Under the direction of the Executive Director and Cook County Chief Information Officer (CIO), serves as the process owner for all ongoing activities that provides appropriate access to and protects the confidentiality and integrity of customer, employee and business information in compliance with organizations policies and standards. The CISO is charged with the responsibility for establishing and maintaining an information security-conscious culture for Cook County. Develops, implements, monitors and enhances information and data security policies, procedures, standards and tools including access to Information Technology (IT) systems, computer virus protection and acceptable use procedures. Oversees direct training for all employees in the Offices Under the President, vendors or other third parties to ensure proper information security clearance in accordance with established organizational information security policies and procedures. Works with the CIO to ensure compliance with the Cook County Information Security Ordinance. Performs other duties as assigned.
*This position is Actively Recruited and at will.
Graduation from an accredited college or university with a Bachelor’s Degree is required
(Must provide original college/university transcript at time of interview)*.
Minimum of five (5) years of full-time work experience managing cyber-security and/or information technology security function(s) or projects is required.
Minimum of three (3) years’ work experience supervising information professionals, information security professionals or information security risk and compliance professionals.
Formal security certification such as Certified Information Systems Security Professional (CISSP); Certified Information Systems Auditor (CISA); Certified Information Security Management (CISM); Global Information Assurance Certification (GIAC); and/or Systems Security Certified Planner (SSCP).
Experience assisting organizations achieve regulatory or industry standard compliance with the Federal Information Security Management Act (FISMA); Criminal Justice Information System (CJIS); Payment Card Industry (PCI); Health Insurance Portability and Accountability Act (HIPAA); or the Sarbanes-Oxley Act (SOX).
*Degrees awarded outside of the United States with the exception of those awarded in one of the United States’ territories and Canada must be credentialed by an approved U.S. credential evaluation service belonging to the National Association of Credential Evaluation Services (NACES) or the Association of International Credential Evaluators (AICE). Original credentialing documents must be presented at time of interview.
KNOWLEDGE, SKILLS, ABILITIES AND OTHER CHARACTERISTICS
Thorough knowledge of IT security theory, technologies, policies and best practices including PCI; Staff Security Commission (SSC); ITIL; National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO). Expert knowledge of physical security protocols. Expert knowledge of Internet security protocols and Web security protocols.
Experience and working knowledge of mainframe and midrange platforms.
Experience and working knowledge of Windows system administration and the Unix operating system. Experience and working knowledge of network and firewalls. Ability to recognize encryption mechanisms and best practices supporting secure data storage, transmittal and deletion. Excellent communication, leadership, interpersonal, influence and negotiation skills.
Knowledge of technological trends and developments in the area of information security and risk management including knowledge of security, risk and control frameworks, such as ISO 27001 and 27002, SANS, NIST, CJIS and ITIL.
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals including knowledge/experience working with outsourced service providers such as MSSPs and cloud platform providers.
Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. High level of personal integrity, and the ability to professionally handle confidential matters with an appropriate level of judgment and maturity.
The duties listed are not set forth for purposes of limiting the assignment of work. They are not to be construed as a complete list of the many duties normally to be performed under a job title or those to be performed temporarily outside an employee's normal line of work.
Medical, Dental, and Vision Coverage
Basic Term Life Insurance
Pension Plan and Deferred Compensation Program
Employee Assistance Program
Paid Holidays, Vacation, and Sick Time
You May Qualify for the Public Service Loan Forgiveness Program (PSLF)
For further information on our excellent benefits package, please click on the following link:
Cook County employs over 22,000 employees who work in a variety of skilled jobs and trades.
Cook County offers the chance to participate in a strong tradition of public service.
Cook County is home to more than five million residents, roughly 45% of Illinois’ population and provides a range of vital services and programs that enhance the quality of life for residents across the region. These... services range from health care to urban planning.
Cook County is committed to empowering its employees to bring our constituents the best that public service has to offer.