If you are an Internal City Employee Retiree or Dependent/Survivor of a City Employee please apply internally via Career Icon in your Workday account.

Make a dierence in the community you live in! As a Community Builderan employee with the City of Gainesville you will have a direct hand in building and improving your community and making a visible impact on the lives of your neighbors. Working for local government is more than a job its a chance to contribute to community success and to help enhance the Gainesville way of life.

Department:

Salary Range Minimum:

Salary Range Maximum:

Closing Date:

Job Details:

Job Description:

The Information Security Officer (ISO) is responsible for building a Cyber Security Program to ensure the protection and resilience of the technology systems and information assets that the City of Gainesville employees need to enable the delivery of Best in Class Neighbor Services for our community. The ISO is responsible for the citywide cybersecurity strategy risk management compliance initiatives and incident response leadership. This position ensures the confidentiality integrity and availability of City information systems and supports the Citys strategic goals by aligning cybersecurity with organizational priorities.

The ISO reports to the Technology Director and leads cyber security analysts in addition to cross-functional Incident Response Team (IRT) members and is the primary liaison with external response partners and service providers.

SUMMARY

The Information Security Officer (ISO) is responsible for building a Cyber Security Program to ensure the protection and resilience of the technology systems and information assets that the City of Gainesville employees need to enable the delivery of Best in Class Neighbor Services for our community. The ISO is responsible for the citywide cybersecurity strategy risk management compliance initiatives and incident response leadership. This position ensures the confidentiality integrity and availability of City information systems and supports the Citys strategic goals by aligning cybersecurity with organizational priorities.

The ISO reports to the Technology Director and leads cyber security analysts in addition to cross-functional Incident Response Team (IRT) members and is the primary liaison with external response partners and service providers.

EXAMPLES OF WORK*

*This section of the job description is not intended to be a comprehensive list of duties and responsibilities of the position. The omission of a specific job function does not absolve an employee from being required to perform additional tasks incidental to or inherent in the job. Performance of lower-level duties may be required.

ESSENTIAL JOB FUNCTIONS

Develops and maintains a comprehensive citywide cyber security program aligned with industry standards and regulatory requirements.

Supports the planning and execution of efforts to insource technology infrastructure cybersecurity applications and IT service delivery.

Leads risk assessment activities and implements controls to mitigate cybersecurity threats.

Assess implement operate and maintain cyber security systems e.g. firewalls web and email scanners vulnerability scanners endpoint protection etc.

Establishes and enforces cyber security policies standards and procedures.

Oversees incident response planning and execution including investigations and coordination with law enforcement when necessary.

Ensures compliance with applicable laws regulations and frameworks such as NIST ISO CIS FIPA HIPAA and PCI-DSS.

Coordinates security awareness and training programs to promote a culture of cybersecurity across the organization.

Provides guidance on secure system design and development throughout the technology lifecycle.

Conducts audits and assessments of internal systems and third-party vendors to evaluate security posture.

Advises senior leadership on current cyber risks threats and strategies for mitigation.

NON-ESSENTIAL JOB FUNCTIONS

Attends work on a continuous and regular basis.

Performs related duties as required or assigned by the Director of Technology.

QUALIFICATIONS

To perform this job successfully an individual must be able to perform each essential job function satisfactorily. Below are the required education experience knowledge skills and abilities to perform the essential functions.

EDUCATION AND EXPERIENCE

Bachelors degree from an accredited college or university in cyber security computer science management information systems business administration or a related field.

Eight (8) years of progressively responsible experience in cyber security including three (3) years of team and program leadership experience.

A Masters degree may substitute for one (1) year of non-supervisory experience.

DESIRED CERTIFICATIONS

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Ethical Hacker (CEH)

GIAC Security Essentials (GSEC)

CompTIA Security

Microsoft Certified: Azure Security Engineer Associate

KNOWLEDGE SKILLS AND ABILITIES

Thorough knowledge of cybersecurity principles frameworks (e.g. NIST ISO 27001) and best practices.

Working knowledge of applicable state and federal laws related to information security and privacy.

Ability to develop and implement a comprehensive cyber security program including policies procedures and technical standards that strengthen cybersecurity.

Strong understanding of network endpoint and cloud security technologies.

Ability to assess and manage information security risks and effectively lead the response to cyber security incidents.

Excellent written and verbal communication skills with the ability to present technical concepts to non-technical stakeholders.

Strong interpersonal and leadership skills including the ability to influence advise and collaborate across departments.

Ability to manage confidential information with a high level of discretion and professionalism.

Knowledge of audit processes and the ability to interface with internal/external auditors and regulators.

Ability to develop and lead security awareness and training programs.

Ability to work collaboratively with teams across the organization to resolve issues and implement process improvements.

Knowledge of security performance metrics and reporting tools.

Ability to foster a culture of security while enabling operational excellence through the use of technology and innovation.

PHYSICAL AND ENVIRONMENTAL REQUIREMENTS

To perform this job successfully an individual must possess certain physical abilities and be able to withstand work related environmental conditions.

PHYSICAL REQUIREMENTS

While performing the duties of this job the employee is often required to sit for prolonged periods of time.

WORK ENVIRONMENT

May be required to work and attend meetings outside regular business hours.

Requires occasional travel to City offices and facilities for on-site support coordination.

Note:

May Require Assessment(s).

May fill multiple positions.

May establish an eligibility list.

Come join our team! The City of Gainesville oers a competitive benets package and opportunities to grow both professionally and personally.

All regular employees are eligible for traditional benets such as health insurance life insurance paid leave 11 paid a holidays a year a pension plan and a deferred compensation plan but we also oer great things like on-site tness centers tuition reimbursement on-site medical sta and a wellness program to keep you healthy and happy. Please note; benefits are not available for temporary employees.

Equal Opportunity

The City of Gainesville is an equal opportunity/affirmative action employer and does not discriminate in hiring. Minorities women and individuals with disabilities are encouraged to apply. Individuals with a disability who require special accommodations during the selection process should notify the Human Resources Department at or TDD/TTY at .

Veterans Preference

Veterans are encouraged to apply. Veterans Preference ensures that veterans and eligible persons are given consideration at each step of the selection process. However preference does not guarantee that a veteran or other eligible person will be the candidate selected to fill the position. Section 295.07 Florida Statutes (F.S.) specifies who is eligible for Veterans Preference. State of Florida residency is not required for Veterans Preference.

If you are unable to apply online due to a disability contact recruiting at or by calling .