Job Details

CLASSIFICATION DETAILS

DEPARTMENT:  Information Technology

GENERAL SUMMARY:

Under limited direction, this role will establish a best-in-class cybersecurity office and support processes that will allow our organization to scale to the ever-changing demands in cybersecurity. The right candidate will possess strong management skills and exert a positive influence on both staff and our user community. Partners closely with technology teams and business units to ensure that cybersecurity is at the forefront of every solution, including monitoring framework to measure our progress. Delivers leading-edge security leadership and contributes to the development of individuals and high-performing teams alike.  

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES

Leads and develops staff to embrace industry security standards.

Acts as a liaison between Macomb County Information Technology (MCIT) and the customer to identify, analyze and wrap sound cybersecurity defenses around client solutions providing a safe environment for business operations.

Develops and executes MCIT strategic roadmaps and initiatives that meet business objectives, enables sound decision making and supports current and future initiatives.

Aligns the client’s IT business solutions with MCIT’s strategic vision and guidelines, providing cost effective solutions that show measurable business value.

Delivers, supports, and maintains a reliable cybersecurity program for the County.

Manages the design, procurement, development, installation, and maintenance of security-related projects while ensuring timely and on-budget delivery of specifications with minimal defects. 

Manages risk and change by identifying, evaluating, and managing the probability of negative impact or outcome in projects.

Provides end-user training and ongoing production support.

 Identifies security risks and issues within the County and implements measures to ensure compliance with security policies, procedures, and industry best practices.

Manages software licensing and inventories and ensures licensing compliance in conjunction with the Applications Manager.

Performs as the security authority on behalf of the team with customers, vendors and internal resources ensuring sound, secure business resolutions.

Identifies new product ideas, monitors customer trends, and validates through proof of concepts to enhance cybersecurity.

Develops and maintains performance metrics for information security, and reports per agreed formats and timelines to drive operational improvements for MCIT and our clients.

Maintains cybersecurity updates on the County’s website.

Collaborates with other departments to monitor and investigate endpoint usage per approved County policies.

Provides schedules and governance over security upgrades, updates and patching of software and hardware.

Provides operating guidelines and procedures for implementing cybersecurity standards, written service level agreements (SLAs) and policies and clearly communicates these to all users in conjunction with Division Managers and Supervisors. 

Oversees and posts all MCIT policies for the County.

Develops protocols for managing and operating the County's information security systems providing on-site documentation.

Oversees, designs, and implements business continuity architecture and plans, as well as disaster recovery plans. 

Coordinates with other management staff to plan schedules, resources, and implementation of major projects.

Reviews business solutions and contracts to ensure that proper cybersecurity practices are being followed.

Prepares and administers the cybersecurity budget, monitoring and approving expenditures with budget limits and providing input regarding needs, equipment, materials, and supplies.

Manages and develops third party service agreements including Requests for Information, Requests for Proposals, and other bid-related documentation and contracts.

Maintains educational proficiency in information security products and systems installed on the County's Local Area Network/Metropolitan Area Network/Wide Area Network (LAN/MAN/WAN).

Supervises and participates in the training and support of County personnel regarding IT systems and Cybersecurity for IT, as well as the implementation of training modules on the County’s Learning Management System.

Responds to and documents security incidents promptly, according to defined service-level agreements.

Maintains and gains relevant business and technical knowledge through attendance at seminars, workshops, and reading related publications.

Maintains living documents as a client’s system and/or hardware evolves.

Interfaces with all levels of staff, contributing to an atmosphere of teamwork through collaborative behavior and open communication.

Completes assigned clients’ IT service requests and incidents tickets within service level requirements.

Identifies and researches opportunities to integrate systems and simplify business operations with technology-related solutions.

Operates an automobile to perform assigned job functions. 

Performs related duties as assigned.

QUALIFICATIONS

Required Education and Experience

Preferred Education and Experience

• Previous supervisory experience
• Familiarity with a variety of security frameworks (e.g. CIS Top 20, NIST, SOX, COBIT, etc.)

Required Licenses or Certifications

Preferred Licenses or Certifications

• Active security certifications (e.g. CEH: Certified Ethical Hacker; CISM: Certified Information Security Manager; CompTIA Security+; CISSP: Certified Information Systems Security Professional; CISA: Certified Information Security Auditor; NCSF: NIST Cybersecurity Framework; CCSP: Certified Cloud Security Professional; etc.)