Senior Cybersecurity Specialist

Description:

Contributing to projects as an information security subject matter expert, analyzing solutions, processes & infrastructure, and recommending appropriate information security controls.
Leading the planning and management of security policies and systems for the technical infrastructure environment that will prevent, detect, and audit unauthorized access, destruction, misuse, or any other abuse of the City’s technological resources.
Providing specialized consultation to identify, investigate, report, and resolve security related issues liaising with Internal and External Audits, Information Management, Legal and HR.
Maintaining working relationships with external entities such as local and federal law enforcement, and other government agencies.

The way people describe you:
You deliver results.
You are known for strategically influencing change across enterprises
You are a strategic thinker and problem solver
You have a proven history of successful work accomplishments that drive business results Education & Experience
Typically, the knowledge, skills and abilities you require for this position are obtained through a degree in Computer Science plus seven to ten years of relevant Information Security work experience; other combinations of education, work experience and professional development may be considered.
You hold, or qualify for, the Certified Information Security Manager (CISM) and/or Certified Information Systems Security Professional (CISSP) designations.
Other certifications such as CISA, GSEC, PCI compliance related (QSA, ISA, PCIP) and/or I.S.P. would be an asset for you. Knowledge, Skills & Abilities
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of authentication, authorization, and access control methods.
Knowledge of risk management processes for assessing and mitigating risk.
Knowledge of cybersecurity and privacy principles (confidentiality, integrity, availability, authentication, non-repudiation).
Experience with Threat Risk Assessments and associated mitigation actions.
Ability to conduct vulnerability scans and recognize vulnerabilities.
Ability to conduct research into IT security items and products as required.
Experience with ISO 17799/27001 code of practice for Information Security and Information Security Management Systems.
Knowledge of security related legislation, regulations, frameworks, and standards including PCI and PII.
Experience in security event logging, monitoring, investigations, analysis, and incident response management.
Experience in policy, standards, guidelines and process development and maintenance.
Experience working with a high degree of independence and as part of a larger team.
Ability to communicate effectively, in both oral and written communications and presentations.