I.T. Manager (CYBERSECURITY) Job at City of Sunrise in Fort Lauderdale

NATURE OF WORK

This role focuses on safeguarding the organization's information systems and data from cyber threats, requiring expertise in cybersecurity principles, technologies, and best practices, as well as strong leadership and communication skills. The IT Manager for Cybersecurity is responsible for developing and implementing comprehensive cybersecurity strategies to protect the organization's IT infrastructure, networks, and data assets. Responsibilities include creating cybersecurity policies, standards, and procedures that comply with industry regulations and best practices. The IT Manager for Cybersecurity also oversees the implementation of security controls and measures, such as firewalls, intrusion detection systems, and encryption technologies. This role also includes conducting regular security assessments and audits to identify vulnerabilities and risks, working with the reporting team to mitigate these risks through appropriate security measures. This role involves monitoring network traffic for unusual activity, investigating potential security incidents, and responding to and mitigating cyber incidents, such as malware infections or data breaches. This role requires a proactive approach to cybersecurity, as well as the ability to respond quickly and effectively to emerging threats. Collaboration is key, as the IT Manager for Cybersecurity works closely with other IT personnel to integrate security measures across all IT operations. This includes collaborating with the Service Desk, Application, GIS, and Network Teams to protect and update all systems, as well as providing cybersecurity training and awareness programs for staff across the organization. This position requires specialized cybersecurity training to support the IT department and the organization. The specific courses needed may vary based on the role within the IT department, the organization's needs, and the technologies in use. This employee is also required to maintain CJIS Level 4 certification.

ESSENTIAL JOB FUNCTIONS

• Develops and implements comprehensive cybersecurity strategies, policies, standards, and procedures to protect the organization's IT infrastructure, networks, and data assets.
• Monitors and assesses the organization's cybersecurity posture, including conducting regular security assessments and audits to identify vulnerabilities and risks.
• Oversees the implementation of security controls and measures, such as firewalls, intrusion detection systems, and encryption technologies, to mitigate cybersecurity risks.
• Monitors network traffic for unusual activity and investigates potential security incidents, such as malware infections or data breaches.
• Responds to and mitigates cybersecurity incidents, including coordinating incident response efforts and implementing remediation actions.
• Collaborates with other IT personnel to integrate security measures into all aspects of the organization's IT operations, including system design, development, and maintenance.
• Provides cybersecurity training and awareness programs for staff to enhance their understanding of cybersecurity risks and best practices.
• Stays abreast of the latest cybersecurity threats and trends, and recommends and implements security measures to address emerging threats.
• Ensures compliance with relevant laws, regulations, and standards regarding information security, such as NIST, HIPAA, CJIS.
• Prepares and presents cybersecurity reports and recommendations to senior management and stakeholders.
• Manages and leads a team of cybersecurity professionals, including hiring, training, and evaluating staff.
• Develops and manages the cybersecurity budget, including identifying and prioritizing cybersecurity initiatives and investments.
• Establishes and maintains relationships with external cybersecurity partners, such as vendors and industry groups, to stay informed of best practices and emerging technologies.
• Collaborates with internal audit and compliance teams to ensure that cybersecurity controls and practices meet regulatory requirements and industry standards.
• Conducts regular tabletop exercises and simulations to test the organization's incident response and business continuity plans.
• Leads incident response efforts during cybersecurity incidents, including coordinating with external cybersecurity experts and law enforcement agencies as necessary.

EDUCATION

• Required: Bachelors degree from an accredited school in computer science, information systems, or a closely related field.
• Preferred: Masters degree from an accredited school in computer science, information systems, or a closely related field.
• Extensive qualifying professional experience as described, may be substituted for the required college education.
• PROOF OF THE HIGHEST LEVEL OF COMPLETED EDUCATION MUST BE SUBMITTED AS AN ATTACHMENT WITH APPLICATION. (Applications without attached proof of education will not be processed for consideration.)

EXPERIENCE

• Extensive qualifying professionalexperience managing, implementing, and troubleshooting mission-critical cybersecurity systems and technologies, including but not limited to network security, endpoint protection, and security information and event management (SIEM) systems, preferably in a government or public sector environment.
• Considerable qualifying professionalexperience managing staff in a technologically progressive environment, with a focus on cybersecurity operations and management.
• Required Certifications: CompTIA Security+, Global Information Assurance Certification (GIAC) or equivalent.
• PROOF OF REQUIRED CERTIFICATIONS MUST BE SUBMITTED AS AN ATTACHMENT WITH APPLICATION. (Applications without attached certifications will not be processed for consideration.)
• Preferred Certifications: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or equivalent.

NECESSARY SPECIAL QULIFICATIONS

• Possession of a valid Drivers License with an acceptable driving record.
• Must obtain a valid Florida drivers license prior to hire.
• Must pass a background check to become CJIS certified.
• ITIL training must be completed within the first eighteen (18) months from appointment.

PHYSICAL REQUIREMENTS

Work Environment: Work is performed primarily in a standard office environment and data center rooms and closets with some travel to different sites; incumbents may be required to work extended hours including but not limited to evenings, weekends, and holidays.

Sensory: Must have the use of sensoryskills in order toeffectively communicate and interact with other employees and the public through personal contact, the use of the telephone and/or other City-issued technology devices.

Physical: Primary functions require sufficient physical ability and mobility to work in an office setting; to stand or sit for prolonged periods of time; to occasionally stoop, bend, kneel, crouch, reach, and twist under desks and around furniture; to lift, carry, push, and/or pull moderate to heavy amounts of weight up to 50 lbs.; to operate office equipment requiring repetitive hand movement and fine coordination including use of a computer keyboard; and to verbally communicate to exchange information. Occasional climbing on a ladder or stool to reach or mount equipment

KNOWLEDGE, SKILLS, AND ABILITIES

• In-depth understanding of cybersecurity principles, best practices, and technologies.
• Familiarity with security compliance frameworks, such as NIST Cybersecurity Framework, NIST SP 800-53, and CIS Controls.
• Familiarity with relevant state laws and regulations related to data privacy and security, such as Florida HB 7055, to ensure compliance and protect sensitive information.
• Experience with cybersecurity tools and technologies, such as firewalls, intrusion detection systems, and encryption technologies.
• Strong analytical and problem-solving skills, with the ability to analyze complex cybersecurity issues and develop effective solutions.
• Excellent communication skills, with the ability to effectively communicate cybersecurity concepts to technical and non-technical audiences.
• Strong leadership and management skills, with the ability to lead and motivate a team of cybersecurity professionals.
• Ability to collaborate effectively with other IT personnel, as well as internal audit and compliance teams, to achieve cybersecurity objectives.
• Ability to stay abreast of the latest cybersecurity threats and trends, and adapt cybersecurity strategies accordingly.
• Experience developing and implementing cybersecurity policies, standards, and procedures.
• Thorough understanding of network security architecture, including network protocols, firewall configuration, and secure network design principles.
• Familiarity with cloud computing security principles and best practices, including experience securing cloud-based services and infrastructure.
• Experience with security incident and event management (SIEM) systems, as well as other cybersecurity tools such as endpoint detection and response (EDR) solutions.
• Knowledge of secure software development practices and the ability to review and assess the security of applications and software systems.
• Understanding of risk management principles as they apply to cybersecurity, including the ability to assess and mitigate cybersecurity risks.
• Experience conducting security assessments and audits, including vulnerability assessments and penetration testing.
• Ability to develop and deliver cybersecurity training and awareness programs for staff at all levels of the organization.
• Strong project management skills, with the ability to manage multiple cybersecurity projects and initiatives simultaneously.
• Experience working in a regulated environment with knowledge of industry-specific cybersecurity requirements and regulations.
• Ability to work under pressure and respond effectively to cybersecurity incidents.
• Strong attention to detail and the ability to identify and address security vulnerabilities and risks.
• Ability to think strategically and develop long-term cybersecurity strategies that align with organizational goals and objectives.
• Strong interpersonal skills, with the ability to build and maintain positive relationships with stakeholders and staff at all levels of the organization.

#J-18808-Ljbffr