Under the direction of the Chief Information Security Officer (CISO), manages the CISO’s Information Technology Governance Risk and Compliance (ITGRC) program and executes it in a manner that is consistent with the County’s Information Security Framework. Assists in the preparation and management of the information security office budget, vendor contracts and contractors. Prepares project, status and ad hoc reports which indicate the project’s progress, problems and/or solutions. Reviews technology proposals for Information Technology (IT) compliance controls and recommends adjustments to align to the County’s Information Security Framework. Oversees the execution of information security risk assessments along with internal and external auditing for Information Security and Compliance (ISO). Manages team members regarding security risk and compliance related projects. Performs other duties as assigned.

This position is Actively Recruited and At-Will.

**This position is grant-funded**

Preferred Qualifications

• Graduation from an accredited college or university with a Bachelor’s Degree in Computer Science, Information Technology or Information Systems.
• Certification as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA).
• Experience supervising ITGRC employees.

Candidates who are contacted will be required to produce original required documents (e.g., current driver’s license, diploma, school transcript, certifications, etc.) listed on the Notice of Job Opportunity within five (5) days of being extended an offer, in writing, by the Bureau Chief of BHR (or designee). Candidates will be notified of how to submit the required document.

• Knowledge of IT security theory, technologies, policies, best practices and enterprise architectures.
• Thorough knowledge of or experience with IT control standards and frameworks (e.g. NIST).
• Strong knowledge of or experience with compliance regulations (e.g. HIPAA).
• Thorough knowledge of secure network/systems configuration management as well as an understanding of networking concepts/devices.
• Knowledge of application development methodologies and regulatory laws.
• Knowledge of existing and firewall architecture, operations and protocols.
• Ability to work independently and manage multiple complex projects.
• Ability to manage staff and vendors as related to implementing IT compliance related tasks.
• Excellent oral and written communication skills including the ability to document requirements, communication plans, project status reports and other relevant project-related issues.
• Excellent problem-solving skills.
• Ability to incorporate best practices when implementing security measures to protect data during the development and implementation of architectural designs with emphasis on network and/or applications layers.
• This position requires moderate to extensive travel to work assignments throughout Cook County.

The duties listed are not set forth for purposes of limiting the assignment of work. They are not to be construed as a complete list of the many duties normally to be performed under a job title or those to be performed temporarily outside an employee's normal line of work.

Benefits Package

• Medical, Dental, and Vision Coverage
• Basic Term Life Insurance
• Pension Plan and Deferred Compensation Program
• Employee Assistance Program
• Paid Holidays, Vacation, and Sick Time
• You May Qualify for the Public Service Loan Forgiveness Program (PSLF)

http://www.cookcountyrisk.com/

• Must be legally authorized to work in the United States without sponsorship.

• This position requires successful completion of post-offer tests, which may include a background check, drug screen and medical examination.