The Chief Information Security Officer (CISO) is charged with the responsibility for building and maintaining an information privacy and security-conscious culture and infrastructure for the City of Ft. Lauderdale, including developing and administering the city’s information privacy and security policy, strategy and vision, assessing privacy and security risks, and coordinating information privacy and security efforts across the city. The CISO owns the city’s awareness and training program for information privacy and security. Manages the development, implementation, and maintenance of the city’s information privacy and security policy, standards, and guidelines.
The employee serves as an expert adviser to the city’s senior management in the development, implementation, and maintenance of an information privacy and security infrastructure. Identifies key privacy and security program elements and coordinates with departments or offices throughout the city locations to be involved in building a comprehensive information privacy and security program. Stays abreast of federal, state and local laws, regulations and standards pertaining to the protection of city and employee information and determines their effect on the city in order to be in compliance. Provides guidance and advocacy regarding prioritization of infrastructure investments that impact privacy and security.
The incumbent acts as the primary control point during significant information privacy and security incidents. Develops guidelines and procedures to ensure that departments consider information privacy and security risks in both ongoing and planned operations, including purchases of new software. Collaborates with and provides leadership to location privacy and security officers. Monitors information security trends internal and external to the city and keeps city senior management informed about information privacy and security-related issues and activities affecting the organization. Understands potential threats, vulnerabilities, and control techniques and communicates this information to location information privacy and security officers. Assists locations as necessary to investigate security breaches and pursues associated disciplinary and legal matters. Works with Internal Audit and/or other personnel both internal and external to the organization, as appropriate, on required security audits. Develops an information privacy and security awareness and training program. Works with locations and the Purchasing Division of the Finance Department to create selection criteria for vendor products, tools, and services related to information privacy and security. Monitors and reports regularly on citywide information privacy and security activities and compliance as well as the effectiveness of the program. Considers physical and verbal as well as electronic use and storage of information in formulating policies and procedures. Supervises departmental staff and manages departmental budget.
Work is complex and of considerable difficulty and includes the application of technical knowledge and skills in maintaining the hardware and software used in protecting information and its infrastructure from external or internal threats and to assure compliance with statutory and regulatory requirements regarding information access and security through the establishment and implementation of policies and procedures and employee training.
Under general direction, the employee exercises extensive initiative and independent judgment. Work is reviewed through conferences, reports submitted, results achieved and user feedback.
NOTE: The duties of this position will include all of those duties set forth in the official job description.
1. Have a Bachelor’s Degree from an accredited college or university with major coursework in computer science, information management or related field.
2. Have at least five (5) years of progressively responsible experience working in complex information technology (IT) environments with a minimum of two (2) years experience in developing and administering an information privacy and security operation.
3. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is preferred.
An in-depth pre-employment background check, including a polygraph exam, will be conducted as part of the selection process as this position is deemed security-sensitive. Felony convictions or convictions of crimes of moral turpitude or convictions of misdemeanors related to job duties may disqualify you from being considered for this position. Should your background check reveal any charges or convictions, it is your responsibility to provide an official disposition of all charges at time of application.
THE EXAMINATION AND HOW TO APPLY:
Depending on the number of applicants and the quality of their education and experience, the examination may consist of one or more of the following tests: Evaluation of Training and Experience, Oral Interview, Written Examination, or other assessment method. Applicants must attain a minimum score of 70 in each part of the examination in order to qualify. All successful applicants will be required to pass a medical examination, including drug screening, prior to appointment.
An eligible veteran who enters an open-competitive examination shall receive preference points added to the total passing score earned in the examination as provided for in the Florida Statutes. To obtain veteran's preference, candidates MUST submit a copy of separation papers and the City of Fort Lauderdale's veteran's preference claim form (J204).
Effective July 1, 2012, the City requires newly hired employees to accept payment by direct deposit. Payment by direct deposit will be a condition of employment and all new hires will be asked to designate where they would like their payroll checks to be directly deposited.
This job classification is in Management Category III for benefits purposes.
ALL APPLICANTS MUST COMPLETE THE ATTACHED SUPPLEMENTAL QUESTIONNAIRE AS WELL AS THE STANDARD EMPLOYMENT APPLICATION.