Chief Information Security Officer

at City of Philadelphia
Published May 10, 2023
Location Philadelphia, PA
Category Default  
Job Type Full-time  


Company DescriptionA best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here.What We Offer:Impact - The work you do here matters to millions. Growth - Philadelphia is growing, why not grow with it? Diversity & Inclusion - Find a career in a place where everyone belongs.Benefits - We care about your well-being.The Office of Innovation & Technology (OIT) is the central IT department for the City of Philadelphia led by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents and visitors. In addition, OIT provides leadership and expertise on the design, integration, and management of data across city government.Job DescriptionWorking within OIT and reporting directly to the City's CIO, the Chief Information Security Officer (CISO) is the top technology security executive for the City of Philadelphia. The CISO will coordinate security efforts across the City and will identify information technology security initiatives and standards. The CISO establishes and manages City-wide security policies and processes controlling the workflow and integrity of city data, applications, systems and networks. The position is generally accountable for the management and direction of all city cybersecurity policies and controls. Essential Functions•Advises CIO and OIT Executive Management Team on cybersecurity issues, policies and practices.•Directs and approves the design of security systems.•Oversees teams of cyber security personnel and vendors who safeguard the City's assets, intellectual property, information systems and the physical security of Information Technology processing facilities.•Coordinates hiring, training, evaluation and mentoring of security personnel and the development of education/training programs to ensure appropriate awareness of security policies, procedures, and standards.•Identifies protection goals and objectives and prepares metrics and evaluations on performance and efficacy of those goals/objectives consistent with the OIT's and the City's strategic plan.•Directs the development and implementation of security policies, standards, guidelines and procedures to ensure ongoing maintenance of security in coordination with OIT's IT Compliance Office and Chief of Operations.•Along with the CIO, prepares regular briefings on the status of the city's security issues, programs and objectives for Mayor's Office and cabinet members and other City elected officials. •Maintains relationships with other localities, state and federal law enforcement and other related government agencies. •Physical security responsibilities will include asset protection, access control to information processing facilities, and more.•Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness and more.•Oversees Incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.•Schedules periodic cyber and data security audits and works with outside consultants as appropriate for independent security audits.•Ensures that disaster recovery and business continuity plans comply with OIT's security goals and objectives and coordinates with leadership at the City's Office of Emergency Management and Office of Risk Management on these efforts.•Meets with data processing managers to determine impact of proposed changes in hardware or software.•Reviews, plans, budgets and schedules security upgrades and maintenance of software.•Meets with subordinate supervisors to discuss progress of work, resolve problems, and ensure that standards for quality and quantity of work are met.•Adjusts hours of work, priorities, and staff assignments to ensure efficient operation.•Approves budget and expenditures for the Information Security Group including full time staff and contractors.Competencies, Knowledge, Skills and Abilities•Must be an articulate and persuasive leader who can communicate security-related concepts to a broad range of technical and non-technical staff.•Should have experience with planning, auditing, and risk management, as well as contract and vendor negotiation.•Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.•Skill in organizing resources and establishing priorities.•Strategic planning and advanced leadership skills.•Ability to develop requests for and evaluate proposals in reference to leading-edge information services security technology.•Ability to provide strategic guidance and counsel to clientele in the assessment and development of existing and/or proposed systems.•Ability to foster a cooperative work environment.Qualifications•Completion of a bachelor's degree program at an accredited college or university, which has included major course work in computer science, information science, system analysis, software engineering, or a closely related field.•Minimum of ten (10) years of professional experience in IT data and cyber security. •Experience managing a team of professionals and demonstrated project management skills.•Valid Certified Information Systems Security Professional (CISSP) credential required such as CISSP-ISSAP, CISSP-ISSEP or CISSP-ISSMP.•The City, in its exclusive discretion, may accept additional years of experience, additional education or other training and/or certifications in lieu of a CISSP credential. Additional InformationSalary Not to Exceed: $200,000Please provide a resume and include a cover letter. Applicants not submitting a cover letter may be summarily rejected.Did you know?•We are a Public Service Loan Forgiveness Program qualified employer•25% tuition discount program for City employees (and sometimes spouses and dependents as well) in partnership with area colleges and universities•We offer Comprehensive health coverage for employees and their eligible dependents•Our wellness program offers eligibility into the discounted medical plan•Employees receive paid vacation, sick leave, and holidays•Generous retirement savings options are available*The successful candidate must be a city of Philadelphia resident within six months of hirePlease note that effective September 1, 2021, the City of Philadelphia is requiring all new employees to present proof of vaccination against COVID-19. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to faqpchr [Click Here to Email Your Resumé]. For more information, go to: Human Relations Website:

Drop files here browse files ...