DIRECTOR OF IT SECURITY
TECHNICAL SERVICES DEPARTMENT
CITY OF WORCESTER
The City of Worcester seeks applicants for the position of Director of IT Security to manage the IT security activities of the City and leading efforts to prevent and remediate cyber security incidents and reduce overall risk, impact and exposure. The Director will be responsible for overseeing, developing and maintaining the City’s Information Security Program and policies; overseeing and maintaining the City’s Incident Response and Disaster Recovery Plans; investigating security issues and implementing corrective actions; managing and configuring next gen firewalls and various network equipment; and recommending implementation of controls and configurations aligned with security policies and legal, regulatory and audit requirements.
REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:
- Comprehensive knowledge of information security concepts and principles;
- Network firewall administration;
- Overall knowledge of IT operations;
- Excellent interpersonal, written, and verbal communication skills and the ability to communicate with City of Worcester user community about concepts, ideas, and requirements;
- Ability to work independently and part of a team in a fast-paced environment;
- Ability to take initiative and interest in improving existing work techniques and procedures;
- Ability to analyze complex problems, evaluate alternatives and develop creative solutions.
- Bachelor’s Degree in Computer Science, Information Security or a related field;
- Seven to ten (7-10) years of related IT security or network infrastructure administration experience; OR,
- Any equivalent combination of education, training, certifications and experience which provides the required knowledge, skills, and abilities to perform the essential functions of the job will be considered in lieu of the above mentioned requirements.
- Experience managing next gen network firewalls.
- Knowledge of IDS/IPS technologies.
- Knowledge of endpoint protection software.
- Knowledge of TCP/IP and data protocols.
- Knowledge of security standards such as NIST standards, FISMA, SANS, CIS Critical Security Controls, Risk Management Framework, CJIS requirements, FIPS 140-2, and/or PCI Compliance.
- Master’s Degree in Computer Science, Information Technology or a related field AND five (5) years of related IT security experience/network infrastructure administration.
- Experience implementing and managing IT security tools.
- Experience leading an organization’s cybersecurity program.
- Experience with cloud security.
- Experience developing security policies, incident response plans and disaster recovery plans.
- Professional security, network, cybersecurity certifications – CISSP or CISA preferred.
- Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (TCP/IP, UDP, IPSEC, HTTP, etc.)
ANNUAL SALARY: $109,771+/- commensurate with qualifications, full-time, exempt, with an excellent benefits package.
To apply, please visit: www.worcesterma.gov/employment or send resume and cover letter to: City of Worcester, 455 Main Street, Room 109, Worcester, MA 01608. Open until filled. Preference is given to Worcester residents. The City of Worcester is an equal opportunity, affirmative action employer. Women, minorities, people with disabilities and protected veterans are encouraged to apply. Direct inquiries to: City Hall, Human Resources, Room 109, 508-799-1030, HR@worcesterma.gov.