IT Security and Compliance Manager

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or a closely related field.
• Minimum of five (5) years of experience in cybersecurity, compliance, or information security.
• Strong analytical and problem-solving abilities.
• Excellent written and verbal communication skills.
• Strong organizational skills.
• Attention to detail.
• Ability to explain complex security concepts to technical and non-technical audiences.

Nice To Haves

• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Cloud Security Professional (CCSP) or equivalent.
• Experience or familiarity with security frameworks such as Center of Internet Security (CIS) Controls, National Institute of Standards and Technology (NIST) Cybersecurity Framework, International Organization for Standardization (ISO) 27001, Cloud Security Alliance (CSA), and Cloud Controls Matrix (CCM).
• Experience or familiarity with risk management methodologies such as NIST 800-39 and ISO 27005.
• Experience or familiarity with regulatory frameworks including Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry—Data Security Standard (PCI-DSS) and Criminal Justice Information Services (CJIS) Security, ICS/SCADA environments and IT/OT security concepts.
• Experience or familiarity with Microsoft Windows Server/Desktop environments.
• Experience or familiarity with Microsoft Active Directory and Entra ID.
• Experience or familiarity with cloud platforms and identity management systems.
• Experience or familiarity with network infrastructure, TCP/IP, DNS, DHCP, and firewalls.
• Experience or familiarity with virtualization technologies and enterprise applications.

Responsibilities

• Assess, analyze, and recommend security safeguards to protect the confidentiality, integrity, and availability of systems and data.
• Review security controls and conduct security framework assessments.
• Identify vulnerabilities and help coordinate remediation efforts across systems and infrastructure.
• Assist with operating system configuration compliance, and security baseline implementation.
• Support security operations involving cloud environments, identity management, networking, virtualization, and enterprise systems.
• Help maintain and strengthen the information security program aligned with industry best practices.
• Conduct compliance assessments and assist departments in resolving identified gaps.
• Support audits and respond to inquiries regarding compliance with cybersecurity frameworks and regulations.
• Develop and maintain security policies, standards, procedures, and documentation.
• Translate regulatory and contractual requirements into practical, measurable security controls.
• Maintain records related to compliance and security governance activities.
• Lead engaging cybersecurity awareness and training initiatives for City employees.
• Educate staff on compliance requirements and secure technology practices.
• Communicate security risks and compliance obligations to leadership and stakeholders in clear, actionable language.
• Contribute cybersecurity-related content to employee communications and publications.
• Coordinate security initiatives with Information Technology staff and City departments.
• Manage vendor relationships and contracts related to cybersecurity services and operations.
• Promote exceptional customer service and foster a collaborative, professional workplace culture.
• Occasional after-hours support during security incidents or critical operations.

Benefits

• Medical
• Dental
• Prescription
• Vision
• Wellness incentives
• Life insurance
• Retirement pension plan with Illinois Municipal Retirement Fund
• Other retirement savings options