ASSISTANT DIRECTOR OF INFORMATION TECHNOLOGY

RESPONSIBILITIES :

• Develops and maintains an enterprise-wide information security program, including policies, procedures, and controls to protect critical data, infrastructure, and information assets.
• Works with the Director / CIO to establish and execute a multiyear cybersecurity strategy and roadmap.
• Ensures alignment of security goals with the department’s business plan, overseeing the development, execution, and updates of the cybersecurity strategic plan.
• Directs countywide information security efforts through departmental security professionals.
• Oversees Information Technology (IT) security policies, including disaster recovery, vulnerability management, and regulatory compliance.
• Coordinates and ensures compliance with HIPAA security requirements across County departments.
• Establishes continuous monitoring, auditing, and compliance reviews to safeguard County systems.
• Identifies and reports key performance metrics to measure the effectiveness of security programs.
• Leads IT security audits, including internal assessments and external compliance testing.
• Works with IT teams to implement security automation, vulnerability assessments, and risk management initiatives.
• Collaborates with the Training Officer to develop and deliver cybersecurity awareness programs.
• Other duties as required.

KNOWLEDGE, SKILLS AND ABILITIES :

The Assistant Director of Information Security must have extensive expertise in cybersecurity frameworks National Institute of Standards Technology (NIST), ISO 27001, Computer Information Systems (CIS), Control Objectives for Information and Related Technologies (COBIT) and regulatory compliance (HIPAA, General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley Act (SOX). A deep understanding of security technologies (Security Information and Event Management (SIEM), Identity and Access Management (IAM), Endpoint Detection and Response (EDR), firewalls, Zero Trust, and cloud security) best practices, and risk management strategies are essential. This position requires :

REQUIREMENTS :

PREFERRED

Salary : $109,621 - $147,923