Chief Information Security Officer (Information Systems)

Job Description

POSITION SUMMARY :

The Chief Information Security Officer of the County of Berks is responsible for collaborating with the county CIO and other county leadership in overseeing and managing the cybersecurity strategy, operations, and compliance efforts for the organization. This position plays a critical role in protecting the confidentiality, integrity, and availability of the organization's information assets and systems while ensuring compliance with relevant policies, laws, and regulations. The CISO and his / her staff will develop and execute a comprehensive cybersecurity strategy aligned with the organization's goals and objectives. This position will serve as one of the primary advisors to organizational leadership on cybersecurity matters, providing guidance and recommendations to mitigate risks and address emerging threats. The CISO and his / her staff will strive to ensure adherence to regulatory requirements such as the Criminal Justice Information Services (CJIS) Security Policy, HIPAA, and other applicable federal, state, and local laws. The CISO will collaborate with leadership to develop, implement, and update cybersecurity policies and procedures. This position will play a key role in developing and maintaining the organization's Cybersecurity Incident Response Plan, ensuring preparedness to address and recover from security incidents. The CISO will work with stakeholders to create and regularly update the organization's Continuity of Operations Plan (COOP), ensuring resilience and continuity during disruptions. This position will be responsible to collaborate with the rest of the I.S. department and operational teams to integrate security measures into system design, procurement, and implementation processes. The CISO will evaluate and recommend security technologies, tools, and services to enhance the organization's cybersecurity posture. The CISO and his / her staff will be responsible to oversee the deployment, management, and monitoring of security infrastructure, including firewalls, IDS / IPS, EDR solutions, and many other security and technology solutions.

POSITION RESPONSIBILITIES :

Essential Functions

The duties and responsibilities of this position include, but are not necessarily limited to :

• Accountable for overall performance and efficacy of security projects and programs
• Analyzing security risks.
• Recommending and implementing security safeguards.
• Monitoring compliance to security laws and regulations.
• Investigating information security incidents.
• Manage security reporting & executive reporting.
• Oversee end user security awareness program.
• Manage regular security tasks.
• Serve as project manager for designated security projects.
• Review security of equipment configurations.
• Maintain security documentation.
• Oversee and manage vulnerability management.
• Evaluate purchasing decisions and install new equipment.
• Support the organization's business continuity and disaster recovery planning and response.
• Schedules and conducts tabletop exercises and simulations.
• Works with CIO and IT leadership team on risk management and risk reporting.
• Design and manage the implementation of governance efforts.
• Create and review policies and procedures to align with established standards.
• Manage security audits and assessments and resulting findings.

MINIMUM EDUCATION AND EXPERIENCE :

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES :

PHYSICAL DEMANDS :

Work involves standing, walking, sitting, lifting, carrying, talking, hearing, using hands to handle, feel objects, tools, or controls, and reaching with hands and arms. Vision abilities required by this job include close vision and the ability to adjust focus. The employee must occasionally lift and / or move up to 50 pounds a distance of 15 feet or less.

WORKING ENVIRONMENT :

Normal office environment.

This position description serves as a guideline for communicating the essential functions and other information about the position to the applicant / employee. It is not intended to create a binding employment contract nor cover every detail of the position and may be changed where appropriate.

About Us

Equal Employment Opportunity Statement :

The County of Berks provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, political affiliation or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

About Us :

Berks County is a combination of rich farm country, industry, beautiful parks, entertainment, and top-notch educational institutions. Whether you are interested in County services, the availability of our parks, tax rates, or other county information, this is the place to start.

About the Team

Mission Statement :

It is the mission of Berks County government and all County employees to administer and deliver services to the citizens of the County in the most effective, efficient and professional manner possible within the constraints of the financial resources available.