What are the responsibilities and job description for the Chief Information Security Officer (CISO) position at Security Executive Council?
Organization
Jacksonville Transportation Authority
Location:
Jacksonville, FL
Description
About the job
Brief Description
Under the general direction of the Chief Information Officer, the Chief Information Security Officer is responsible for developing and implementing comprehensive information security strategies to protect JTA from cyber threats, ensuring data integrity, and maintaining the confidentiality and availability of information systems. This role includes overseeing IT risk assessments and implementing robust security measures across the organization. This role requires a hands-on leader who can perform technical tasks such as monitoring alerts, analyzing log records, identifying indicators of compromise and other similar technical tasks while also developing governance framework, roadmaps, strategies and managing a small team of cybersecurity engineers.
Essential Function(s)
Develop and implement a comprehensive information security strategy and framework that aligns with JTA’s objectives and risk profile.
Conduct thorough IT risk assessments, identify potential security vulnerabilities, and devise strategies to mitigate risks.
Develop, maintain, and enforce cybersecurity policies and procedures that comply with legal and regulatory standards.
Lead the development and implementation of an incident response plan, Business Continuity and Disaster Recovery Plans to quickly and effectively manage cybersecurity incidents.
Manage and mentor a team of 2 information security professionals, fostering a culture of continuous improvement and proactive risk management.
Manage the Operating and Capital Budget for the Cybersecurity team.
Own and drive the response to reports of phishing, social engineering and various other attempts by threat actors to breach security. Response would include developing and conducting awareness and education campaigns as well as systemic responses.
Actively Liaise with various Information Sharing and Analysis Organizations, collate all JTA relevant threat information and deploy measures to counter the threats.
Collaborate with other IT departments, including Infrastructure and Applications, and ensure that all identified vulnerabilities are resolved in a timely manner by the respective departments.
Conduct periodic access privilege audits and respond to all Audit requests including Internal and External audits.
Conduct periodic evaluation of the cybersecurity controls, measure adherence to the selected governance framework (NIST CSF 2.0) and actively remediate deviation from framework.
Collaborate with executive management and key stakeholders to raise awareness of cybersecurity risks and strategies.
Oversee the selection and implementation of security technologies and ensure the continuous monitoring of IT systems for potential threats.
Develop and implement security training and awareness programs for all employees.
Ensure compliance with relevant cybersecurity laws, regulations and standards.
Ensure compliance with State, Federal, Local data retention laws including retention of email and text messages.
Regularly report to executive management on the status of information security, potential risks, and ongoing initiatives.
Collaborate with other departments to ensure security awareness and training.
Stay current with the latest cybersecurity trends, threats, and technology solutions
Qualifications
Minimum Qualifications
Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
Preferred Qualifications
Professional certifications such as CISSP, CISM, or CISA are highly desirable.
Knowledge, Skills And Abilities
Proven track record of developing and implementing effective cybersecurity strategies and risk management programs.
Strong knowledge of current cybersecurity trends, threats, and protection technologies.
Excellent leadership, communication, and interpersonal skills.
Ability to make strategic decisions and translate complex security concepts to non-technical stakeholders.
Able to speak clearly, communicate effectively, and prepare clearly written reports.
Excellent analytical and problem-solving skills.
Strong organizational skills and attention to detail.
Work independently and collaboratively in a team environment.
Work under pressure, meet deadlines, and handle multiple priorities.
Strong organizational and project management skills, with the ability to handle multiple projects simultaneously.
Excellent written and verbal communication skills.
Work collaboratively in a team environment.
Work Environment/Physical Demands
The Chief Information Security Officer Works Mainly In An Office Environment Where The Noise Level Is Generally Quiet. Physical Demands May Include
This position description in no way states or implies that these are the only duties to be performed. Employees are responsible for completing all mandatory training classes. Employees must also review and comply with all JTA/JTM policies, procedures, and directives. This document does not create an employment contract, implied or otherwise, other than an “at will” employment relationship. All employment offers are contingent upon pre-employment drug testing.
Positions marked as ‘Safety Sensitive’ will be subject to random testing for drug and alcohol use and if any testing is positive, the application for employment will be rejected, or if hired, employment may be terminated. Positions marked as “COOP Essential” may be required to work whenever the Continuity of Operations Plan is activated.
Driver’s License – The position description will specify whether a driver’s license is required and the acceptable class of license. Unless an exception under Florida law exists, a nonresident must obtain a Florida driver’s license within 30 days of hire. If a driver’s license has a corrective lens restriction, the employee must wear corrective lenses when operating any vehicle for work purposes. Suspended or revoked licenses, work permits, and certain restricted licenses are not acceptable.
The Jacksonville Transportation Authority is an Equal Opportunity/Affirmative Action Employer and does not tolerate discrimination or violence in the workplace. Employees who require a reasonable accommodation as defined by the Americans with Disabilities Act (ADA) must notify JTA in advance to allow sufficient time for JTA to provide the accommodation.
Compensation
How to Apply:
Apply Online
Url
https://secure6.saashr.com/ta/6044296.careers?ApplyToJob=621206708&LanguageOverride=EN
Posted
31-Jul-2025
Jacksonville Transportation Authority
Location:
Jacksonville, FL
Description
About the job
Brief Description
Under the general direction of the Chief Information Officer, the Chief Information Security Officer is responsible for developing and implementing comprehensive information security strategies to protect JTA from cyber threats, ensuring data integrity, and maintaining the confidentiality and availability of information systems. This role includes overseeing IT risk assessments and implementing robust security measures across the organization. This role requires a hands-on leader who can perform technical tasks such as monitoring alerts, analyzing log records, identifying indicators of compromise and other similar technical tasks while also developing governance framework, roadmaps, strategies and managing a small team of cybersecurity engineers.
Essential Function(s)
Develop and implement a comprehensive information security strategy and framework that aligns with JTA’s objectives and risk profile.
Conduct thorough IT risk assessments, identify potential security vulnerabilities, and devise strategies to mitigate risks.
Develop, maintain, and enforce cybersecurity policies and procedures that comply with legal and regulatory standards.
Lead the development and implementation of an incident response plan, Business Continuity and Disaster Recovery Plans to quickly and effectively manage cybersecurity incidents.
Manage and mentor a team of 2 information security professionals, fostering a culture of continuous improvement and proactive risk management.
Manage the Operating and Capital Budget for the Cybersecurity team.
Own and drive the response to reports of phishing, social engineering and various other attempts by threat actors to breach security. Response would include developing and conducting awareness and education campaigns as well as systemic responses.
Actively Liaise with various Information Sharing and Analysis Organizations, collate all JTA relevant threat information and deploy measures to counter the threats.
Collaborate with other IT departments, including Infrastructure and Applications, and ensure that all identified vulnerabilities are resolved in a timely manner by the respective departments.
Conduct periodic access privilege audits and respond to all Audit requests including Internal and External audits.
Conduct periodic evaluation of the cybersecurity controls, measure adherence to the selected governance framework (NIST CSF 2.0) and actively remediate deviation from framework.
Collaborate with executive management and key stakeholders to raise awareness of cybersecurity risks and strategies.
Oversee the selection and implementation of security technologies and ensure the continuous monitoring of IT systems for potential threats.
Develop and implement security training and awareness programs for all employees.
Ensure compliance with relevant cybersecurity laws, regulations and standards.
Ensure compliance with State, Federal, Local data retention laws including retention of email and text messages.
Regularly report to executive management on the status of information security, potential risks, and ongoing initiatives.
Collaborate with other departments to ensure security awareness and training.
Stay current with the latest cybersecurity trends, threats, and technology solutions
Qualifications
Minimum Qualifications
Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
Preferred Qualifications
Professional certifications such as CISSP, CISM, or CISA are highly desirable.
Knowledge, Skills And Abilities
Proven track record of developing and implementing effective cybersecurity strategies and risk management programs.
Strong knowledge of current cybersecurity trends, threats, and protection technologies.
Excellent leadership, communication, and interpersonal skills.
Ability to make strategic decisions and translate complex security concepts to non-technical stakeholders.
Able to speak clearly, communicate effectively, and prepare clearly written reports.
Excellent analytical and problem-solving skills.
Strong organizational skills and attention to detail.
Work independently and collaboratively in a team environment.
Work under pressure, meet deadlines, and handle multiple priorities.
Strong organizational and project management skills, with the ability to handle multiple projects simultaneously.
Excellent written and verbal communication skills.
Work collaboratively in a team environment.
Work Environment/Physical Demands
The Chief Information Security Officer Works Mainly In An Office Environment Where The Noise Level Is Generally Quiet. Physical Demands May Include
- Sitting and/or standing for prolonged periods.
- Performing repetitive motion.
This position description in no way states or implies that these are the only duties to be performed. Employees are responsible for completing all mandatory training classes. Employees must also review and comply with all JTA/JTM policies, procedures, and directives. This document does not create an employment contract, implied or otherwise, other than an “at will” employment relationship. All employment offers are contingent upon pre-employment drug testing.
Positions marked as ‘Safety Sensitive’ will be subject to random testing for drug and alcohol use and if any testing is positive, the application for employment will be rejected, or if hired, employment may be terminated. Positions marked as “COOP Essential” may be required to work whenever the Continuity of Operations Plan is activated.
Driver’s License – The position description will specify whether a driver’s license is required and the acceptable class of license. Unless an exception under Florida law exists, a nonresident must obtain a Florida driver’s license within 30 days of hire. If a driver’s license has a corrective lens restriction, the employee must wear corrective lenses when operating any vehicle for work purposes. Suspended or revoked licenses, work permits, and certain restricted licenses are not acceptable.
The Jacksonville Transportation Authority is an Equal Opportunity/Affirmative Action Employer and does not tolerate discrimination or violence in the workplace. Employees who require a reasonable accommodation as defined by the Americans with Disabilities Act (ADA) must notify JTA in advance to allow sufficient time for JTA to provide the accommodation.
Compensation
How to Apply:
Apply Online
Url
https://secure6.saashr.com/ta/6044296.careers?ApplyToJob=621206708&LanguageOverride=EN
Posted
31-Jul-2025