Information Security Manager jobs in Roanoke, VA

GENERAL DESCRIPTION

Under general direction, the Information Security Manager (ISM) provides administrative oversight and direction of staff for the County Information Security operations. This position develops the strategic plan for the County’s Information Security operations, sets goals and deliverables, oversees security budget assigned by the Director of IT, coordinates projects, enforces policies, supervises staff, encourages staff development, ensures efficient yet quality customer service, collaborates with internal/external partners, and ensures compliance with relevant laws, rules, policies, and regulations. The ISM will work closely with the IT Director, technology staff, Directors and decision makers in other County departments and external organizations who use the County’s network, to identify, recommend, develop, implement, and support cost-effective technology solutions for cybersecurity. The individual will interact with stakeholders at all levels of the organization, internally and externally, on matters related to the security of technology systems, services, projects, and initiatives. Performs other duties as assigned.

ESSENTIAL JOB FUNCTIONS

• Performs Information Security strategic planning - develops the strategic direction of Information Security Office consistent with the goals and objectives of the BOS and the priorities of the County.
• Reviews, revises, and develops Information Security policies and procedures for the County.
• Manages Information Security operations for the County - provides executive and strategic planning support to leadership; assists in preparation of management plans and budget that reflect Information Security objectives; and manages resources following County policies.
• Create and manage the Information Security activities, and report on performance factors.
• Helps to hire and maintain an Information Security workforce with the appropriate mix of business knowledge, technical skills, people skills, and competencies.
• Uses influence and negotiation skills to create a culture of information security awareness across the County departments to reinforce the importance of all staff members' role in securing the County's information assets.
• Organizes information security awareness activities for the County staff, to include phishing simulations and other educational activities.
• Provides advice and guidance and may serve as subject matter expert to County leadership on complex and strategic issues and initiatives.
• Ensures organization’s compliance with relevant laws and policies.
• Represents the County with a variety of internal and external organizations, including regional and state agencies, on a variety of issues and programs.
• Upon request, brief the County Administration and the Board of Supervisors about Information Security policies and ways to address challenges.
• Lead the response to any detected information security issues, in a timely and comprehensive manner.
• Performs other duties as assigned.

REQUIREMENTS/PREFERENCES

Education Required:
Bachelor’s degree in computer science/information technology, Cybersecurity, Network, or IT Systems Administration

Experience Required:
Five (5) years of relevant experience in information technology security including two (2) years of supervisory or lead level work experience; or equivalent combination of education and experience.

Certifications/ Licenses:
Required: Valid driver's license and good driving record. Must pass criminal background check. Prefer industry certifications such as CISSP, CISM, CISA, and PMP.

Knowledge, Skills, and Abilities:

• Knowledge of best practices in Information Security policies, technologies, and procedures
• Knowledge of methods, practices, principles, and techniques of management and supervision.
• Knowledge of budget and accounting principles.
• Knowledge of information technology security-related laws and regulations.
• Knowledge of risk management principles and techniques.
• Skill in supervising.
• Skill in organizing.
• Ability to communicate clearly and effectively, both orally and in writing.
• Ability to facilitate groups and make presentations.
• Ability to prepare complex reports and documents.
• Ability to conduct research, compile data, and formulate results and recommendations.
• Ability to operate automated systems and office software applications.
• Ability to establish and maintain effective working relationships with fellow employees, County leadership, vendors, and the public.