Full-time
Chief Information Security Officer - City of Dallas, TX - Dallas, TX

This job is considered a senior-level position that requires extensive experience with IT Security related business activities and information systems. Information technology plays a vital and ever-expanding role in the city mission. The Chief Information Security Officer (CISO) is a knowledgeable leader that will provide vision, strategy, broad-based planning, and hands-on responsibility. Responsible for planning, developing, managing, and overseeing the City's enterprise information security strategy, policy, and standards in support of the City's information security architecture. Coordinates assigned activities with the Information and Technology Services department, other City departments, and outside agencies; provides highly responsible and complex administrative support to the CIO. Exercises direct supervision over assigned staff. Essential Functions The CISO is an advocate for the City's total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the city. The CISO leads the development and implementation of a security program that leverages collaborations and city-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the city level. Reviews security and trend analysis reports. Provides risk assessments and security briefings to advise on critical issues that may affect customer or enterprise-wide security. Implements and maintains central logging facilities. Consults with customers on the data classification of their resources. Defines metrics to be used for management status and statistical reports. Provides subject matter expertise and sets the direction for enterprise-wide information security strategies, projects, and policies. Plans, designs, and implements security measures, policies, and procedures. Consults with senior IT and City leaders regarding their information security risks and responsibility in minimizing those risks. Ensures that the City's IT environment is secure and complies with city, state and federal standards. Oversees the monitoring of information from government and industry regarding the identification of new threats and vulnerabilities. Directs security audits, vulnerability assessments, and related tasks. Ensures that the integrity, confidentiality, and access of information to end users. Collaborates with City departments to develop security and business standards and action plans. Provides assistance to the Chief Information Officer, City Manager, and City Council; and prepares and presents staff reports and other necessary communications to advise on critical issues that may affect enterprise-wide security. Responds to and resolves sensitive inquiries and complaints from both internal and external sources. Acts as the City advocate for information security and business continuance best Interviews, selects, supervises, develops, evaluates, counsels, and if necessary, disciplines personnel according to established COSA policies, procedures, and guidelines. Works closely with Chief Technology Officer to define and implement information technology security architecture standards, Service Level Agreements, and process improvement initiatives. Coordinates the preparation of the security program operating budget. Attends and participates in professional group meetings and stays abreast of new trends and innovations as they relate to information security. Manage city-wide information security governance processes, chair the Information Security Advisory Committee and lead Information Security Liaisons in the establishment of an information security program and project priorities. Develop a strategy for dealing with an increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI, ITAR, Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities. Keep abreast of security incidents and act as a primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise. Regular, reliable and punctual attendance is an essential function of the job. Minimum Qualifications Bachelor's Degree from an accredited college or university with major coursework in Computer Science, Computer Information Systems, Management Information Systems, or a related field. Requires in-depth knowledge of security issues, techniques, and implications across all existing and future computer platforms. Ten (10) years of increasingly responsible professional experience in the field of information systems, including five (5) years managing enterprise information security and personnel. Knowledge of general IT auditing procedures and practices such as Control Objectives for Information and related Technology (COBIT) and International Organization for Standardization (ISO) Information Security Standards.

Certification, Registration, or Licensure May be required to be certified, registered, or licensed in a specialty area. Knowledge, Skills & Abilities Skill in operating a personal computer and utilizing information security software. Ability to independently establish and implement a City-wide security policy. Ability to assess, analyze and propose efficient and cost-effective solutions to identified risks. Knowledge of organizational and management practices as applied to the analysis and evaluation of security programs, policies, and operational needs. Knowledge of network and web related protocols (e.g. UDP, IPSEC, HTTP, HTTPS, routing protocols). Knowledge of Security Information Management (SIM) tools. Knowledge of applicable federal, state, and local law and regulations. Knowledge of security products, tools, and processes. Ability to establish and maintain an effective working relationship with all levels of management, city officials, vendors, other government agencies, other employees and the general public. Ability to effectively communicate both orally and in writing and negotiate with technical staff, consultants, contractors, governmental agencies, city management, and citizens.

Expired, click here to search for relevant jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.