Chief of Information Technology Security
Chief of Information Technology Security
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 51 - 56
1 Vacancy
Job Description
Chief of IT Security
Department of Information Technology
Full-Time 12 Months
Exempt Pay Grade 38
VRS-Eligible Benefits-Eligible
Job Summary/Objectives:
The Information Technology Security Division Chief is responsible for leading and executing the Countys enterprise-wide information security strategy with a focus on cybersecurity infrastructure resilience and operational efficiency. This role oversees the development implementation and enforcement of information security policies security protocols and governance frameworks to protect County data and systems. The IT Security Division Chief ensures alignment of technology initiatives with organizational goals provides expert guidance across departments and leads incident response risk mitigation information security strategy governance vulnerability management security awareness training and compliance efforts. This role is highly visible and regularly briefs IT executives as well as senior County leadership. The IT Security Division Chiefs role will combine accountability and responsibility for information security data security and network monitoring and protection against cyber threats.
Reporting to the Assistant Director of Systems and Security this position plays a critical leadership role in safeguarding digital assets and enabling secure reliable public service delivery.
Essential Functions:
- Provide strategic leadership and oversight of the Countys cybersecurity posture including threat detection vulnerability management and incident response coordination.
- Serve as the Countys primary point of contact for cybersecurity alerts advisories and inter-agency coordination.
- Develop implement and maintain County-wide information security policies standards and procedures.
- Deliver regular status updates to supervisor and executive management
- Conduct regular risk assessments security audits and compliance reviews to identify and mitigate vulnerabilities.
- Lead the evaluation and deployment of secure system and network architectures ensuring alignment with best practices and regulatory requirements.
- Oversee security audits risk assessments and continuous improvement initiatives to evaluate cybersecurity posture
- Oversee technical documentation related to system security configurations controls and operational procedures.
- Coordinate cross-departmental IT responses to security incidents and ensure timely resolution and reporting.
- Act as liaison with cybersecurity vendors internal departments contractors boards and external agencies
- Manage cybersecurity awareness training and education programs for County staff to promote a culture of security.
- Stay current with evolving threats technologies and regulatory requirements to proactively adapt the Countys security strategy.
- Collaborate with state federal and academic partners on cybersecurity initiatives and information sharing.
- Supervise and mentor IT staff fostering professional development and ensuring high performance in support of County objectives.
- Lead a high-performing team cultivating accountability innovation and cross-functional collaboration to ensure delivery and excellence.
- Exceptional customer service. Ability to establish and maintain effective working relationships with county and school officials principals department heads and other partner agencies.
- Perform additional duties as assigned
Competency: Knowledge/Skills/Abilities:
- Proven leadership and supervisory capabilities with strong analytical and decision-making skills.
- Exceptional verbal and written communication including the ability to present complex technical concepts to diverse audiences.
- Extensive knowledge of enterprise data and network security principles strategy best practices and advanced protection techniques.
- Expertise in cybersecurity frameworks policies laws and regulatory compliance (e.g. NIST FISMA PCI HIPAA).
- Ability to own and manage cybersecurity plans and procedures establishing network monitoring and problem detection procedures.
- Proven leadership ability.
- Strong understanding of project management methodologies and their application in IT operations.
- Demonstrated ability to develop and implement enterprise-wide cybersecurity strategies and policies.
- Skilled in collaborating with internal stakeholders and external partners to design and maintain comprehensive security programs.
- Proficient in evaluating and integrating emerging cybersecurity technologies to meet evolving organizational needs.
- Ability to lead incident response risk assessments and continuous improvement initiatives.
- Adept at aligning IT security initiatives with organizational goals and regulatory requirements.
- High attention to detail with strong organizational interpersonal and motivational skills.
- Capable of working independently and under pressure in a collaborative service-oriented environment.
- Ability to motivate in a team-oriented collaborative environment.
- Incumbent must exhibit strong leadership attitude in support of project department and County goals and must have demonstrated ability to lead others in a team environment.
Extensive knowledge of or familiarity with:
- NIST Cybersecurity Framework 2.0
- NIST SP 800-100
- NIST SP 800-171r3
- MITRE ATT&CH framework
- ISO/IEC 27001
- COBIT
- CIS Controls
- PCI-DSS
- HIPAA
Required Education/Certifications:
Seven or more years combined experience as an Information Security Manager. Demonstrated supervisory experience in an enterprise technology environment.
One of the following:
- Baccalaureate degree from an accredited four-year college/university in Computer Science Information Systems Management or a related field.
- Community college degree in Computer Science or Information Systems.
- Additional experience may be substituted for education.
Preferred Qualifications/Certifications:
- Prefer 10 years of related experience.
- Relevant certifications such as CISSP CISM Security CySA GSEC CCSP CISA.
Physical and Mental Requirements:
- Work is typically performed in an office data center or conference rooms.
- Communicate in in-person and virtual meetings.
- Regular use of telephone and chat.
- Regular use of computers.
- Regular handling of small computer components.
- Lifting of up to 100 pounds.
- Occasional need to perform urgent tasks to meet organizational deadlines.
- Occasional work after normal business hours.
- Occasional weekend duties.
- Occasional operation of County vehicles to travel to locations throughout the County is required.
- Regular contact other county employees and senior leadership at all levels of County government.
- Employees in this position may be considered essential personnel and fall under Albemarle County AP4 and in addition be subject to working overtime being held over or called back for disasters local emergencies or special events.
Remote Work:
This position is eligible for a hybrid remote work schedule that is in compliance with the Countys Remote Work Policy and meets the operational and service needs for the position. All County staff must maintain residence within the Commonwealth of Virginia.
Salary Range:
The hiring range for this position is $51.43 - $56.84 per hour (approx. $ 106971 - $118231 per year). Starting offer is based on applicable education beyond minimum requirements and internal equity. The position also provides excellent benefits including 12 paid holidays paid vacation and sick leave health insurance options with employer contribution employer-paid life insurance VRS retirement and continuing education/training opportunities. This is a full time FLSA exempt position. Internal candidates will receive pay adjustments in accordance with Local Government Personnel Policy P-60.
DEADLINE FOR APPLICATIONS: Application window closes September 17 2025.
Virginia Values Veterans:
Albemarle County is a certified V3 organization.
EOE/EEO:
Albemarle County is an equal employment opportunity employer and does not discriminate against any group or individual on the basis of race color religion sex sexual orientation national origin age or disability in regards to any aspect of employment policy and practice: recruitment testing selection assignment pay conditions of work training leave overtime promotion discipline demotion and separation.
Required Experience:
Chief
Employment Type
Full-Time
