City of Tucson
Chief Information Security Officer
City of Tucson, Tucson, Arizona, United States, 85718
POSITION DUTIES AND QUALIFICATIONSSUMMARY OF DUTIES:
Designs and directs a citywide information security program and partners with city leadership on risk management to provide the protection and confidentiality of data and other information assets of the city.
This job reports to: Chief Information Officer
DUTIES AND RESPONSIBILITIES:The Chief Information Security Officer position at the City of Tucson’s Information Technology (IT) Department is responsible for the development and implementation of a comprehensive citywide information security program. This position manages risks, ensures data protection, and compliance with legal, external, and public interest obligations.
Work is performed under the supervision of the Director of Information Technology. This position exercises supervision over cybersecurity and compliance personnel.
Develops short- and long-term strategies for optimizing the City's Information Security Plan, formulates policies to detect and mitigate threats, and advises the City Manager’s Office on data security for major IT projects. Oversees disaster recovery, business continuity, and the Cybersecurity team's budget and operations, ensuring comprehensive IT engagement and operational effectiveness. Represents the division in meetings with county, state, and advisory bodies on City data security policies and programs.
Collaborates with risk management and leadership to establish and maintain the City's risk register to ensure effective cybersecurity risk management and accountability tracking. Oversees citywide security policies, the Written Information Security Program (WISP), and data governance, while promoting ongoing security and privacy training across all organizational levels. Sets citywide processes for protecting electronic and physical environments and leads cross-departmental efforts to address process violations and compromised data.
Leads security management practices, designs secure architecture, and ensures compliance with policies while monitoring system performance. Collaborates with IT leaders to track anomalies, investigate threats, and address vulnerabilities based on prioritized response plans. Conducts audits, resolves security gaps, and manages contracts for security software and equipment and presents recommendations.
Oversees threat and vulnerability assessments, conducts routine network and system evaluations for abnormal behavior, and prioritizes response plans. Manages penetration testing and investigates unsecured data or systems, ensuring compliance with policies and governance. Restricts access and blocks threats in high-risk areas, working with relevant parties for swift resolution.
Recommends professional development for IT security staff and department data officers, coordinating training and awareness programs. Partners with the Public Information Office to guide the public on cyber hygiene and awareness. Addresses threats from bad actors misrepresenting City identities.
Provides supervision through clear direction, sets performance expectations, and guides the team's efforts toward achieving goals. Conducts performance reviews, offers constructive feedback, and supports employee development. Participates in the hiring process by interviewing candidates and making recommendations for new hires.
Performs all other duties and tasks as assigned.
Working ConditionsMostly office environment.
All duties, responsibilities listed are subject to change.
MINIMUM REQUIRED QUALIFICATIONS:Education:
Bachelor's degree
Work Experience:
Five (5) years of directly related experience
License:
Any combination of relevant education and experience may be substituted on a year-for-year basis.
ADDITIONAL MINIMUM REQUIRED QUALIFICATIONS:Education:
Bachelor's degree
Five (5) years of directly related experience
License/Certifications:
Languages:
PREFERRED QUALIFICATIONS:Seven (7) years in information technology or security management with five (5) years concentrated in information security. At least 4 of required 7 years in Lead or Supervisory capacity in a related functional area.
Experience in: information security principles and frameworks (NIST, ISO 27001/2), designing, implementing, and managing security programs, remote access systems (RAS), digital certificates, sniffers, Demilitarized Zones (DMZ)/Transaction Zones, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information & Event Management (SIEM), ICS/SCADA, Internet of Things(IOT), cloud security, business continuity planning, auditing, security automation and orchestration tools, Health Insurance Portability and Accountability Act(HIPAA), Criminal Justice Information Systems(CJIS), Payment Card Industry(PCI) and related regulatory compliance requirements, risk management, contract and vendor negotiation, and physical security.
Certification in: Certified Information Security Auditor (CISA), CompTIA+ Security. Active membership in professional information security organizations (ISSA, ISACA etc.).
ADDITIONAL POSITION INFORMATION:Position Title:
Chief Information Security Officer
Department Name: Information Technology
Department Link: No Website
Recruiter Name: Dmitriy Adamia
Recruiter Email: ccs_hr@tucsonaz.gov
FTE%: 100
FLSA: Exempt
Position Type: Regular
COMPENSATION & BENEFITSFull Hourly Range: $51.78 - 89.33 USD
The Full Hourly Range reflects the City of Tucson's pay range at the time of posting. The City of Tucson considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, key skills, and internal equity.
The City of Tucson offers a generous benefits package for benefit-eligible positions. The comprehensive, flexible, and affordable coverage is designed to optimize health and well-being, security and future, and peace of mind. Benefits begin with medical, dental, vision, life, disability, and FSA coverage, surpassing your standard 401(k) program by offering a rich pension plan plus optional Roth and pretax deferred compensation savings.
With your well-being in mind, our paid time off program provides new hires with 38 paid days off in the first year of employment, with time off increasing steadily in subsequent years. We offer twelve weeks of paid parental leave, paid tuition reimbursement, student loan repayment, off- and on-the-job training, and opportunities to forge connections with peers and the community through employee resource groups and paid volunteer hours.
You can learn more about our benefits at
this link .
POSTING INFORMATIONPosting Close Date:
Applicants must submit their completed application by 11-02-2024 at 11:59 p.m. MST
APPLICATION INSTRUCTIONSPlease see the special application instructions below and follow the directions for applying to this position.
Special Instructions:
The Certified Information Systems Security Professional (CISSP) must be obtained within (6) six of hire and must be maintained throughout employment in this position.
Physical and lifting abilities/requirements are determined by position and are included in the position description.
Background Check: This position has been designated to require a criminal background check.
CITY OF TUCSON IS AN EQUAL OPPORTUNITY/AFFIRMATIVE ACTION EMPLOYER
and does not discriminate based on race, color, religion, sex (including sexual orientation, gender identity, and pregnancy), national origin, veteran status, age, disability, genetic testing, or any other protected status. If you believe you have been a victim of discrimination, you may file a complaint with the City of Tucson's Office of Equal Opportunity Programs, U.S. Equal Employment Opportunity Commission (EEOC) or Arizona Attorney General's Office of the Civil Rights Division (ACRD).
The City of Tucson employs only U.S. citizens and lawfully authorized non-U.S. citizens. All new employees must show employment eligibility verification as required by the U.S. Citizenship and Immigration Services.
The City of Tucson is committed to providing access and reasonable accommodation for individuals with disabilities or who require religious accommodation; please contact Human Resources at EmployeeLeaves@tucsonaz.gov or 520-791-2619.
City of Tucson is an Equal Opportunity/Affirmative Action/Veterans/Disability Employer.
Questions? If you need assistance applying for any position, please contact recruitment@tucsonaz.gov or 520-791-4241.
#J-18808-Ljbffr
Designs and directs a citywide information security program and partners with city leadership on risk management to provide the protection and confidentiality of data and other information assets of the city.
This job reports to: Chief Information Officer
DUTIES AND RESPONSIBILITIES:The Chief Information Security Officer position at the City of Tucson’s Information Technology (IT) Department is responsible for the development and implementation of a comprehensive citywide information security program. This position manages risks, ensures data protection, and compliance with legal, external, and public interest obligations.
Work is performed under the supervision of the Director of Information Technology. This position exercises supervision over cybersecurity and compliance personnel.
Develops short- and long-term strategies for optimizing the City's Information Security Plan, formulates policies to detect and mitigate threats, and advises the City Manager’s Office on data security for major IT projects. Oversees disaster recovery, business continuity, and the Cybersecurity team's budget and operations, ensuring comprehensive IT engagement and operational effectiveness. Represents the division in meetings with county, state, and advisory bodies on City data security policies and programs.
Collaborates with risk management and leadership to establish and maintain the City's risk register to ensure effective cybersecurity risk management and accountability tracking. Oversees citywide security policies, the Written Information Security Program (WISP), and data governance, while promoting ongoing security and privacy training across all organizational levels. Sets citywide processes for protecting electronic and physical environments and leads cross-departmental efforts to address process violations and compromised data.
Leads security management practices, designs secure architecture, and ensures compliance with policies while monitoring system performance. Collaborates with IT leaders to track anomalies, investigate threats, and address vulnerabilities based on prioritized response plans. Conducts audits, resolves security gaps, and manages contracts for security software and equipment and presents recommendations.
Oversees threat and vulnerability assessments, conducts routine network and system evaluations for abnormal behavior, and prioritizes response plans. Manages penetration testing and investigates unsecured data or systems, ensuring compliance with policies and governance. Restricts access and blocks threats in high-risk areas, working with relevant parties for swift resolution.
Recommends professional development for IT security staff and department data officers, coordinating training and awareness programs. Partners with the Public Information Office to guide the public on cyber hygiene and awareness. Addresses threats from bad actors misrepresenting City identities.
Provides supervision through clear direction, sets performance expectations, and guides the team's efforts toward achieving goals. Conducts performance reviews, offers constructive feedback, and supports employee development. Participates in the hiring process by interviewing candidates and making recommendations for new hires.
Performs all other duties and tasks as assigned.
Working ConditionsMostly office environment.
All duties, responsibilities listed are subject to change.
MINIMUM REQUIRED QUALIFICATIONS:Education:
Bachelor's degree
Work Experience:
Five (5) years of directly related experience
License:
Any combination of relevant education and experience may be substituted on a year-for-year basis.
ADDITIONAL MINIMUM REQUIRED QUALIFICATIONS:Education:
Bachelor's degree
Five (5) years of directly related experience
License/Certifications:
Languages:
PREFERRED QUALIFICATIONS:Seven (7) years in information technology or security management with five (5) years concentrated in information security. At least 4 of required 7 years in Lead or Supervisory capacity in a related functional area.
Experience in: information security principles and frameworks (NIST, ISO 27001/2), designing, implementing, and managing security programs, remote access systems (RAS), digital certificates, sniffers, Demilitarized Zones (DMZ)/Transaction Zones, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information & Event Management (SIEM), ICS/SCADA, Internet of Things(IOT), cloud security, business continuity planning, auditing, security automation and orchestration tools, Health Insurance Portability and Accountability Act(HIPAA), Criminal Justice Information Systems(CJIS), Payment Card Industry(PCI) and related regulatory compliance requirements, risk management, contract and vendor negotiation, and physical security.
Certification in: Certified Information Security Auditor (CISA), CompTIA+ Security. Active membership in professional information security organizations (ISSA, ISACA etc.).
ADDITIONAL POSITION INFORMATION:Position Title:
Chief Information Security Officer
Department Name: Information Technology
Department Link: No Website
Recruiter Name: Dmitriy Adamia
Recruiter Email: ccs_hr@tucsonaz.gov
FTE%: 100
FLSA: Exempt
Position Type: Regular
COMPENSATION & BENEFITSFull Hourly Range: $51.78 - 89.33 USD
The Full Hourly Range reflects the City of Tucson's pay range at the time of posting. The City of Tucson considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, key skills, and internal equity.
The City of Tucson offers a generous benefits package for benefit-eligible positions. The comprehensive, flexible, and affordable coverage is designed to optimize health and well-being, security and future, and peace of mind. Benefits begin with medical, dental, vision, life, disability, and FSA coverage, surpassing your standard 401(k) program by offering a rich pension plan plus optional Roth and pretax deferred compensation savings.
With your well-being in mind, our paid time off program provides new hires with 38 paid days off in the first year of employment, with time off increasing steadily in subsequent years. We offer twelve weeks of paid parental leave, paid tuition reimbursement, student loan repayment, off- and on-the-job training, and opportunities to forge connections with peers and the community through employee resource groups and paid volunteer hours.
You can learn more about our benefits at
this link .
POSTING INFORMATIONPosting Close Date:
Applicants must submit their completed application by 11-02-2024 at 11:59 p.m. MST
APPLICATION INSTRUCTIONSPlease see the special application instructions below and follow the directions for applying to this position.
Special Instructions:
The Certified Information Systems Security Professional (CISSP) must be obtained within (6) six of hire and must be maintained throughout employment in this position.
Physical and lifting abilities/requirements are determined by position and are included in the position description.
Background Check: This position has been designated to require a criminal background check.
CITY OF TUCSON IS AN EQUAL OPPORTUNITY/AFFIRMATIVE ACTION EMPLOYER
and does not discriminate based on race, color, religion, sex (including sexual orientation, gender identity, and pregnancy), national origin, veteran status, age, disability, genetic testing, or any other protected status. If you believe you have been a victim of discrimination, you may file a complaint with the City of Tucson's Office of Equal Opportunity Programs, U.S. Equal Employment Opportunity Commission (EEOC) or Arizona Attorney General's Office of the Civil Rights Division (ACRD).
The City of Tucson employs only U.S. citizens and lawfully authorized non-U.S. citizens. All new employees must show employment eligibility verification as required by the U.S. Citizenship and Immigration Services.
The City of Tucson is committed to providing access and reasonable accommodation for individuals with disabilities or who require religious accommodation; please contact Human Resources at EmployeeLeaves@tucsonaz.gov or 520-791-2619.
City of Tucson is an Equal Opportunity/Affirmative Action/Veterans/Disability Employer.
Questions? If you need assistance applying for any position, please contact recruitment@tucsonaz.gov or 520-791-4241.
#J-18808-Ljbffr