Chief Information Security Officer

Job Duties

• Establish the enterprise vision, strategy, and program to ensure all information assets and technologies remain adequately protected.

• Identify and assess information security risks to guarantee the confidentiality, integrity, and availability of critical department data.

• Create and implement robust security policies, procedures, and standards to safeguard organizational information assets.

• Lead the response to security incidents and breaches while coordinating with relevant departments to minimize impact.

• Ensure organizational compliance with all relevant laws, regulations, and industry-specific security standards.

• Manage a dedicated team of IT security professionals by providing technical guidance and performance support.

• Collaborate with executive leadership to align security initiatives with broader public safety objectives and goals.

• Promote security awareness and training programs across the department to educate employees on their security roles.

• Monitor system access, change management, and intrusion detection to maintain a high level of operational security.

• Direct vulnerability management, endpoint security, and disaster recovery efforts to enhance system resilience.

Requirements

• Manage complex information security programs and risk management practices within a government environment.

• Design and implement sophisticated IT security solutions based on a deep understanding of modern cyber threats.

• Apply cybersecurity frameworks such as NIST, CIS Controls, PCI-DSS, and HIPAA to enterprise environments.

• Demonstrate technical knowledge of LAN/WAN, systems administration, Active Directory, and PowerShell.

• Administer security technologies involving virtualization, cloud platforms, and data loss prevention.

• Utilize industry tools such as CrowdStrike, McAfee, and Rapid7 for monitoring and threat mitigation.

• Work flexible shifts including nights, weekends, and holidays as required by emergency response agency needs.

• Maintain high-level certifications such as CISSP, CISM, C-CISO, or equivalent GIAC credentials.

• Oversee vendor management and physical security integration within a large-scale IT infrastructure.

Qualifications

• Hold a baccalaureate degree from an accredited college in a relevant field of study.

• Possess four years of satisfactory full-time experience related to high-level IT projects and policies.

• Demonstrate at least 6 years of practical experience specifically in designing and implementing IT security solutions.

• Meet the equivalent combination of education and experience required for the IT Security Specialist 95622 designation.