Chief Information Security Officer

2 days ago

Alexandria, United States City Of Alexandria Virginia Full time
CHIEF INFORMATION SECURITY OFFICER
Information Technology Services
"Preserving the Past, while Innovating our Future"

Opportunity of a Lifetime

The City of Alexandria is located in northern Virginia, and is bordered by the District of Columbia (Potomac River), Arlington, and Fairfax counties. With a population of approximately 160,000 and a land area of 15.75 square miles, Alexandria is the seventh largest city in the Commonwealth of Virginia. Approximately one-quarter of the City's square miles have been designated as a national or local historic district. Several buildings in these districts are monuments to the past, while being actively used by citizens for homes, businesses, and museums. We proudly embrace our rich history and seize the endless opportunities that lie ahead. If you are interested in working for the vibrant City of Alexandria, we invite qualified candidates to apply for our Chief Information Security Officer position.

ITS Department Core Values:

Empower People
Evaluate
Strategically Invest
Secure Information
Collaborate
Data-Centric

An Overview

The Department of Information Technology Services (ITS) is seeking a Chief Information Security Officer who will have responsibility for overseeing the City of Alexandria government’s Cybersecurity Program. This supervisory position reports directly to the Deputy Chief Information Officer (CIO) and uses industry best practices to oversee the implementation of all security policies as directed by the CIO, and enforces the City’s enterprise cybersecurity through policy, architecture, technical and functional administration, and training. The Chief Information Security Officer will also lead in selecting, configuring, communicating, and implementing cybersecurity solutions and security controls to identify and reduce IT risk.

What You Should Bring

You should have a demonstrated ability of being able to work independently, as well as a history of establishing and maintaining effective working relationships with coworkers, representatives of other departments and agencies, and the public. You must be able to communicate clearly and effectively, both verbally and in writing, as well as being able to mentor junior staff. You should be able to show proactivity in continuously improving your job knowledge and technical and functional skills through training opportunities and self-study. Our ideal candidate will have considerable hands-on experience in all aspects of cybersecurity, and an ability to lead, manage, and communicate.

The Opportunity

The Chief Information Security Officer will be focused on all aspects of City-wide IT cybersecurity, from developing cybersecurity plans and strategies to preventing and mitigating cyber-attacks. Examples of duties include:

Establish Governance and Build Knowledge
Provides regular reporting on the current status of the information security program and relevant metrics to ITS stakeholders and City senior leadership as part of a strategic enterprise risk management program, thus supporting business outcomes. Develops, socializes and coordinates approval and implementation of security policies. Works with stakeholders to ensure that information security requirements are included in contracts. Establish an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board. Directs the information security awareness training program for all employees, contractors and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences. Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management. Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
Lead the Organization
Leads the information security function across the City to ensure consistent and high-quality information security management in support of the business goals. Determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas. Manages the budget for the information security function, monitoring and reporting discrepancies. Manages the cost-efficient information security organization, consisting of direct reports and federated technology partners. This includes hiring (and conducting background checks), training, staff development, performance management and annual performance reviews.
Strategic Direction
Develops an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate. Monitors the comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled or/and processed by the organization. Creates budgetary requests for both operational needs as well as proposes long-range funding considerations. Performs contractual management, devises statement of work, and conducts negotiations for related products and services. Proposes solutions that are right sized and bring the most value to the organization. Engages stakeholders to address risk management which includes assessment, identification, mitigation controls, and acceptance to ensure ownership of the information security risk is clear and documented. Ensure the risks are considered in totality and align with the City’s overall risk appetite. Develop the Frameworks
Develops and enhances an up-to-date information security management framework based on the following: NIST, COBIT, CIS Critical Controls, and others. Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations. Develops and maintains a document framework of continuously up-to-date information security policies, standards, and guidelines. Oversees the approval and publication of these information security policies and practices.
Mature the Program and Communicate the Vision
Creates the necessary internal networks among the information security team and line-of-business stakeholders, compliance, audit, physical security, legal and HR management teams to ensure alignment as required. Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors, and other relevant parties to address common trends, findings, incidents, and cybersecurity risks. Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Liaises technology staff across the organization to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design.
Cybersecurity Operations
Defines and facilitates the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings. Manages and contains information security incidents and events to protect City ITS assets, intellectual property, regulated data and the City's reputation. Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action. Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals, with the realization that components supporting primary business processes may be outside the City perimeter. Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas. Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem.

About the Department

The Information Technology Services Department is responsible for enterprise technology operations for the City of Alexandria. ITS provides technology services and solutions to City departments to enhance service delivery. ITS aligns its work with City needs by providing leadership, resources, expertise, and products that enable departments to better serve the City’s residents, businesses, and visitors. ITS resources support initiatives funded through the multi-year Information Technology Capital Improvement Plan (IT/CIP) to improve the overall technology landscape. The City of Alexandria’s ITS Department has been a Top Ten National Finalist in the Digital Cities Award program for over the past 10 years.

Minimum & Additional Requirements

Bachelor’s degree in computer science or business administration plus five years of experience in risk management, information security , of which three years are in a leadership role , and developing IT security policies and procedures; or any equivalent combination of experience and training which provides the required knowledge, skills , and abilities.

Preferred Qualifications

 Recent technical experience within the past five years demonstrating a c omprehensive knowledge of information security and risk management and technology (audit compliance, regulatory compliance, business continuity and disaster recovery, vulnerability management , configuration management, web application security , intrusion detection and prevention systems , fi rewalls, and endpoint security). Recent technical experience within the past five years demonstrating a comprehensive knowledge of secur ity administration in a Windows-based network environment. Recent experience within the past five years demonstrating a comprehensive knowledge of information protection standards, guidelines, and applied procedures ( i.e. , industry "best practices"). Technical e xperience within the past 10 years demonstrating a comprehensive knowledge of server administration as applied to network and internet security. Functional e xperience within the past 10 years demonstrating a comprehensive knowledge of common information security management frameworks, such as SANS CIS 20 Critical Controls, ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework . E xperience within the past 10 years demonstrating a comprehensive knowledge of business needs coupled with the ability to establish and maintain a high level of customer trust and confidence in the security team's concern for customers .

Notes

CITY BENEFITS

Retirement- City of Alexandria Supplemental Retirement PlanVirginia Retirement System (VRS)Voluntary Retirement Savings PlanMedical, Dental, Vision - City covers 75-80%Administrative Leave - 13 days per yearHolidays - 13 paid holidays Sick leave - 12 days per yearBereavement Leave - 3 days per occurrence Tuition Reimbursement - $1200 per fiscal year Long-Term Disability (LTD)- City paid; Additional buy-up option available Flexible Spending Account (FSA)- Medical and Dependent Care availableTransit Benefits- Up to $270 per month for employees who utilize public transit Access to our on-site gyms near City Hall (equipment includes treadmills, weights, Peloton bikes, elliptical etc.)Jet Dental - an onsite dental service twice per year Employee Assistance Program (EAP)Employee wellness and development programsOther City discounts through partnerships
This position requires the successful completion of pre-employment checks including but not limited to a criminal background and drug screening. This position may be occasionally required to be available after normal working hours to support applications and to respond to the City’s Emergency Operations Center (EOC) when it is activated .

This position will be posted until filled.

  • Chief Information Security Officer

    5 days ago

    Alexandria, Virginia, United States City Of Alexandria Virginia Full time

    CHIEF INFORMATION SECURITY OFFICER Information Technology Services "Preserving the Past, while Innovating our Future" Opportunity of a Lifetime The City of Alexandria is located in northern Virginia, and is bordered by the District of Columbia (Potomac River), Arlington, and Fairfax counties. With a population of approximately 160,000 and a land area of...

  • Information Technology Specialist

    2 weeks ago

    Alexandria, United States US Office of the Chief Information Officer Full time

    **Duties**: The following are the duties of this position at the **GS-11**. If you are selected at a lower grade level, you will have the opportunity to learn to perform all these duties, and will receive training to help you grow in this position. As an **Information Technology Specialist**, you will: - Work with CEC staff in selecting, piloting, testing,...

  • Senior Level Information Security Architect

    2 months ago

    Alexandria, United States Patent and Trademark Office Full time

    Summary Would you like to work with the USPTO to support . commerce and innovation? The Office of the Chief Information Officer (OCIO) is a community of bold, strategic thinkers and doers who build and deliver technology products and services that empower customers to foster American innovation. The systems OCIO manage, support the agency's operations...

  • Chief Management Officer

    2 months ago

    Alexandria, United States National Science Foundation Full time

    Summary This position is for the Chief Management Officer in the Office of the Director. For more information about NSF - For more information about the Office of the Director - Duties The National Science Foundation (NSF), an independent agency of the Federal Government, is authorized and directed to initiate and support basic scientific...

  • Information System Security Officer

    3 weeks ago

    Alexandria, United States Technical Intelligence Solutions LLC Full time

    Technical Intelligence Solutions, LLC Information System Security Officer Alexandria, VA·Full time Apply for Information System Security Officer • 7+ years of experience as an Information System Security Analyst or Information System Security Officer • 1+ years of experience in cloud environments • Experience with the implementation, oversight, and...

  • Information Security Specialist

    2 weeks ago

    Alexandria, Virginia, United States General Dynamics Information Technology Full time

    Own your career as a Information Security Specialist at GDIT. Here, youll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients m Security Specialist, Security, Information, Specialist, Cyber Defense, Architectural

  • Information Security Specialist

    1 month ago

    Alexandria, United States General Dynamics Information Technology Full time

    Own your career as a Information Security Specialist at GDIT. Here, youll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients m Security Specialist, Security, Information, Specialist, Cyber Defense, Architectural

  • Information System Security Officer

    3 weeks ago

    Alexandria, United States Technical Intelligence Solutions Llc Full time

    Technical Intelligence Solutions, LLCInformation System Security OfficerAlexandria, VAFull timeApply for Information System Security Officer 7+ years of experience as an Information System Security Analyst or Information System Security Officer 1+ years of experience in cloud environments Experience with the implementation, oversight, and maintenance of the...

  • Unarmed Security Officer

    6 days ago

    Alexandria, United States TRICORPS SECURITY Full time

    TriCorps Security has immediate openings in a school environment located in Alexandria, Virginia. Former Law Enforcement, Military, or experienced Security Officers with a **Current DCJS Security Officer Certification are required**. Contact the hiring manager for additional details! **Education**: - High school or equivalent...

  • Information System Security Officer

    2 weeks ago

    Alexandria, Virginia, United States Gray Tier Technologies LLC Full time

    This is a hybrid position allowing 50% remote work after a brief ramp-up period (first 2-3 weeks will be 100% onsite during on boarding, then time will be split 50/50 onsite/remote). However, operational requirements and classification of system could be a cause for more onsite time. These ISSOs needs to have a good understanding of the National Institute of...

  • Information System Security Officer

    3 weeks ago

    Alexandria, United States Booz Allen Hamilton Full time

    Job Number: R0195375 Information System Security Officer The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies. In all of this "cyber noise," how can these organizations understand their risks and how to mitigate them? The answer is you-an...

  • Transportation Security Officer

    2 weeks ago

    Alexandria, Virginia, United States Department of Homeland Security Full time

    ** Transportation Security Officer (TSO)** **Department of Homeland Security** Transportation Security Officers are responsible for providing security and protection of travelers across all transportation sectors in a courteous and professional manner. Their duties may also extend to securing high-profile events, important figures and/or anything that...

  • Information Systems Security Officer

    7 days ago

    Alexandria, United States Modern Technology Solutions, Inc. Full time

    Modern Technology Solutions, Inc. (MTSI) is seeking a Senior Information Systems Security Officer (ISSO) to support Customs and Border Protection’s Unmanned Aircraft System (CBP UAS) Program Office. You will implement and maintain security controls in accordance with all applicable laws, standards, guidance, and best practices required for a valid...

  • Information Systems Security Officer

    2 days ago

    Alexandria, United States Modern Technology Solutions Inc Full time

    Modern Technology Solutions, Inc. (MTSI) is seeking a Senior Information Systems Security Officer (ISSO) to support Customs and Border Protection’s Unmanned Aircraft System (CBP UAS) Program Office. You will implement and maintain security controls in accordance with all applicable laws, standards, guidance, and best practices required for a valid...

  • Chief Operating Officer

    2 weeks ago

    Alexandria, Virginia, United States ZERO Prostate Cancer Full time

    Organization Overview:ZERO Prostate Cancer is a leading national nonprofit with the mission to end prostate cancer and help all who are impacted. ZERO is the primary destination for all impacted by the disease to convene, get support and education, and come together as one united voice to create a better future for the prostate cancer community.The...

  • Information Systems Security Officer

    3 weeks ago

    Alexandria, United States Goldbelt, Inc. Full time

    Overview: Goldbelt Glacier is accelerating healthcare delivery and providing superior force health readiness across the military, federal, and civilian landscapes. Goldbelt Glacier is committed to providing transformative and comprehensive health operational capabilities to support customers across scientific, clinical, technological, and program management...

  • Information Systems Security Officer

    2 weeks ago

    Alexandria, United States Goldbelt Full time

    Overview Goldbelt Glacier is accelerating healthcare delivery and providing superior force health readiness across the military, federal, and civilian landscapes. Goldbelt Glacier is committed to providing transformative and comprehensive health operational capabilities to support customers across scientific, clinical, technological, and program management...

  • Information Assurance Officer with Security Clearance

    4 weeks ago

    Alexandria, United States Chenega Corporation Full time

    You will need to login before you can apply for a job. Information Assurance Officer with Security Clearance Summary Information Assurance Officer Alexandria, VA Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core...

  • Unarmed Security Officer

    3 weeks ago

    Alexandria, United States Enterprise Security Corporation Full time

    **UNARMED SECURITY GUARDS NEEDED** We protect our clients’ staff and assets, wherever they are in the world. We offer different schedules, diverse work assignments spanning multiple industries and career advancement opportunities. We encourage diversity and are proud to be an equal opportunity employer. ESC is looking for Unarmed Security Officers to...

  • Information Systems Security Officer

    2 weeks ago

    Alexandria, United States Goldbelt Full time

    Overview Goldbelt Glacier is accelerating healthcare delivery and providing superior force health readiness across the military, federal, and civilian landscapes. Goldbelt Glacier is committed to providing transformative and comprehensive health operational capabilities to support customers across scientific, clinical, technological, and program management...