Easter Seals Jobs

INFORMATION SECURITY OFFICER (ISO) (EXE LEV)

Print (https://www.governmentjobs.com/careers/houston/jobs/newprint/4636475)

Apply



INFORMATION SECURITY OFFICER (ISO) (EXE LEV)

Salary

$123,110.00 - $150,000.00 Annually

Location

1200 Travis

Job Type

Executive Level

Job Number

34894

Department

HOUSTON POLICE DEPARTMENT

Opening Date

08/27/2024

• Description

• Benefits

• Questions

POSITION OVERVIEW

PN#34894 INFORMATION SECURITY OFFICER - ISO (EXE LEV)

DESCRIPTION OF DUTIES / ESSENTIAL FUNCTIONS

Under the general direction of the Houston Police Department (HPD) Chief Technology Officer (CTO), duties, functions and responsibilities of this position include:

• Develop and implement the Houston Police Department (HPD) specific Information Security Program aligned with the COH Cybersecurity Master Plan to address the confidentiality, integrity and availability of HPD systems, data and information

• Directs an ongoing, proactive risk assessment program for all new and existing HPD systems and remains familiar with HPD's goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk

• Responsible for communicating risks and recommendations to mitigate risks to the HPD CTO and HPD senior leadership team in cost/benefit terms so decisions can be made to ensure the security of information systems and information entrusted to HPD

• Oversees all ongoing activities related to the development, implementation and maintenance of HPD's information security policies and procedures by ensuring these policies and procedures encompass the overall security of criminal justice information (CJI) both at rest and in motion

• Assists HPD divisions, programs and HPD Chief Data Officer with efforts to ensure compliance with the Federal Bureau of Investigation (FBI) Criminal Justice Information Security (CJIS) policy

• Ensures HPD vulnerabilities are managed and mitigated per HPD Office of Technology Services (OTS) requirements

• Assists with the development of HPD specific, role-based information security awareness training programs, and works with HPD Office of Technology Services, HPD divisions and programs to present to staff as appropriate

• Works with HPD CTO to ensure proper protections, technical and physical controls are in place to protect the confidentiality, integrity and available of HPD systems, data and information

• Assists with the development and implementation of an HPD business continuity/disaster recovery plan to offset the impact caused by intentional and unintentional acts

• Evaluates security incidents and determines what response, if any, is needed and coordinates with HPD CTO, COH CISO, and COH Cyber Division on proper responses when sensitive data or information are compromised

• Assists the HPD CTO with HPD insider threat investigations

• Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by COH CISO, and obtaining certifications relevant to job duties

• Supervises the HPD Information Security Team and instructs, trains, and evaluates team members on proper information security practices, protocols, and procedures

WORKING CONDITIONS

There are no major sources of discomfort, i.e., essentially normal office environment with acceptable lighting, temperature and air conditions. Significant time spent using computer display, keyboard, and mouse.

“Must be able to pass a criminal background check, obtain and maintain federally mandated security clearance where required.”

MINIMUM REQUIREMENTS

EDUCATION

B.A. or B.S. degree in Management and Information Systems (MIS), Computer Science, Engineering or a closely related field.

EXPERIENCE

At least 5 years of experience implementing IT Security plans and controls of a department or enterprise IT environment that includes three (3) years managing a technology team. Strong understanding of the department's core business functions and business strategy.

PREFERENCES

Preference will be given to applicants that possess:

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• SANS Global Security Essentials (GSEC)

• At least 5 years of experience developing and implementing cybersecurity plans and controls in a large enterprise.

• Broad working knowledge of criminal justice operations and their related data/software/hardware requirements including, but not limited to police patrol, investigations, case management, and related information technology needs

• Comprehensive understanding of the compliance and legal requirements for information confidentiality and integrity especially as it relates to criminal justice information in a law enforcement environment (records management system (RMS), body worn camera (BWC), etc.)

• Experience evaluating and managing cyber risk and working within industry-standard frameworks (e.g. NIST Cybersecurity Framework, CIS Top 20, NIST 800-XX, etc.)

• Knowledge and experience with Windows, Active Directory, group policy, DNS, encryption, patch management, anti-virus, system configuration management

• Knowledge and experience with LAN, WAN, VPN, routers, firewalls, servers, IDS/IPS, SIEM and DLP

• Solid expertise in formal/structured IT security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications

• Experience with a wide variety of operating systems: Windows Server, Windows 10, Windows 7, Linux etc.

• Knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis models

• Knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies

• Solid knowledge and understanding of networking and TCP/IP

• Well-developed interpersonal skills. Ability to get along with diverse personalities; tactful, mature and flexible Ability to establish creditability and be decisive but also to recognize and support the organization's preference and priorities

• Ability to maintain the highest standard of confidentiality is required with zero tolerance

• High energy level, comfortable performing multifaceted projects in conjunction with normal activities

• Results oriented with the ability to balance other business considerations

• Ability to speak and present information effectively to groups of varying sizes

• Proven experience working in a rapidly changing, high intensity environment Avid, proactive learner and ability to work well in a team-based environment

• Strong interpersonal and writing skills

• Superior attention to detail

Preference shall be given to eligible veteran applicants provided such persons possess the qualifications necessary for competent discharge of the duties involved in the position applied for, such persons are among the most qualified candidates for the position, and all other factors in accordance with Executive Order 1-6.

GENERAL INFORMATION

SELECTION/SKILLS TESTS REQUIRED None

However, the department may administer skills assessment test.

SAFETY IMPACT POSITION Yes

If yes, this position is subject to random drug testing and if a promotional position, candidate must pass an assignment drug test.

SALARY INFORMATION

Factors used in determining the salary offered include the candidate's qualifications as well as the pay rates of other employees in this classification.

Pay Grade 34

APPLICATION PROCEDURES

Only online applications will be accepted for this City of Houston job and must be received by the Human Resources Department during active posting period. Applications must be submitted online at: www.houstontx.gov.

To view your detailed application status, please log-in to your online profile by visiting: http://agency.governmentjobs.com/houston/default.cfm or call (832) 393-6027

If you need special services or accommodations, call (832) 393-6027. (TTY 7-1-1)

If you need login assistance or technical support call 855-524-5627.

Due to the high volume of applications received, the Hiring Department will contact you directly, should you be selected to advance in our recruitment process.

All new and rehires must pass a pre-employment drug test and are subject to a physical examination and verification of information provided.

EOE – Equal Opportunity Employer

The City of Houston is committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, genetic information, veteran status, gender identity, or pregnancy.

The city offers a competitive benefits program, including competitively priced health coverage and a defined contribution pension plan.

Benefits include:

• Medical

• Dental

• Vision

• Wellness

• Life insurance

• Long-term disability

• Retirement pension

• 457 deferred compensation plan

• Employee Assistance Program

• 10 days of vacation each year

• 11 city holidays, plus one floating holiday

• Flexible schedules

• Professional development opportunities

• Transportation/parking plan

• Section 125 pretax deductions

• Dependent Care Reimbursement Plan

• Healthcare Flexible Spending Account

For plan details, visit http://www.houstontx.gov/hr/benefits.html

01

Are you a veteran who served on active duty in the Armed Forces (United States Army, Navy, Air Force, Marine Corps, or Coast Guard) for more than 90 consecutive days and received either an honorable discharge or a general discharge under honorable conditions?

• Yes

• No

  02

  Do you possess a Bachelor's or Master's degree in Management and Information Systems (MIS), Computer Science, Engineering or a closely related field?

• Yes

• No

  03

  Do you possess at least 5 years of experience implementing IT Security plans and controls of a department or enterprise IT environment?

• Yes

• No

  04

  Do you possess at least 3 years managing a technology team?

• Yes

• No

  05

  Which best describes your years of experience developing and implementing cybersecurity plans and controls in a large enterprise?

• I have no experience that directly relates to the duties of this position.

• I have less than 3 years of experience

• I have more than 3 but less than 5 years experience

• I have more than 5 but less than 7 years experience

• I have more than 7 but less than 9 years experience

• I have more than 9 years experience

  06

  Please describe your related experience.

  07

  Which of the following do you possess?

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• SANS Global Security Essentials (GSEC)

• None of the above

  08

  Do you possess at least 5 years of experience developing and implementing cybersecurity plans and controls in a law enforcement focused organization?

• Yes

• No

  09

  Do you possess a broad working knowledge of criminal justice operations and their related data/software/hardware requirements including, but not limited to police patrol, investigations, case management, and related information technology needs?

• Yes

• No

  10

  Do you possess a comprehensive understanding of the compliance and legal requirements for information confidentiality and integrity especially as it relates to criminal justice information in a law enforcement environment (records management system (RMS), body worn camera (BWC), etc.)?

• Yes

• No

  11

  Do you possess knowledge and experience with Windows, Active Directory, group policy, DNS, encryption, patch management, anti-virus, system configuration management?

• Yes

• No

  12

  Do you possess knowledge and experience with LAN, WAN, VPN, routers, firewalls, servers, IDS/IPS, SIEM and DLP?

• Yes

• No

  13

  Do you possess solid expertise in formal/structured IT security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications?

• Yes

• No

  14

  Do you have experience with a wide variety of operating systems: Windows Server, Windows 10, Windows 7, Linux etc.?

• Yes

• No

  15

  Are you knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis models?

• Yes

• No

  16

  Do you have knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies?

• Yes

• No

  17

  Do you possess experience evaluating and managing cyber risk and working within industry-standard frameworks (e.g. NIST Cybersecurity Framework, CIS Top 20, NIST 800-XX, etc.)?

• Yes

• No

  18

  Please check all that describe your professional personality and/or abilities:

• Solid knowledge and understanding of networking and TCP/IP

• Well-developed interpersonal skills

• Ability to get along with diverse personalities; tactful, mature and flexible

• Ability to establish credibility and be decisive but also recognize and support the organization's preference and priorities

• Ability to maintain the highest standard of confidentiality is required with zero tolerance

• Comfortable performing multifaceted projects in conjunction with normal activities

• Results oriented with the ability to balance other business considerations

• Ability to speak and present information effectively to groups of varying sizes

• Avid, proactive learner and ability to work well in a team-based environment

• Strong communication and writing skills

• Proven experience working in a rapidly changing, high intensity environment

• Superior attention to detail

• None of the above

  Required Question