City of Tucson logo

Chief Information Security Officer

City of Tucson
Full-time
On-site
Tucson, United States
$51.78 - $89.33 USD yearly

POSITION DUTIES AND QUALIFICATIONS 

SUMMARY OF DUTIES:

Designs and directs a citywide information security program and partners with city leadership on risk management to provide the protection and confidentiality of data and other information assets of the city.

This job reports to: Chief Information Officer

DUTIES AND RESPONSIBILITIES:*

Position Specific Summary

The Chief Information Security Officer position at the City of Tucson’s Information Technology (IT) Department is responsible for the development and implementation of a comprehensive citywide information security program. This position manages risks, ensures data protection and compliance with legal, external, and public interest obligations.

Work is performed under the supervision of the Director of Information Technology. This position exercises supervision over cybersecurity and compliance personnel.

Duties and Responsibilities

  • Develops short- and long-term strategies for optimizing the City's Information Security Plan, formulates policies to detect and mitigate threats, and advises the City Manager’s Office on data security for major IT projects. Oversees disaster recovery, business continuity, and the Cybersecurity team's budget and operations, ensuring comprehensive IT engagement and operational effectiveness. Represents the division in meetings with county, state, and advisory bodies on City data security policies and programs.

  • Collaborates with risk management and leadership to establish and maintain the City's risk register to ensure effective cybersecurity risk management and accountability tracking. Oversees citywide security policies, the Written Information Security Program (WISP), and data governance, while promoting ongoing security and privacy training across all organizational levels. Sets citywide processes for protecting electronic and physical environments and leads cross-departmental efforts to address process violations and compromised data.

  • Leads security management practices, designs secure architecture, and ensures compliance with policies while monitoring system performance. Collaborates with IT leaders to track anomalies, investigate threats, and address vulnerabilities based on prioritized response plans. Conducts audits, resolves security gaps, and manages contracts for security software and equipment and presents recommendations.

  • Oversees threat and vulnerability assessments, conducts routine network and system evaluations for abnormal behavior, and prioritizes response plans. Manages penetration testing and investigates unsecured data or systems, ensuring compliance with policies and governance. Restricts access and blocks threats in high-risk areas, working with relevant parties for swift resolution.

  • Recommends professional development for IT security staff and department data officers, coordinating training and awareness programs. Partners with the Public Information Office to guide the public on cyber hygiene and awareness. Addresses threats from bad actors misrepresenting City identities.
     

  • Provides supervision through clear direction, sets performance expectations, and guides the team's efforts toward achieving goals. Conducts performance reviews, offers constructive feedback, and supports employee development. Participates in the hiring process by interviewing candidates and making recommendations for new hires.
     

  • Performs all other duties and tasks as assigned.

Working Conditions

Mostly office environment.

* All duties, responsibilities listed are subject to change.

MINIMUM REQUIRED QUALIFICATIONS:

Education:

Bachelor's degree

Work Experience:

Five (5) years of directly related experience

License:

Any combination of relevant education and experience may be substituted on a year-for-year basis.

ADDITIONAL MINIMUM REQUIRED QUALIFICATIONS:

Education:

Bachelor's degree

Work Experience:

-Five (5) years of directly related experience

License/Certifications:

Languages:

PREFERRED QUALIFICATIONS:

Seven (7) years in information technology or security management with five (5) years concentrated in information security. At least 4 of required 7 years in Lead or Supervisory capacity in a related functional area. 
Experience in: information security principles and frameworks (NIST, ISO 27001/2), designing, implementing, and managing security programs, remote access systems (RAS), digital certificates, sniffers, Demilitarized Zones (DMZ)/Transaction Zones, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information & Event Management (SIEM), ICS/SCADA, Internet of Things(IOT), cloud security, business continuity planning, auditing, security automation and orchestration tools, Health Insurance Portability and Accountability Act(HIPAA), Criminal Justice Information Systems(CJIS), Payment Card Industry(PCI) and related regulatory compliance requirements, risk management, contract and vendor negotiation, and physical security. 
 
Certification in: Certified Information Security Auditor (CISA), CompTIA+ Security 
Active membership in professional information security organizations (ISSA, ISACA etc.). 

ADDITIONAL POSITION INFORMATION:

Position Title:

Chief Information Security Officer

To view the full job profile including classification specifications and physical demands click here.

Department Name: 

Information Technology

Department Link: 

No Website

Recruiter Name:

Dmitriy Adamia

Recruiter Email:

ccs_hr@tucsonaz.gov

FTE%:

100

FLSA:

Exempt

Position Type:

Regular

 COMPENSATION & BENEFITS 
Full Hourly Range: $51.78 - 89.33 USD

The Full Hourly Range reflects the City of Tucson's pay range at the time of posting. The City of Tucson considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, key skills, and internal equity.

 

The City of Tucson offers a generous benefits package for benefit-eligible positions.The comprehensive, flexible, and affordable coverage is designed to optimize health and well-being, security and future, and peace of mind. Benefits begin with medical, dental, vision, life, disability, and FSA coverage, surpassing your standard 401(k) program by offering a rich pension plan plus optional Roth and pretax deferred compensation savings.

With your well-being in mind, our paid time off program provides new hires with 38 paid days off in the first year of employment, with time off increasing steadily in subsequent years. We offer twelve weeks of paid parental leave, paid tuition reimbursement, student loan repayment, off- and on-the-job training, and opportunities to forge connections with peers and the community through employee resource groups and paid volunteer hours.

You can learn more about our benefits at https://www.tucsonaz.gov/Departments/Human-Resources/Employee-Benefit-Snapshot.

POSTING INFORMATION 

Posting Close Date: 

Applicants must submit their completed application by 11-02-2024 at 11:59 p.m. MST

APPLICATION INSTRUCTIONS

Please see the special application instructions below and follow the directions for applying to this position.

Special Instructions:

**The Certified Information Systems Security Professional (CISSP) must be obtained within (6) six of hire and must be maintained throughout employment in this position. 

Physical and lifting abilities/requirements are determined by position and are included in the position description.

Background Check:  This position has been designated to require a criminal background check. 

 

CITY OF TUCSON IS AN EQUAL OPPORTUNITY/AFFIRMATIVE ACTION EMPLOYER and does not discriminate based on race, color, religion, sex (including sexual orientation, gender identity, and pregnancy), national origin, veteran status, age, disability, genetic testing, or any other protected status.  If you believe you have been a victim of discrimination, you may file a complaint with the City of Tucson's Office of Equal Opportunity Programs, U.S. Equal Employment Opportunity Commission (EEOC) or Arizona Attorney General's Office of the Civil Rights Division (ACRD).  Click for more information from ACRD about employment discrimination and how to file a complaint with ACRD 

The City of Tucson employs only U.S. citizens and lawfully authorized non-U.S. citizens. All new employees must show employment eligibility verification as required by the U.S. Citizenship and Immigration Services. 

The City of Tucson is committed to providing access and reasonable accommodation for individuals with disabilities or who require religious accommodation; please contact Human Resources at EmployeeLeaves@tucsonaz.gov or 520-791-2619.   

  

City of Tucson is an Equal Opportunity/Affirmative Action/Veterans/Disability Employer. 

 

Questions? If you need assistance applying for any position, please contact recruitment@tucsonaz.gov or 520-791-4241​.

ccs_hr@tucsonaz.gov