Adams County
Division Director Security, Risk, and Compliance
Adams County, Boston, Massachusetts, us, 02298
Overview
Under the direction of the Director, Information Technology and Innovation (ITi) and working collaboratively with other ITi Division Directors and Managers, take responsibility for providing strategic and operational leadership for the county's security architecture, information security, and risk & compliance functions. This leadership position will oversee the development and implementation of security strategies, ensuring the protection of the county’s information assets and compliance with relevant regulations and standards. The role involves managing and guiding managers and individual contributors in creating a secure, compliant, and resilient service-oriented IT environment.
The anticipated hiring range for this role is $113,857.37 - $130,935.976 annually. The full salary range for this position is $113,857.37 - $170,786.05 annually.
Responsibilities
Collaborate with the ITi leadership team to develop and implement security, risk, and compliance strategies.
Ensure comprehensive information security practices are in place, including threat detection, incident response, and vulnerability management.
Develop and implement risk management programs to identify, assess, and mitigate risks.
Ensure compliance with relevant regulations, standards, and best practices.
Monitor and analyze security metrics and performance indicators, providing regular reports to the Director and other stakeholders.
Coordinate with other departments to ensure security and compliance requirements are integrated into all IT projects and initiatives.
Oversee the development and maintenance of security policies, standards, and procedures.
Foster a culture of security awareness and compliance across the organization.
Initiates, facilitates, and promotes activities to create information security awareness throughout organization.
Provide oversight and ownership for intrusion detection and response.
Coordination of security assessments and penetration testing.
Designing cost effective security architectures that support county business objectives, and comply with all applicable policies, laws, and regulations. Monitor multiple external sources of threat and vulnerability information and communicate risks to key personnel.
Attends conferences and training as required to maintain proficiency.
Evaluate and maintain the information security budget.
Perform other related duties and responsibilities as required.
Supervision
Provide direct supervision of staff.
Demonstrated ability to lead and manage diverse security, risk, and compliance functions.
Strong decision-making skills and a proactive approach to problem-solving.
Ability to coordinate and manage multiple projects in a fast-paced and changing technical environment.
Excellent customer service skills, with the ability to communicate effectively with both technical and non-technical users.
Strong written and verbal communication skills.
Proficiency in relevant technologies and tools, including security information and event management (SIEM) systems, and risk management tools.
Ability to work independently and within established guidelines, with excellent attention to detail.
Ability to inspire and motivate team members, fostering a collaborative and productive work environment.
Education
A Bachelor’s Degree from an accredited college in Computer Science, Information Systems, or closely related field.
Experience
Minimum of five (5) years of progressively responsible experience in security, risk and compliance.
Minimum of four (4) years of leadership experience, including supervision of individual contributors, with evidence of making impactful change.
Strong knowledge of compliance frameworks including HIPAA Security Rule, PCI compliance, IRS 1075, and CJIS.
License and/or certification
Possession of or the ability to obtain a valid Colorado Driver’s License is required.
ITIL Foundation Certification is desired.
Possession of one or more of the following security certifications is preferred: SSCP, CISM, CISA, HISP, CISSP and/or NIST Cybersecurity Framework Practitioner.
Background Check
Must pass criminal (CBI) and (CJIS) fingerprint-based background check.
Other Per our County Mission statement, “to responsibly serve the Adams County community with integrity and innovation”, this position will own and pursue integrity and innovation.
Must be able to work outside of regular business hours to respond to system outages.
#J-18808-Ljbffr
The anticipated hiring range for this role is $113,857.37 - $130,935.976 annually. The full salary range for this position is $113,857.37 - $170,786.05 annually.
Responsibilities
Collaborate with the ITi leadership team to develop and implement security, risk, and compliance strategies.
Ensure comprehensive information security practices are in place, including threat detection, incident response, and vulnerability management.
Develop and implement risk management programs to identify, assess, and mitigate risks.
Ensure compliance with relevant regulations, standards, and best practices.
Monitor and analyze security metrics and performance indicators, providing regular reports to the Director and other stakeholders.
Coordinate with other departments to ensure security and compliance requirements are integrated into all IT projects and initiatives.
Oversee the development and maintenance of security policies, standards, and procedures.
Foster a culture of security awareness and compliance across the organization.
Initiates, facilitates, and promotes activities to create information security awareness throughout organization.
Provide oversight and ownership for intrusion detection and response.
Coordination of security assessments and penetration testing.
Designing cost effective security architectures that support county business objectives, and comply with all applicable policies, laws, and regulations. Monitor multiple external sources of threat and vulnerability information and communicate risks to key personnel.
Attends conferences and training as required to maintain proficiency.
Evaluate and maintain the information security budget.
Perform other related duties and responsibilities as required.
Supervision
Provide direct supervision of staff.
Demonstrated ability to lead and manage diverse security, risk, and compliance functions.
Strong decision-making skills and a proactive approach to problem-solving.
Ability to coordinate and manage multiple projects in a fast-paced and changing technical environment.
Excellent customer service skills, with the ability to communicate effectively with both technical and non-technical users.
Strong written and verbal communication skills.
Proficiency in relevant technologies and tools, including security information and event management (SIEM) systems, and risk management tools.
Ability to work independently and within established guidelines, with excellent attention to detail.
Ability to inspire and motivate team members, fostering a collaborative and productive work environment.
Education
A Bachelor’s Degree from an accredited college in Computer Science, Information Systems, or closely related field.
Experience
Minimum of five (5) years of progressively responsible experience in security, risk and compliance.
Minimum of four (4) years of leadership experience, including supervision of individual contributors, with evidence of making impactful change.
Strong knowledge of compliance frameworks including HIPAA Security Rule, PCI compliance, IRS 1075, and CJIS.
License and/or certification
Possession of or the ability to obtain a valid Colorado Driver’s License is required.
ITIL Foundation Certification is desired.
Possession of one or more of the following security certifications is preferred: SSCP, CISM, CISA, HISP, CISSP and/or NIST Cybersecurity Framework Practitioner.
Background Check
Must pass criminal (CBI) and (CJIS) fingerprint-based background check.
Other Per our County Mission statement, “to responsibly serve the Adams County community with integrity and innovation”, this position will own and pursue integrity and innovation.
Must be able to work outside of regular business hours to respond to system outages.
#J-18808-Ljbffr