1. Provide security expertise in NIST 800-53 and ISO 270001/2 controls, PCI, HIPAA and CJIS compliance and helps CSB to create best practice frameworks, policy creation and business impact analysis
  2. Design and implement a program which includes development and implementation of efficient IT policies and procedures.
  3. Collaborates and effectively engages with ITS teams, departments’ stakeholders and leadership across the County to develop, define and build risk assessment methodology with identified business priorities
  4. Responsible for managing the program to achieve full compliance with the County defined IT Controls, and Security programs, and implementation of IT procedures focused on efficiency, effectiveness and risk avoidance.
  5. Collaborate with the ITS team, internal audit and the corporate security team to assess, remediate and prevent information technology risks.
  6. Management and reporting of risk and security metrics.
  7. Perform ongoing education and training in Information Security related areas
  8. Development of IT Strategies and roadmap.
  9. Provides oversight and project management of various internal and external audits, PCI, HIPAA and CJIS compliance and risk/ control assessment engagements, and regular penetration testing

Required Skills:

  1. One or more of the following professional certifications requited: Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professionals (CISSP), Certified Information Security Manager (CISM) or Certified Information Privacy Professional (CIPP)
  2. Bachelor’s degree from an accredited college in Technology related discipline (e.g. Computer Science, Engineering, Information Systems, etc.) or equivalent experience/combined education.
  3. Minimum of three (3) years’ experience in the last five (5) years as an IT Security Compliance Manager, supporting a complex enterprise security environment for a large public or private organization.
  4. Minimum of three (3) years of experience in the past five (5) years as an IT Security Compliance Manager, supporting Enterprise Multi-Tenant environment, include responding, containing, remediating, and reporting on the infrastructure connecting to County Departments and Public Cloud Providers, such as AWS, Azure and/or GCP.
  5. Minimum of two (2) years’ experience in the last three (3) years analyzing, responding, and remediating enterprise network & security architectures.
  6. Minimum of two (2) years’ experience in the last three (3) years leading IT Security/Information Security teams.
  7. Demonstrated ability to create clear, concise technical documentations such as procedures, Visio diagrams, and system support documents, and strong presentation skills with experience using Microsoft PowerPoint.

To apply for this job email your details to