IT Security Manager

The IT Security Manager is responsible for overseeing the enterprise information security strategy, including the level of deployed and implemented security policies, procedures, and systems to protect SCAO’s data and assets. This role requires a strategic thinker with a deep understanding of the IT security landscape and the ability to lead a team in ensuring the confidentiality, integrity, and availability of all enterprise information.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security, following the SCOA’s procurement processes.

• Oversee the deployment, integrations and configuration of all new security solutions and any enhancement to existing security solutions in line with standard best operating procedures and the organizations security documents.

• Ensure the confidentiality, integration, and availability of data residing in or transmitted through the enterprise workstations, servers and other systems, as well as databases and data repositories, meeting SCAO’s organizational risk thresholds.

• Communicate IT Security Policies and procedures to staff members in collaboration with organizational leaders

• Supervise all investigations into problematic activity and maintain ongoing communication with senior management

• Oversee the design and execution of vulnerability assessments, penetration tests, and security audits.

• Conducts regular security awareness training for all employees to ensure consistently high levels of compliance with SCAO security Documents.

• Maintain ongoing communications with peers in the Systems and Networking groups and various business groups to ensure understanding of security goals, fostering cooperations and soliciting feedback.

EDUCATION

• Bachelor's degree or equivalent work experience in the IT Service Desk industry.

EXPERIENCE

• First-hand, comprehensive understanding of IT operations.

• Five years of experience working in ITSM/ITIL or software application administration or adult learning instructional design or curriculum development.

• Two years of progressively more responsible experience working in ITSM practices or Training or media production implementation or software administration.

• One year of experience as a team lead or manager working on large scale software system migrations or implementations that are managed formally as projects.

• Experience with business analysis of complex problems and issues.

• Experience supporting or as a power user of IT service management tools, product management tools, instructional design tools, learning management systems, video production tools, etc..

• Experience using service desk “ticketing” systems such as ZenDesk, Cherwell, ServiceNow, etc. • Working on teams of people in a matrix organization.

• Extensive experience in enterprise security architecture design.

• Extensive experience in enterprise security document creation.

• Designing and delivering employee security awareness training.

• Developing Business Continuity Plans and Disaster Recovery Plans.

• Leading and mentoring IT Security staff to include workload management, training opportunity identification, etc.

• Theory and secure operation of firewalls, email filters, virtual private networks, vulnerability scanning tools, and other security technologies.

• Experience with vulnerability assessments, penetration testing, and security audits.

KNOWLEDGE

• Working technical knowledge of IT technology hardening to include switches, routers, firewalls, servers, and workstations.

• Strong understanding of cloud-based platforms

• Strong understanding of IP, TCP/IP, and other network administration protocols.

• Strong understanding of encryption and the secure implementation of PKI.

• Extensive knowledge of IT security solutions and best practices.

ABILITY

• Excellent interpersonal, written, and oral communication skills.

• Ability to present technical and non-technical information to all stakeholder groups.

• Ability to manage complex security projects and initiatives.

• Experience with vulnerability assessments, penetration testing, and security audits.

• Highly motivated and self-directed, able to effectively prioritize and execute while under pressure.

• Offer constructive suggestions and act as a trusted advisor.

LICENSING / PROFESSIONAL CERTIFICATION

• One or more of the following certifications: GIAC Security Essentials Certification, GIAC Security Leadership Certification, ISACA Certified Information Security Manager, Microsoft Certified Systems Engineer: Security, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP

PHYSICAL REQUIREMENTS

• Working conditions are normal for an office environment.

OTHER REQUIREMENTS

• May require occasional weekend and/or evening work.

WORK LOCATION: Official work-site location is the Hall of Justice, Lansing, Michigan. Remote work may be available in accordance with the MSC/SCAO Remote Work Policy. TO APPLY: Please e-mail your cover letter and resume in Word or Adobe.pdf format to jobapps@courts.mi.gov and include “IT Security Manager” in the subject line. If you are unable to send applicant materials electronically, please contact Judicial Human Resources: (517) 373-1147.

APPLICANT DEADLINE: OPEN UNTIL FILLED

AN EQUAL OPPORTUNITY EMPLOYER

Job Type: Full-time

Pay: $107,448.00 - $142,881.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Parental leave
• Retirement plan
• Vision insurance

Schedule:

• Day shift

Work Location: In person

Salary : $107,448 - $142,881