PROJECT MANAGER (DoIT) [INFORMATION SECURITY GOVERNANCE]

JOB ANNOUNCEMENT

DEPARTMENT OF INNOVATION AND TECHNOLOGY

Security Architecture and Management Security Division

Number of Positions: 1

Under limited direction, leads and coordinates a range of technical and information technology projects, programs or initiatives within the Department of Innovation and Technology, and performs related duties as required. Functions as a key member of the Information Security Office overseeing the City’s overall Data Governance. This position takes the lead in the City’s IT Security Governance Council and is responsible for defining and developing business processes that implement successful data governance, leading adoption and change in the City. Ensures close alignment between data security, business objectives, secure technical design principles and solutions. Uses industry regulations, industry security standards, models, and architectural frameworks to identify key relationships and gaps between business objectives, processes, and technical systems. Develop roadmaps and strategies that enhance data controls, efficiency, and provide visionary guidance for oversight data governance.

ESSENTIAL DUTIES

• Leads the day-to-day planning and coordination of the City’s IT Security Governance Council
• Shapes the security policies based on industry best practices, industry standards, organizational risk, strategic business, and operating models
• Develops security policies based on enterprise principles, strategies, and frameworks
• Ensures enterprise adoption of policy standards and framework compliance across the business
• Responsible for oversight and coordination of the Governance, Risk, and Compliance program with IS Security
• Liaises with Internal Audit, Corporate Compliance, Office of General Council, and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system
• Oversees the City’s security policies, standards, guidelines, and baselines. Ensures policies are reviewed and updated regularly
• Promotes and monitors our corporate-wide IS Security awareness program
• Develops, promotes, and monitors the City’s Electronic Records Retention program. Works with business units t ensure data is properly classified
• Implements and integrates risk management procedures across the enterprise, ensuring key IT services are maintained to reduce loss and critical capability
• Develops and maintains information security policy framework, including the design and implementation of policies, standards, procedures and controls, compliance, training and awareness, vendor risk management, and metrics/KPIs
• Understands information security and the relationship between threats, vulnerability, and information value in the context of risk management

NOTE: The list of essential duties is not intended to be inclusive; there may be other duties that are essential to particular positions within the class.

Location:      DePaul Center

Address:       333 S State Street

Days:             Monday – Friday

Hours:           8:30am – 4:30pm

THIS POSITION IS EXEMPT FROM THE CAREER SERVICE

• Graduation from an accredited college or university with a Bachelor’s degree in Computer Science, Information Technology/Systems, Business Administration, or a directly related field plus three years of project management experience, or an equivalent combination of education, training, and experience

Disclaimer – “Accredited” means any nationally or regionally accredited college, university, or law school where the applicant is enrolled in or has completed an Associates, Bachelors, Masters, or Juris Doctorate degree program.

Education & Employment Verification – Please be advised that if you are selected to be hired you must provide, upon request, adequate information regarding your educational and employment history as it relates to the qualifications of the position for which you are applying. If you received your degree internationally, all international transcripts/diploma must be accompanied by a Foreign Credential Evaluation. If the City of Chicago cannot verify this information, any offer extended to you will be withdrawn and you will not be hired.

NOTE: You must provide your transcripts or diploma, professional license, or training certificates at time of processing, if applicable.

NOTE: To be considered for this position you must provide information about your educational background and your work experience. You must include job titles, dates of employment, and specific job duties. (If you are a current City employee, Acting Up cannot be considered). If you fail to provide this information at the time you submit your application, it will be incomplete and you will not be considered for this position. There are three ways to provide the information: 1) you may attach a resume; 2) you may paste a resume; or 3) you can complete the online resume fields.

SELECTION REQUIREMENTS

This position requires an applicant to successfully complete an interview. The interviewed candidate(s) possessing the qualifications best suited to fulfill the responsibilities of the position will be selected.

Preference will be given to candidates possessing the following:

• CISSP (Certified Information Systems Security Professional) and/or CISA (Certified Information Security Auditor) certification(s)
• Previous work experience with security governance
• Previous risk management work experience
• Previous compliance systems work experience
• Previous work experience implementing a GRC (Governance, Risk, Compliance) tool

  Evaluation: Your initial evaluation will be based on information provided on the application form and documents submitted with the application. Applications must be submitted by the individual applicant. No second party applicants will be accepted.

   

  Residency Requirement: All employees of the City of Chicago must be actual residents of the City as outlined in 2-152-050 of the City of Chicago Municipal Code. Proof of residency will be required.

   

  If you would like to request a reasonable accommodation due to disability or pregnancy in order to participate in the application process, please contact the City of Chicago, Department of Human Resources, at (312) 744-4976 (voice) or (312) 744-5035 (TTY). Please be prepared to provide information in support of your reasonable accommodation request.

   

  ALL REFERENCES TO POLITICAL SPONSORSHIP OR RECOMMENDATION MUST BE OMITTED FROM ANY AND ALL APPLICATION MATERIALS SUBMITTED FOR CITY EMPLOYMENT.

   

  The City of Chicago is an Equal Employment Opportunity and Military Friendly Employer.

   

  City of Chicago                                                       Department of Human Resources

  Rahm Emanuel, Mayor                                            Soo Choi, Commissioner