Chief Information Security Officer (Information Systems)

POSITION RESPONSIBILITIES:

Essential Functions

The duties and responsibilities of this position include, but are not necessarily limited to:


* Accountable for overall performance and efficacy of security projects and programs


* Analyzing security risks.


* Recommending and implementing security safeguards.


* Monitoring compliance to security laws and regulations.


* Investigating information security incidents.


* Manage security reporting & executive reporting.


* Oversee end user security awareness program.


* Manage regular security tasks.


* Serve as project manager for designated security projects.


* Review security of equipment configurations.


* Maintain security documentation.


* Oversee and manage vulnerability management.


* Evaluate purchasing decisions and install new equipment. 


* Support the organization's business continuity and disaster recovery planning and response.


* Schedules and conducts tabletop exercises and simulations.


* Works with CIO and IT leadership team on risk management and risk reporting.


* Design and manage the implementation of governance efforts. 


* Create and review policies and procedures to align with established standards.


* Manage security audits and assessments and resulting findings.

MINIMUM EDUCATION AND EXPERIENCE:


* Bachelor’s degree in Computer Science, Information Technology, or other related field of study


* Five years of firewall administration experience.


* Five years of experience in information systems architecture and design


* Five years of experience in incident management/incident response


* Eight years’ experience in network administration or cyber security


* IT Security Certifications required, Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM) or other approved certification. 


* Valid state-issued driver’s license required for local travel to County sites. 


* Any equivalent combination of experience and training which provides the required knowledge, skills and abilities.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES:


* Expert knowledge of OSI Model’s Layer 2 through Layer 7 network traffic


* Expert knowledge in current cybersecurity best practices and trends


* Ability to work with coach technical team members to ensure that all solutions are secure.


* Ability to work with external vendors and contractors to evaluate new products and maintenance of existing products.


* Strong attention to detail and ability to solve problems effectively. 


* Expert knowledge of firewall and security configuration


* Expert knowledge of routing and switching infrastructure, configuration, and protocols


* Knowledge of Microsoft server configurations and active directory 


* Expertise in project management


* Knowledge of enterprise technology topology, including data center...