IT Security Manager

About The Position

Requirements

• Completion of a bachelor’s degree program at an accredited college or university, which has included major course work in computer science, information science, system analysis, software engineering, or a closely related field.
• Minimum of eight years of work experience, which must include at least three years of direct IT security-related experience, including exposure to the NIST Framework.
• Experience performing information security risk assessments including identifying threats, vulnerabilities, and risk.
• Experience with Vulnerability Management programs.
• Experience working with common information security tools including Endpoint Detection and Response, network filtering technologies (Web, DNS), Identity and Access Management solutions, and SIEM technologies required.
• Must be an articulate and persuasive leader who can communicate security-related concepts to a broad range of technical and non-technical staff.
• Should have experience with planning, auditing, and risk management, as well as contract and vendor negotiation.
• Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.
• Skill in organizing resources and establishing priorities.
• Strategic planning and advanced leadership skills.
• Ability to develop requests for and evaluate proposals in reference to leading-edge information services technology.
• Ability to provide strategic guidance and counsel to clientele in the assessment and development of existing and/or proposed systems.
• Ability to foster a cooperative work environment.

Nice To Haves

• Valid Certified Information Systems Security Professional (CISSP) credential, such as CISSP-ISSAP, CISSP-ISSEP or CISSP-ISSMP, is preferred but not required.
• Experience leading security initiatives and coordinating work across technical teams; direct people management experience preferred.
• The candidate should have knowledge of the following tools/platforms: AWS, Azure, O365, Carbon Black, Crowdstrike, Rapid 7, QRadar and/or JSA.
• Experience with OT systems such as SCADA and PLCs is a plus.

Responsibilities

• Manage IT Security projects including implementation of an updated security program while ensuring cross-team collaboration with necessary stakeholders.
• Ensure incident response procedures are documented including identification of roles and responsibilities.
• Monitor and analyze security event data by responding to, prioritizing, and managing security events and managing security incidents from occurrence to closure, in coordination with internal and external resources.
• Schedules periodic security audits and works with outside consultants as appropriate for independent security audits.
• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate risks.
• Develop and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).
• Respond to security incidents and implement corrective actions.
• Stay abreast of the latest security trends to maintain the security of RevIT and OT systems.
• Partner with the City’s Security Team to ensure City policies are applied throughout Revenue.
• Stay up-to-date on the latest security threats, vulnerabilities, and regulatory requirements.
• Participate in security audits and compliance reviews.
• Contribute to the development and implementation of security policies and procedures.
• Perform risk assessments and identify mitigation strategies.
• Communicate security-related information effectively to both technical and non-technical audiences, performs miscellaneous job-related duties as assigned.

Benefits

• Comprehensive health coverage for employees and their eligible dependents
• Our wellness program offers eligibility into the discounted medical plan
• Employees receive paid vacation, sick leave, and holidays
• Generous retirement savings options are available
• Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness.
• Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails.
• Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too!