Albemarle County
Chief of Information Technology Security
Albemarle County, Charlottesville, Virginia, United States, 22904
Chief of Information Technology Security
Join to apply for the
Chief of Information Technology Security
role at
Albemarle County
Job Summary The Information Technology Security Division Chief is responsible for leading and executing the County’s enterprise‑wide information security strategy, with a focus on cybersecurity, infrastructure resilience, and operational efficiency. This role oversees the development, implementation, and enforcement of information security policies and governance frameworks to protect County data and systems. The chief ensures alignment of technology initiatives with organizational goals, provides expert guidance across departments, and leads incident response, risk mitigation, vulnerability management, security awareness training, and compliance efforts. The position is highly visible and regularly briefs IT executives and senior County leadership.
Essential Functions
Provide strategic leadership and oversight of the County’s cybersecurity posture, including threat detection, vulnerability management, and incident response coordination.
Serve as the County’s primary point of contact for cybersecurity alerts, advisories, and inter‑agency coordination.
Develop, implement, and maintain County‑wide information security policies, standards, and procedures.
Deliver regular status updates to supervisor and executive management.
Conduct regular risk assessments, security audits, and compliance reviews to identify and mitigate vulnerabilities.
Lead the evaluation and deployment of secure system and network architectures, ensuring alignment with best practices and regulatory requirements.
Oversee security audits, risk assessments, and continuous improvement initiatives to evaluate cybersecurity posture.
Oversee technical documentation related to system security configurations, controls, and operational procedures.
Coordinate cross‑departmental IT responses to security incidents and ensure timely resolution and reporting.
Act as liaison with cybersecurity vendors, internal departments, contractors, boards, and external agencies.
Manage cybersecurity awareness training and education programs for County staff to promote a culture of security.
Stay current with evolving threats, technologies, and regulatory requirements to proactively adapt the County’s security strategy.
Collaborate with state, federal, and academic partners on cybersecurity initiatives and information sharing.
Supervise and mentor IT staff, fostering professional development and ensuring high performance in support of County objectives.
Lead a high‑performing team, cultivating accountability, innovation, and cross‑functional collaboration to ensure delivery and excellence.
Exemplify exceptional customer service and maintain effective working relationships with county and school officials, principals, department heads, and other partner agencies.
Perform additional duties as assigned.
Competency: Knowledge, Skills, and Abilities
Proven leadership and supervisory capabilities with strong analytical and decision‑making skills.
Exceptional verbal and written communication, including the ability to present complex technical concepts to diverse audiences.
Extensive knowledge of enterprise data and network security principles, strategy, best practices, and advanced protection techniques.
Expertise in cybersecurity frameworks, policies, laws, and regulatory compliance (e.g., NIST, FISMA, PCI, HIPAA).
Ability to own and manage cybersecurity plans and procedures, establishing network monitoring and problem detection procedures.
Strong understanding of project management methodologies and their application in IT operations.
Demonstrated ability to develop and implement enterprise‑wide cybersecurity strategies and policies.
Skilled in collaborating with internal stakeholders and external partners to design and maintain comprehensive security programs.
Proficient in evaluating and integrating emerging cybersecurity technologies to meet evolving organizational needs.
Ability to lead incident response, risk assessments, and continuous improvement initiatives.
High attention to detail, strong organizational, interpersonal, and motivational skills.
Capable of working independently and under pressure in a collaborative, service‑oriented environment.
Extensive Knowledge and Familiarity With
NIST Cybersecurity Framework 2.0
NIST SP 800‑100
NIST SP 800‑171r3
MITRE ATT&CK framework
ISO/IEC 27001
COBIT
CIS Controls
PCI‑DSS
HIPAA
Required Education / Certifications
Seven or more years’ combined experience as an Information Security Manager with demonstrated supervisory experience in an enterprise technology environment.
Baccalaureate degree in Computer Science, Information Systems Management, or a related field; or community college degree in Computer Science or Information Systems. Additional experience may be substituted for education.
Preferred Qualifications / Certifications
10+ years of related experience.
Relevant certifications such as CISSP, CISM, Security+, CySA+, GSEC, CCSP, CISA.
Physical and Mental Requirements
Work performed in an office, data center or conference rooms.
Communicate in person and virtual meetings; regular use of telephone, chat, and computers.
Handle small computer components; lift up to 100 pounds.
Occasional urgent tasks, after normal business hours, weekend duties, or emergency call‑backs.
Use County vehicles for travel as needed.
Regular contact with county employees and senior leadership at all levels.
Remote Work This position is eligible for a hybrid remote work schedule in compliance with the County’s Remote Work Policy.
Salary Range Hourly: $51.43 – $56.84 (approx. $106,971 – $118,231 annually). This is a full‑time, FLSA exempt position. Benefits include 12 paid holidays, vacation and sick leave, health insurance, life insurance, retirement, and continuing education opportunities.
Application Deadline Applications close on September 17, 2025.
EEO Statement Albemarle County is an equal‑employment‑opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, national origin, age or disability. Virginia Values Veterans. Albemarle County is a certified V3 organization.
#J-18808-Ljbffr
Chief of Information Technology Security
role at
Albemarle County
Job Summary The Information Technology Security Division Chief is responsible for leading and executing the County’s enterprise‑wide information security strategy, with a focus on cybersecurity, infrastructure resilience, and operational efficiency. This role oversees the development, implementation, and enforcement of information security policies and governance frameworks to protect County data and systems. The chief ensures alignment of technology initiatives with organizational goals, provides expert guidance across departments, and leads incident response, risk mitigation, vulnerability management, security awareness training, and compliance efforts. The position is highly visible and regularly briefs IT executives and senior County leadership.
Essential Functions
Provide strategic leadership and oversight of the County’s cybersecurity posture, including threat detection, vulnerability management, and incident response coordination.
Serve as the County’s primary point of contact for cybersecurity alerts, advisories, and inter‑agency coordination.
Develop, implement, and maintain County‑wide information security policies, standards, and procedures.
Deliver regular status updates to supervisor and executive management.
Conduct regular risk assessments, security audits, and compliance reviews to identify and mitigate vulnerabilities.
Lead the evaluation and deployment of secure system and network architectures, ensuring alignment with best practices and regulatory requirements.
Oversee security audits, risk assessments, and continuous improvement initiatives to evaluate cybersecurity posture.
Oversee technical documentation related to system security configurations, controls, and operational procedures.
Coordinate cross‑departmental IT responses to security incidents and ensure timely resolution and reporting.
Act as liaison with cybersecurity vendors, internal departments, contractors, boards, and external agencies.
Manage cybersecurity awareness training and education programs for County staff to promote a culture of security.
Stay current with evolving threats, technologies, and regulatory requirements to proactively adapt the County’s security strategy.
Collaborate with state, federal, and academic partners on cybersecurity initiatives and information sharing.
Supervise and mentor IT staff, fostering professional development and ensuring high performance in support of County objectives.
Lead a high‑performing team, cultivating accountability, innovation, and cross‑functional collaboration to ensure delivery and excellence.
Exemplify exceptional customer service and maintain effective working relationships with county and school officials, principals, department heads, and other partner agencies.
Perform additional duties as assigned.
Competency: Knowledge, Skills, and Abilities
Proven leadership and supervisory capabilities with strong analytical and decision‑making skills.
Exceptional verbal and written communication, including the ability to present complex technical concepts to diverse audiences.
Extensive knowledge of enterprise data and network security principles, strategy, best practices, and advanced protection techniques.
Expertise in cybersecurity frameworks, policies, laws, and regulatory compliance (e.g., NIST, FISMA, PCI, HIPAA).
Ability to own and manage cybersecurity plans and procedures, establishing network monitoring and problem detection procedures.
Strong understanding of project management methodologies and their application in IT operations.
Demonstrated ability to develop and implement enterprise‑wide cybersecurity strategies and policies.
Skilled in collaborating with internal stakeholders and external partners to design and maintain comprehensive security programs.
Proficient in evaluating and integrating emerging cybersecurity technologies to meet evolving organizational needs.
Ability to lead incident response, risk assessments, and continuous improvement initiatives.
High attention to detail, strong organizational, interpersonal, and motivational skills.
Capable of working independently and under pressure in a collaborative, service‑oriented environment.
Extensive Knowledge and Familiarity With
NIST Cybersecurity Framework 2.0
NIST SP 800‑100
NIST SP 800‑171r3
MITRE ATT&CK framework
ISO/IEC 27001
COBIT
CIS Controls
PCI‑DSS
HIPAA
Required Education / Certifications
Seven or more years’ combined experience as an Information Security Manager with demonstrated supervisory experience in an enterprise technology environment.
Baccalaureate degree in Computer Science, Information Systems Management, or a related field; or community college degree in Computer Science or Information Systems. Additional experience may be substituted for education.
Preferred Qualifications / Certifications
10+ years of related experience.
Relevant certifications such as CISSP, CISM, Security+, CySA+, GSEC, CCSP, CISA.
Physical and Mental Requirements
Work performed in an office, data center or conference rooms.
Communicate in person and virtual meetings; regular use of telephone, chat, and computers.
Handle small computer components; lift up to 100 pounds.
Occasional urgent tasks, after normal business hours, weekend duties, or emergency call‑backs.
Use County vehicles for travel as needed.
Regular contact with county employees and senior leadership at all levels.
Remote Work This position is eligible for a hybrid remote work schedule in compliance with the County’s Remote Work Policy.
Salary Range Hourly: $51.43 – $56.84 (approx. $106,971 – $118,231 annually). This is a full‑time, FLSA exempt position. Benefits include 12 paid holidays, vacation and sick leave, health insurance, life insurance, retirement, and continuing education opportunities.
Application Deadline Applications close on September 17, 2025.
EEO Statement Albemarle County is an equal‑employment‑opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, national origin, age or disability. Virginia Values Veterans. Albemarle County is a certified V3 organization.
#J-18808-Ljbffr