security Officer

Job Description:

The Cyber Security Officer (CSO) will be responsible for overseeing the Cybersecurity program. This role will report directly the Chief Technology Innovations Officer of the Information Technology Department (ITD) and will be part of the ITD management team. This is a hands-on position with the primary role to safeguard the technology and data from security breaches.

The CSO will be responsible for the planning, organization and direction of cyber risk activities. You will operate proactively and independently overseeing all aspects of cyber risk and security. This includes interaction with management from all departments to determine acceptable risk levels.

Duties will include:

Develop cyber policies, processes, methodologies, and plans to safeguard the  technology and data from security breaches.

•          Acts as the project manager for selecting and implementing security-based hardware and software solutions.

Manage City cybersecurity projects, cybersecurity vendors, and cybersecurity tools.

Compliance with cyber regulations in interoperability with local, state, federal IT systems.

Be point of contact for all cyber issues within the City.

Develop and conduct cyber risk training – at appropriate levels for  employees.

Oversee the development and implementation of disaster recovery and business continuity plans to ensure that appropriate information technology security measures are addressed.

Tests, monitors and performs regular analysis of the effectiveness of the  security tools and incident response measures.

•          Perform regular vulnerability assessments and penetration testing. Review security weaknesses and recommend mitigation of vulnerabilities.

•          Coordinates, investigates, and reports on cybersecurity incidents; manages and implements recommendations for incident response.

Prepare oral and written reports for senior management.

Ensure compliance with regulatory obligations, such as Criminal Justice Information Services (CJIS), Payment Card Industry Data Security Standards (PCI), and Health Insurance Portability and Accountability Act (HIPAA).

Skills and Desirable Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Public Administration, Business Administration or similar. A Master’s degree is desirable.
• Minimum 5 years of responsible experience in cyber security and technology analysis and management for substantial organizations, preferably in a government security environment.
• Knowledge of Cybersecurity controls, procedures, and regulations
• Knowledge of local, state, and federal laws and regulations relevant to cybersecurity, privacy, and computer crime.
• Strong interpersonal and communication (oral and written) skills.
• Team oriented, collaborative, comfortable providing security guidance for multiple departments.
• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or equivalent information security certification is desirable.

Ideal Candidate:

The ideal candidate is someone who can demonstrate a passion for cybersecurity management with a desire for continuous learning and improvement. The person should have excellent interpersonal and customer service skills. The person should be detail-oriented and able to work independently.