Chief Information Security Officer

$107,702 - $185,806/Yr

City of Tucson - Tucson, AZ

posted about 1 month ago

Full-time - Senior
Tucson, AZ
5,001-10,000 employees
Executive, Legislative, and Other General Government Support

About the position

The Chief Information Security Officer (CISO) at the City of Tucson is responsible for designing and directing a comprehensive citywide information security program. This role involves managing risks, ensuring data protection, and compliance with legal and public interest obligations, while collaborating with city leadership to safeguard the city's information assets.

Responsibilities

  • Develops short- and long-term strategies for the City's Information Security Plan.
  • Formulates policies to detect and mitigate threats.
  • Advises the City Manager's Office on data security for major IT projects.
  • Oversees disaster recovery, business continuity, and the Cybersecurity team's budget and operations.
  • Represents the division in meetings with county, state, and advisory bodies on City data security policies and programs.
  • Collaborates with risk management and leadership to maintain the City's risk register.
  • Oversees citywide security policies, the Written Information Security Program (WISP), and data governance.
  • Promotes ongoing security and privacy training across all organizational levels.
  • Sets citywide processes for protecting electronic and physical environments.
  • Leads cross-departmental efforts to address process violations and compromised data.
  • Designs secure architecture and ensures compliance with policies while monitoring system performance.
  • Collaborates with IT leaders to track anomalies, investigate threats, and address vulnerabilities.
  • Conducts audits, resolves security gaps, and manages contracts for security software and equipment.
  • Oversees threat and vulnerability assessments and conducts routine network evaluations.
  • Manages penetration testing and investigates unsecured data or systems.
  • Restricts access and blocks threats in high-risk areas.
  • Recommends professional development for IT security staff and department data officers.
  • Partners with the Public Information Office to guide the public on cyber hygiene and awareness.
  • Provides supervision through clear direction and sets performance expectations.
  • Conducts performance reviews and supports employee development.

Requirements

  • Bachelor's degree in a relevant field.
  • Five (5) years of directly related experience in information technology or security management.
  • Certification in Certified Information Security Auditor (CISA) or CompTIA+ Security.

Nice-to-haves

  • Seven (7) years in information technology or security management with five (5) years concentrated in information security.
  • Experience with information security principles and frameworks (NIST, ISO 27001/2).
  • Experience in designing, implementing, and managing security programs.
  • Active membership in professional information security organizations (ISSA, ISACA).

Benefits

  • Medical, dental, vision, life, and disability insurance coverage.
  • Flexible spending account (FSA) options.
  • Rich pension plan with optional Roth and pretax deferred compensation savings.
  • 38 paid days off in the first year of employment, increasing in subsequent years.
  • Twelve weeks of paid parental leave.
  • Paid tuition reimbursement and student loan repayment.
  • Opportunities for on-the-job training and employee resource groups.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service