What are the responsibilities and job description for the IT Security Manager position at Macon-Bibb County Government?
Work with county managers, department directors, and stakeholders to assess business requirements and implement security safeguards, countermeasures, and continuity operations
Align cybersecurity and privacy principles with organizational business requirements, relevant to upholding confidentiality, integrity, and availability
Develop, maintain, and enforce security policies, procedures, standards, baselines, and guidelines
Improve, maintain, and enforce security programs, including security awareness and training
Implement, review, and manage auditing of security event logs, including methods of aggregation and data correlation for reporting and analysis
Lead continuous maintenance, review, and testing of disaster recovery procedures and continuity planning, including risk management
Lead, conduct, and maintain vulnerability management, including investigation, resolution, and documentation
Lead, coordinate, and manage efforts to ensure the security of all hardware, software, data, tools, and other network resource implementations
Receive, analyze, triage, and document network security alerts, incidents, events, and notifications
Responsible for assisting/guiding IT projects and other technical operational teams with assuring networks, data, applications, interconnections, databases, web/cloud instances, personnel, and physical security assets are protected, secure, and delivered in accordance with security policies and best standards
Provide security consultation, cross-training, end user training, and other technical assistance
Manage and perform security administration, including lifecycle change management
Lead and manage team(s) responsible for information security governance, security initiatives, regulation, and compliance
Report and advise senior management and leadership on security posture and risk responses
Assess, classify, and assist with management of access controls and legal retention requirements for data information
Research, acquire, and advise on IT acquisitions, improvements, and outsourcing efforts
Lead, conduct, and maintain BCP efforts, including disaster recovery, BIA, COOP, IR, risk assessments/analysis, testing, and other recovery/restoration processes
Support, advise, and assist in oversight of secure vendor management for products and services throughout the infrastructure, including external network resources
Oversee and assist with security certificate management, including digital code signing, across systems, network, web, and other assets
SUPERVISORY CONTROL AND RESPONSIBILITIES
Yes.
The IT Security Manager requires minimum, a Master’s degree in Management of Information Systems, Information Technology, Computer Information Systems, Cybersecurity, Computer Science, Business Administration or related field with 5 years of progressive IT and security experience; or a Bachelor’s degree in similar course work in conjunction with IT-related professional certifications and 6-8 years of progressive IT and management experience; or an Associate’s degree in similar course work in conjunction with IT-related professional certifications and at least 9 years of progressive IT-related experience; or an equivalent combination of relevant education, IT-related professional certification, and experience deemed appropriate by the County Manager and/or Chief Information Officer to provide sufficient knowledge, skills and ability to successfully perform the duties and responsibilities of the position.
Preferred Certifications
CISSP
CISM
CCSP
CISA
SANS certification(s)
NECESSARY SPECIAL REQUIREMENTS:
Possession of a valid Georgia Motor Vehicle Operator’s License.
Applicant must not have a State or Federal criminal conviction record.
Applicant must be fingerprinted and pass a local background check conducted by the Macon-Bibb County Sheriff Department.
Skilled in team building, effective communication, professionalism, and courteousness
Skilled in strategic and tactical planning and execution, project management, time management, and critical thinking/decision making
Knowledge of fiscal/calendar budgetary preparation, management, and reporting
Knowledge of IT security risk management concepts, including penetration testing
Knowledge of incident response methodologies
Knowledge of cybersecurity and privacy principles applicable to SLTT
Knowledge of information security standards and frameworks (i.e., NIST, CIS, CSF, PCI-DSS, SOC, ISO, etc.)
Knowledge of NGFW, SDWAN, IDS/IPS, VPN, IAM, IAAA, 802.1x, 802.11, and other protocols
Knowledge of enterprise virtualization security risk management approaches
Knowledge of DNS, DHCP, ACLs, secure wireless methods, secure network and communication protocols
Knowledge of cloud service models and applicable security risks management
Knowledge of data backup and recovery methods
Knowledge of network traffic analysis, including packet-level
Knowledge of web and application security (i.e., OWASP, secure SDLC, etc.)
Knowledge of AI, ML, and enterprise automation related risks and security controls
Ability to initiate, manage, and execute project plans to closure/hand-off
Ability to apply administrative, technical, and physical security controls in a defense-in-depth and/or zero-tolerance approach.
(ADA) MINIMUM QUALIFICATIONS OR STANDARDS REQUIRED TO PERFORM ESSENTIAL JOB FUNCTIONS
LANGUAGE SKILLS:
Ability to read and understand written materials. Ability to effectively communicate information to leadership, employees, and the general public.
MATHEMATICAL SKILLS:
Ability to work with basic mathematical concepts, such as addition, subtraction, multiplication, and division.
COMMUNICATION SKILLS:
Must be able to effectively communicate orally and in writing in a professional manner in order to give or exchange information, resolve problems, and/or provide service. In addition, this position requires extensive contact with leadership, supervisors, other employees, and the general public.
REASONING ABILITY:
Ability to interpret and understand a variety of forms, reports, manuals, regulations, standards, white-papers, and other means of instruction and guidance.
PHYSICAL DEMANDS:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. This position requires light demands with intermittent sitting, standing, walking, computer use, and occasional lifting of light-to-medium weighted objects.
WORK ENVIRONMENT:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. The work environment is both an outdoor and an indoor office work area.
TRAVEL:
The IT Security Manager is required to travel locally on occasion. Other travel may be required, but not limited to training events, conferences, and for continued education purposes.
If you have any problems submitting your applications, please contact the NeoGov Applicant Support Hotline Toll Free at 855-524-5627, 9:00 a.m. to 8:00 p.m. (ET).
AN EQUAL OPPORTUNITY/AFFIRMATIVE ACTION EMPLOYER.
Salary : $70,000 - $80,000
