Job description

JOB
When you come work for the City of Coconut Creek, although you’re assigned an employee number, you’re not treated like one. With an average of 10 years of service (some as many as 30-plus!), our employees know they can transform their careers in Coconut Creek, the “Butterfly Capital of the World.” Today you may be applying to our IT Security Manager position, but tomorrow that role could lead to wherever you want to go in the City! And in the days, months, and years in between, you’ll be treated like family and invited to participate in fun events like Public Service Recognition Week, Halloween costume contests, holiday luncheons, wellness fairs, meditation sessions, chair massages, themed dress-up days, charitable causes, and so much more! The City of Coconut Creek has been spotlighted as one of the “Best Cities to Live in America” by Money Magazine and a Top Ten Place to Live in Florida by Movoto and NerdWallet. This past year, we were awarded the Honorable Culture of Well-Being by Cigna and ranked #7 Healthiest Employer to Work For in the medium-sized company category by South Florida Business Journal. Our City is home to the Seminole Casino Coconut Creek, Butterfly World, and the Coconut Creek Promenade. Every one of our business owners and 61,000 residents relies on our awesome 400+ employees. Are you ready to be one of us? If you are interested in making a difference in the lives of others and serving the public; if you are innovative, progressive, inclusive, dedicated, and looking for a workplace where you belong, consider applying to join our Coconut Creek family. GENERAL PURPOSE: Performs professional and managerial work in the Information Technology (IT) department involving primary responsibility for the strategy, design, specification and implementation of the IT Security Program and associated policies. Work is performed independently under limited supervision with considerable moderate latitude. Position typically requires processing and interpreting of more complex, less clearly-defined issues.Salary: $89,856.00-$114,587.20/annually (Depending on Qualifications) Hours of Work: Monday through Thursday, 7:00 a.m. – 6:00 p.m.; Days and hours are subject to change, including call-outs.Note: Please include a minimum of the most recent 10 years of experience in your application.

EXAMPLE OF DUTIES
The list of essential functions, as outlined herein, is intended to be representative of the tasks performed within this classification. It is not necessarily descriptive of any one position in the classification. The omission of an essential function does not preclude management from assigning duties not listed herein if such functions are a logical assignment to the position.Manages the City’s IT Security Program, including the strategy, design, specification, and implementation of the ProgramResearches, designs, recommends, evaluates, documents, and implements cybersecurity solutions that identify and/or protect against potential threatsDevelops, reviews, implements, and maintains a security awareness program to mitigate human risks present in the City’s extant operating environmentPerforms supervisory responsibilities, including, but not limited to, prioritizing and assigning tasks and projects; coaching and mentoring staff; providing opportunities for growth through work assignments and training; interviewing and recommending new hires and promotions; communicating expectations; evaluating performance; and enforcing policies and procedures Performs system security administration on designated technology platforms, including operating systems, applications, and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelinesDefines, implements, and maintains information security policies including ongoing improvements and processes for exceptions and/or non-complianceDesigns and implements a risk assessment strategy to include identification of vulnerabilities, mitigation options, remediation requirements, tracking and management reportingDevelops and maintains procedures for Federal and State Cybersecurity complianceResponds to and reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processesProvides guidance and oversight of operational and system security controlsEnsures employees and third parties understand, acknowledge, and fulfill all applicable information security policiesParticipates in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systemsImplements or coordinates remediation required by audits, and documents exceptions as necessaryRecommends, schedules and/or applies fixes, security patches and any other measures required in the event of a security breachAssists with system and application vulnerability and penetration testingAssists with the coordination and management of security awareness training, business continuity and disaster recovery plansMonitors security vulnerability information from vendors and third partiesDevelops and oversees the risk register and tracking of open issues requiring remediationWorks with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and softwareParticipates in grants writing consistent with our environmentStrategically advises on the development of new services or enhancements to existing services to ensure "security by design" and "security by default" principlesPerforms other related duties as assigned and/or required

MINIMUM QUALIFICATIONS
Bachelor's degree in information systems, computer science, or closely related field; supplemented by a minimum of seven (7) years’ experience in an Information Technology position involving information/network security, including functions such as incident response plan, patch management, security alerting, security auditing, and security reporting. Two (2) years of the required experience may be substituted with a related Master’s Degree. Other comparable combinations of relevant experience, education, and skills may be considered at the City’s sole discretion. Experience in the following areas is preferred: Securing routers/switches, firewall rule/policy, security assessment tools, security policy development, antivirus familiarity and importance, vulnerability assessment, security best practices, data protection including DRP and business continuity planning (BCP), e-mail security, Windows active directory (AD) security, payment card industry (PCI) compliance. Any of the following certifications are preferred: CompTIA A+, CCNA, CCNP, security +, MCSE: mobility, Certified Information System Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Security (CRISC), or other security certifications. Possession of or ability to obtain a valid Florida driver’s license by date of hire.Level 4 CJIS security training: security & awareness course and test certifications must be obtained within the first 30 days of employment. Must submit to a State and National Criminal Background Investigation.Knowledge, Skills, and Abilities: Knowledge of Information Security programs including, but not limited to, program development, policy management, audit reviews, risk assessment, awareness and training, identity and access management, data protections, secure SDLC, incident management, vulnerability assessment, penetration testing, third-party assessment, security configurations and patch managementKnowledge of IT risk management concepts and solid understanding of IT general control and information security principlesKnowledge and understanding of industry-recognized compliance/risk frameworks such as NIST 800-53, NIST Cybersecurity Framework (CSF), ISO 27001, CIS Top 20 Controls, and OWASPKnowledge of network security, to include VPN, routers, firewall, network monitoring, intrusion detection, web server security and wireless security, cloud, OT, the Internet of Things (IoT), and associated network protocols and conceptsStrong working knowledge of common vulnerabilities and exploitation techniquesStrong working knowledge of vulnerability management toolsStrong working knowledge of security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technologySkill in developing, documenting, and maintaining security proceduresSkill in building team-oriented interpersonal relationships, with the ability to interface effectively with a broad range of people and roles, including vendors, staff, and IT-business personnelSkill and experience with database security, content filtering, vulnerability scanning and anti-malwareSkill in at least one scripting language (e.g., Perl, Python and PowerShell)Ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneouslyAbility to delegate, manage, and supervise effectivelyAbility to communicate in English complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable mannerAbility to manage expectations appropriately, with a strong customer/client focus, and provide a superior customer/client experience and build long-term relationshipsAbility to work with self-motivation, possessing a high sense of urgency and personal integrityAbility to use critical thinking skills to arrive at solutions and suggest improvements to processesAbility to regularly attend work and arrive punctually for designated work schedule

SUPPLEMENTAL INFORMATION
Physical Requirements: Depending on functional area of assignment, tasks involve the ability to exert light physical effort usually involving some lifting, carrying, pushing and/or pulling of objects and materials of lightweight (up to 20 pounds). May involve some climbing, balancing, stooping, kneeling, crouching, crawling, walking or standing. Tasks may involve extended periods of time at a keyboard or work station and extended periods of time standing and/or walking.Environmental Requirements: Tasks are regularly performed inside and/or outside with potential for exposure to adverse conditions, such as dirt, dust, pollen, odors, fumes and/or poor ventilation, wetness, humidity, rain, temperature, and noise extremes, machinery and/or moving vehicles, vibrations, electric currents, animals/wildlife, toxic/poisonous agents, gases or chemicals, oils and other cutting fluids, violence and/or disease, or pathogenic substances.Sensory Requirements: Some tasks require manual dexterity, in addition to visual and hearing acuity. Some tasks may involve identifying and distinguishing colors.

jackharris.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jackharris.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jackharris.com is the ideal place to find your next job.