Information Security Officer
Information Security Officer - ISO(Exe Lev)
$4,807.69 - $5,769.23 Biweekly
$125,000.00 - $150,000.00 Annually
Description of Duties / Essential Functions
Under the direction of the Chief Information Security Officer (CISO), duties, functions and responsibilities of this position include:
- Develop and implement department specific Cybersecurity Master Plan aligned with the overall company Cybersecurity Master Plan to address the confidentiality, integrity and availability of business systems, data and information
- Direct an ongoing, proactive risk assessment program for all new and existing department systems and remains familiar with goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk
- Oversee all ongoing activities related to the development, implementation and maintenance of department’s information security policies and procedures by ensuring these policies and procedures encompass the overall security of Operational Technology (OT), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.
- Responsible for implementing an ICS Framework approach to facilitate the secure implementation and management of critical systems
- Responsible for communicating risks and recommendations to mitigate risks to the company CISO, CIO and Department Director in cost/benefit terms so decisions can be made to ensure the security of information systems and information entrusted to the department
- Ensure Department vulnerabilities are managed and mitigated per Company Cyber Division policy
- Assist with the development of department specific, role-based information security awareness training programs, and works with company Cyber Division, department divisions and programs to present to staff as appropriate
- Work with company CISO to ensure proper protections, technical and physical controls are in place to protect department assets based on cyber industry standards (e.g., NIST 800-82)
- Work with company CISO on a design and plan to integrate department cyber capability and monitoring into the company Security Operations Center (SOC)
- Assist with the development and implementation of a department business continuity/disaster recovery plan to offset the impact caused by intentional and unintentional acts
- Responsible for collecting, analyzing, and escalating security events; aligning with the Company Cyber Division on facilitating proper incident response
- Responsible for consuming threat intelligence received from the Company Cyber Division to mitigate identified threats to Department OT, ICS and SCADA assets
- Evaluate security incidents and determines what response, if any, is needed and coordinates with Company CISO and Company Cyber Division on proper responses when critical systems, sensitive data or sensitive information are compromised
- Assist the Company CISO with Department insider threat investigations
- Interfaces as required with Department workstation users, Department server and desktop teams, Department application support and Department hardware/software vendors; coordinates projects with users for deadline requirements
- Participate in projects to establish and maintain policies, processes, and controls in compliance of cyber security regulatory standards or best practice frameworks including Center for Internet Security (CIS), National Institute of Standards and Technology (NIST) and North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC CIP) where applicable
- Assist the Company CISO in research, design and implementation of cyber security solutions
- Assist in the collection and correlation of data for regulatory or other cyber security related audits or RFI’s (Request for Information)
- Provide Governance and support for Industrial Internet of Things (Edge, Cloud, etc.)
- Participate in Cyber Vulnerability Assessments, Penetration Testing, and real activation or tabletop exercises of Incident Response Plans
- Responsible for pro-actively monitoring and assessing security events through available system logs and security tools via the Company Security Operations Center
- Ability to establish creditability and be decisive but also to recognize and support the organization’s preference and priorities
- Ability to maintain the highest standard of confidentiality is required with zero tolerance
- High energy level, comfortable performing multifaceted projects in conjunction with normal activities
- Results oriented with the ability to balance other business considerations
- Ability to speak and present information effectively to groups of varying sizes
- Well-developed interpersonal skills. Ability to get along with diverse personalities; tactful, mature and flexible
- Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by Company CISO, and obtaining certifications relevant to job duties
There are no major sources of discomfort, i.e., essentially normal office environment with acceptable lighting, temperature and air conditions. Significant time spent using computer display, keyboard, and mouse.
**Must be able to pass a criminal background check, obtain and maintain federally mandated security clearances where required.**
B.A. or B.S. degree in Management and Information Systems (MIS), Computer Science, Engineering or a closely related field.
At least 5 years of experience implementing IT Security plans and controls of a department or enterprise IT environment that includes three (3) years managing a technology team. Strong understanding of the department's core business functions and business strategy.
Preference will be given to applicants that possess:
- At least 5 years of experience developing and implementing cybersecurity plans and controls in a public works focused organization. Strong understanding of the department’s core business functions and business strategy.
- Experience with the development of a cyber strategy designed to address the security of Water/Wastewater SCADA environment including design, process, and controls with consideration of future regulatory compliance
- Experience coordinating, accumulating, writing/updating of appropriate technological processes and procedures to maintain a secure and operational environment
- Experience providing governance and support for Industrial Control Systems Solutions (Servers/SCADAs, HMIs, OS, Patching Systems, Disaster Recovery, etc.)
- Experience developing and maintaining SCADA cyber security awareness training and notification
- Knowledge and experience with Windows, Active Directory, group policy, DNS, encryption, patch management, anti-virus, system configuration management
- Knowledge and experience with LAN, WAN, VPN, routers, firewalls, servers, IDS/IPS, SIEM and DLP
- Solid expertise in formal/structured IT security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications
- Experience with a wide variety of operating systems: Windows Server, Windows 10, Windows 7, Linux etc.
- Knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis models
- Knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies
- Solid knowledge and understanding of networking and TCP/IP
- Proven experience working in a rapidly changing, high intensity environment
- Avid, proactive learner and ability to work well in a team-based environment
- Strong interpersonal and writing skills
- Superior attention to detail
**Preference will also be given to eligible veteran applicants provided such persons possess the qualifications necessary for competent discharge of the duties involved in the position applied for.