Chief Information Security Officer
$137,000 - $137,000/Yr
County of Mono - Information Technology Services - Bridgeport, CA
posted about 2 months ago
Full-time - Senior
Bridgeport, CA
About the position
The Chief Information Security Officer (CISO) is responsible for planning, organizing, implementing, and directing the County-wide information security program. This role involves advising and training County departments on managing security risks, overseeing the County's defensive architecture, monitoring for compromises, and developing security policies and procedures. The CISO ensures the secure operation of County information systems and minimizes exposure to risks and losses.
Responsibilities
- Develop, establish, implement, and direct the County's information technology security program across all departmental divisions and units.
- Develop, coordinate, and maintain policies pertaining to information technology security.
- Work with County-wide taskforces, committees, and departmental liaisons to implement security policies, procedures, and infrastructure modifications.
- Act as the central point of contact related to violations of information technology security policies and investigate or assist in the investigation of violations.
- Write and maintain appropriate reports and records.
- Conduct security risk assessments and business impact analysis of all County departments upon request.
- Act as a consultant to all County information technology functions in reviewing security policies, computer operations, access controls, system security, computer applications, and network and data security.
- Develop, promote, and present security awareness education to all levels of the County organization.
- Review all system-related information security plans throughout the County's network to ensure alignment between security practices.
- Maintain current knowledge of applicable federal and state laws, accreditation standards, and monitor information security technologies for compliance.
- Plan, prioritize, delegate, and review the work of assigned staff.
- Develop and lead the Information Security Response Team; coordinate all incident preparedness activities.
- Consult with the County Counsel's Office to provide legal investigative services related to information technology.
- Coordinate with the Network Infrastructure Team on monitoring County systems and networks for malicious or unusual activity that may allow unauthorized access and/or attacks.
- May be assigned as a Disaster Service Worker as required.
Requirements
- Thorough knowledge of information security principles and practices.
- Ability to analyze, assess, and interpret complex data, policies, procedures, regulations, and legislation.
- Understanding of technologies used to collect, access, store, and transmit information.
- Skill in evaluating laws and regulations related to information security.
- Skill in performing risk assessments and identifying information security needs for the County.
- Ability to effectively motivate, supervise, and direct the work of others.
- Proficiency in preparing and presenting effective, clear, and concise reports and correspondence.
- Ability to analyze problems, identify solutions, and make recommendations.
- Ability to prioritize and meet project timelines.
- Ability to establish and maintain effective working relationships.
- Exercise good judgment, decisiveness, and creativity.
