HARRIS COUNTY Enterprise Cybersecurity Manager in Houston, Texas
Under general direction, the Enterprise Cybersecurity Manager will be responsible to help ensure the protection of Harris County's information systems and critical assets through the day-to-day management of all projects, services and personnel pertaining to Cybersecurity Governance and IT Compliance functions under the Universal Services Cybersecurity Program.
- Responsible for performing daily management duties and administrative tasks for 3-5 direct reports, including annual employee performance reviews.
- Responsible for the design, implementation, execution, and management of multiple enterprise-wide security solutions to address Cybersecurity needs as they are identified and prioritized.
- Areas of responsibility include policy and standards development, cybersecurity education and awareness, strategy and framework development, data classification, risk management, cybersecurity governance and IT compliance.
- Responsible for ensuring quality delivery and timely execution of Cybersecurity services, including policy exception management, vendor risk management and compliance/risk assessments.
- Provides technical thought leadership, design, and engineering as necessary throughout the project lifecycle (Initiation, Planning, Execution, Control and Closure).
- Capable of managing multiple projects or issues simultaneously that are of high complexity and/or require in-depth knowledge across multiple technical areas and business segments.
- Assists team in conducting independent research, analysis, and stakeholder interviews to gather and document each project’s scope, requirements, and dependencies.
- Leads vendor evaluation, proof-of-concepts, and product selection as applicable.
- Guides team in the creation of documentation as necessary to support the overall delivery of Cybersecurity objectives, with little guidance. This includes but is not limited to, project plans, communications, executive presentations, job aids, training materials, architecture diagrams, technical reference documentation, procedures and Request for Proposal/Offers (RFP/RFO’s).
- Assists in the development of Cybersecurity strategy/technology roadmaps and metrics/measures packages.
- Designs and implements tools and processes to proactively monitor and govern the effectiveness of Cybersecurity controls and services and ensures the implementation of Harris County Cybersecurity Policies within Universal Services and across the organization.
- Determine key metrics for assessing and measuring cybersecurity risk, and document procedures to routinely gather and produce metrics reports and/or dashboards.
- Develops and maintains executive dashboards and/or regular reports to communicate department-specific cybersecurity risks.
- Assists in presenting cybersecurity risks and gaps to stakeholders as appropriate.
- Helps establish remediation plans and will proactively track progress of remediation efforts to ensure open issues/risks are addressed as agreed.
- Responsible for the coordination and management of third-party penetration tests and security risk assessments, as required to support governance efforts.
- Actively participate in the on-going review and management of the Harris County Cyber Security Framework and Cybersecurity Policies to ensure alignment with cybersecurity objectives.
- Demonstrates knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the County and its objectives.
- Must be able to conduct accurate evaluation of security risks, weigh business needs against security concerns and articulate issues to senior management and stakeholders.
- Coaches and mentors more junior level managerial and technical staff.
- May participate on CSIRT incident handling and response activities as required.
Harris County is an Equal Opportunity Employer https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net
- High school diploma, or G.E.D. equivalency from an accredited educational institution.
- Five (5) years of progressive work experience in Information Security, Cybersecurity or IT Governance and Compliance.
- Formal leadership experience serving as a manager or team lead with 3+ direct reports.
- Experience designing and implementing security technologies and processes across complex, large-scale environments, all the way from project initiation to the desired end state of operationally healthy and sustainable services.
- A broad understanding of cybersecurity concepts across all domains, applicable security models (e.g. ISO 2700X, NIST and CIS Critical Security Controls) and regulations (e.g. SOX, PCI, HIPAA and CJIS).
- Strong research, analysis, analytical, problem solving and process development skills.
- Exceptional leadership, verbal and written communication, and project management skills.
- Ability to build and maintain strong relationships across departments/teams, confront challenges in a constructive fashion and influence others through consensus building techniques.
- May be required to work more than forty hours during the workweek and/or weekends or on-call 24 hours a day to meet special projects or deadlines.
NOTE: To qualify for this position, required education, experience, knowledge and skills must be clearly stated on your application's employment history. Resumes are welcome, but _we do not use _any information provided on your resume to qualify and refer you to the Hiring Department for consideration.
NOTICE: Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to CJI (Criminal Justice Information) systems or access to an area where CJI is received, maintained, or stored either manually or electronically (i.e. custodian, maintenance).
- Conviction, probation, or deferred adjudication for any Felony.
- Conviction, probation, or deferred adjudication for any Class A Misdemeanor.
- Conviction, probation, or deferred adjudication for a Class B Misdemeanor if within the previous 10 years.
- Open arrest for any criminal offense (Felony or Misdemeanor).
Family Violence conviction. Preferences
Bachelor's degree from an accredited college or university.
- Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) or CompTIA Security+ Certification.
- Experience designing, implementing, and managing some of the following security functions and services is preferred: policy and standards development, cybersecurity education and awareness, strategy and framework development, data classification, risk management, cybersecurity governance and IT compliance.
- Demonstrates knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies, and an ability to relate them to the County and its objectives.
- Strong organizational skills, including the ability to adhere to cybersecurity processes, and tools, and to keep focus on multiple tracks of work and open issues in parallel.
- Adept at maintaining focus and flexible/responsive to dynamic work environment.
- A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment. General Information
Houston, TX HOURS:
8:00 am - 5:00 PM / M-F Day Shift
May be required to work more than forty hours during the workweek and/or weekends or on-call 24 hours a day to meet special projects or deadlines. SALARY:
Depends on Qualifications
- Based on 26-Pay Periods
Due to a high volume of applications positions may close prior to the advertised closing date.
Salary: Depends on Qualifications
Location: Houston, TX
Job Type: Regular Full-time
Department: Universal Services
Job Number: 05572
Closing: 10/14/2020 11:59 PM Central
Agency: Harris County
Address: 1310 Prairie Street, Ste. 240 Houston, Texas, 77002