Information Security Officer (49429)

General Description:

The purpose of this job within the organization is to monitor, manage, maintain and be responsible for the City’s entire enterprise cyber security posture.This includes continuous review of all security updates, alerts, logs, system patches, firewalls, edge devices, cloud security controls, system configurations, and any conditions that may impact the confidentiality, integrity, or availability of the City’s systems and data.This role functions as the lead guardian of the City’s cyber defense environment and works in conjunction with the CIO/Director, other ITS managers and Divisions, and key stakeholders to protect the enterprise from cyber-attack, intrusion, disruption, or unauthorized access.This class works independently under limited supervision, reporting major activities through periodic meetings with the CIO/Director and reporting to the appropriate regulatory agencies and other management as necessary. The position supervises at least one direct employee and manages multiple contractors and vendor security teams.

Minimum Education and Experience Requirements:

Requires Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or related field. Requires five or more years of progressively responsible experience in cyber security operations, system administration, network administration, or cloud security administration. Prior supervisory or team lead experience required. An equivalent combination of education, training, and experience will be considered.

Special Certifications and Licenses:

A Valid Driver’s License

Desirable Knowledge, Skills, and Abilities:

  • Advanced knowledge and understanding of security protocols, architectures, and control points across enterprise systems.
  • Strong analytic, investigative, and problem-solving skills.
  • Skilled in communicating technical security findings to diverse audiences in various venues such as presentations, conferences or public forums.
  • Proficiency in the English Language, both spoken and written; must be able to speak in front of audience of your peers or customers; must be able to do technical documentation in English.
  • Ability to work independently, collaboratively, and under pressure during security events.
  • Ability to create reports, documentation, training content, and policies with clarity and precision.
  • Ability to deal with people beyond giving and receiving instructions. Must be adaptable to performing under stress when confronted with emergency situations or tight deadlines.
  • Ability to maintain positive customer-focused relationships with co-workers, supervisors, agencies, the general public, and all other internal and external customers. Personally demonstrates appropriate customer service skills.
  • Work is performed onsite. The incumbent must be present at work to perform the essential functions of this job.

Essential Job Functions:

Cyber Security Operations & Monitoring:

  1. Continuously monitor and assess the organization’s cyber security posture, including SIEM alerts, endpoint activity, firewall logs, security dashboards, and cloud security notifications.
  2. Review, deploy, guide, implement and validate all security updates, patches, hotfixes, and firmware updates across enterprise systems.
  3. Develop, maintain and enforce security settings, policies, standards, rules, and control points that protect the enterprise from cyber threats.
  4. Investigation, triage and remediate security alerts, indicators of compromise, vulnerabilities, or anomalous behavior across systems and networks.
  5. Will be on-call to address any cyber security threat that rises to the level of high or urgent, or that impacts normal production environments or public safety.
  6. Manage vulnerability assessments or audits and coordinate remediation efforts with system, network, and application teams.
  7. Must be fluent in AI tools and the means to configure, monitor and protect intellectual property, PII and proprietary data. A complete understanding of DLP its setup, configuration and management within a SharePoint or files service environments.
  8. Lead or participate in incident response events, coordinating teams to isolate, contain, remediate, and restore services as needed.
  9. Orchestrates periodic penetration testing or audits to ensure that all policies, conventions, rules or postures are secure and following enterprise conventions and security standards or identify upgrades in posture to keep up with dynamic thread vectors and situations.

Systems, Network, and Cloud Administration (Security-Focused):

  1. Utilize system administration, network administration, and cloud administration proficiency to implement, modify, and monitor security configurations.
  2. Periodically audit domain server farms for compliance and proper security posture.
  3. Administer and monitor enterprise security architecture across premises, hybrid, and cloud environments including Microsoft Azure, Microsoft 365, third party software, and integrated cloud security tools.
  4. Maintain secure configurations for directory services such as AD and Azure AD.
  5. Review firewall rules, NAT policies, VPN profiles, segmentation rules, switching configurations, wireless security rules, and cloud security baselines.

Security Tools & Industry Technologies:

  1. Must be proficient with but not limited to:
  • Palo Alto Networks firewalls and security platforms.
  • Extreme Networks switching and network infrastructure.
  • Microsoft Defender ecosystem (AV, ATP, EDR, Purview).
  • Microsoft Intune, SCCM/MECM, and enterprise patching tools.
  • Microsoft Security Hardening and remediation proficiency for all M365 settings, and setup and management of DLP.
  • SolarWinds monitoring and security modules.
  • Microsoft 365 suite, Azure, Exchange, SharePoint, Teams, Copilot.
  • Linux environments and shell level administrative functions.
  • Netscaler/Citrix environments (load balancing, gateway, service publishing).

Security Analysis, Communication & Reporting:

  1. Analyze security events, threats, vulnerabilities, and attack patterns to determine risk, exposure, and required action.
  2. Communicate findings clearly in both technical and non-technical terms to ITS leadership, departmental stakeholders, and external partners.
  3. Prepare written reports, summaries, and recommendations for review by the CIO/Director or City Management.
  4. Provide guidance to project teams to ensure security requirements are integrated into new systems and services.

Policy Development, Compliance & Governance:

  1. Develop, update, and maintain City security policies, standards, guidelines, procedures, and documentation.
  2. Prepare and deliver internal training materials and presentations related to cyber security, safe computing practices, regulatory requirements, and incident response.
  3. Support audits, mandated assessments, grant compliance, and regulatory requirements (CJIS, NIST, WWC, etc.), informed by historical assessments.
  4. Maintain security records, change documentation, system inventories, and compliance evidence.
  5. Will be expected to also handle any events that require media presence or response due to a security event or breach; or develop a public statement for City Management to present in conjunction with the CIO/IT Director.

Leadership & Team Collaboration:

  1. Provide direct supervision to at least one full-time employee and coordinate activities across multiple contractors or vendor support resources.
  2. Work collaboratively with other ITS units such as NICS, PAD, and GIS, consistent with cross team relationships reflected in internal ITS class descriptions.
  3. Performs all other duties as may be assigned to meet organizational needs.

This Notice is not intended to be an all-inclusive list of duties, knowledge, skills and abilities required to do the job. This is intended only to describe the general nature of the job. A more comprehensive list of duties, responsibilities and essential job functions is available on the job description. The City of Rock Hill is an Equal Opportunity Employer and does not unlawfully discriminate on the basis of race, religion, color, political affiliation, disability, national origin, genetic information, sex (including pregnancy, childbirth, or related medical condition), or age.