Division Director Security, Risk, and Compliance

Adams County

  • Brighton, CO
  • $113,857-130,936 per year
  • Permanent
  • Full-time
  • 17 hours ago
What Success Looks Like In This JobUnder the direction of the Director, Information Technology and Innovation (ITi) and working collaboratively with other ITi Division Directors and Managers, take responsibility for providing strategic and operational leadership for the county's security architecture, information security, and risk & compliance functions. This leadership position will oversee the development and implementation of security strategies, ensuring the protection of the county's information assets and compliance with relevant regulations and standards. The role involves managing and guiding managers and individual contributors in creating a secure, compliant, and resilient service-oriented IT environment.The anticipated hiring range for this role is $113,857.37 - $130,935.976 annually. The full salary range for this position is $113,857.37 - $170,786.05 annually.Examples of Duties for Success
  • Collaborate with the ITi leadership team to develop and implement security, risk, and compliance strategies.
  • Ensure comprehensive information security practices are in place, including threat detection, incident response, and vulnerability management.
  • Develop and implement risk management programs to identify, assess, and mitigate risks.
  • Ensure compliance with relevant regulations, standards, and best practices.
  • Monitor and analyze security metrics and performance indicators, providing regular reports to the Director and other stakeholders.
  • Coordinate with other departments to ensure security and compliance requirements are integrated into all IT projects and initiatives.
  • Oversee the development and maintenance of security policies, standards, and procedures.
  • Foster a culture of security awareness and compliance across the organization.
  • Initiates, facilitates, and promotes activities to create information security awareness throughout organization
  • Provide oversight and ownership for intrusion detection and response
  • Coordination of security assessments and penetration testing
  • Designing cost effective security architectures that support county business objectives, and comply with all applicable policies, laws, and regulations Monitor multiple external sources of threat and vulnerability information and communicate risks to key personnel.
  • Attends conferences and training as required to maintain proficiency
  • Evaluate and maintain the information security budget
  • Perform other related duties and responsibilities as required
Supervision
  • Provide direct supervision of staff
Qualifications for Success
  • Demonstrated ability to lead and manage diverse security, risk, and compliance functions.
  • Strong decision-making skills and a proactive approach to problem-solving.
  • Ability to coordinate and manage multiple projects in a fast-paced and changing technical environment.
  • Excellent customer service skills, with the ability to communicate effectively with both technical and non-technical users.
  • Strong written and verbal communication skills.
  • Proficiency in relevant technologies and tools, including security information and event management (SIEM) systems, and risk management tools.
  • Ability to work independently and within established guidelines, with excellent attention to detail.
  • Ability to inspire and motivate team members, fostering a collaborative and productive work environment.
  • Computer skills: Proficient with Microsoft Windows and Linux operating systems
  • Strong technical background and understanding of enterprise networking and datacenter environments
  • Up-to-date knowledge of security threats and exploitation techniques
  • Experience conducting technical security assessments and penetration testing using open source and commercial tools
  • Experience with scripting and programming languages a plus (Python, PowerShell, BASH, .NET).
More Qualifications for SuccessEducation
  • A Bachelor's Degree from an accredited college in Computer Science, Information Systems, or closely related field.
Experience
  • Minimum of five (5) years of progressively responsible experience in security, risk and compliance
  • Minimum of four (4) years of leadership experience, including supervision of individual contributors, with evidence of making impactful change.
  • Strong knowledge of compliance frameworks including HIPAA Security Rule, PCI compliance, IRS 1075, and CJIS
License and/or certification
  • Possession of or the ability to obtain a valid Colorado Driver's License is required
  • ITIL Foundation Certification is desired
  • Possession of one of more of the following security certifications is preferred: SSCP, CISM, CISA, HISP, CISSP and/or NIST Cybersecurity Framework Practitioner
Background Check
Must pass criminal (CBI) and (CJIS) fingerprint-based background checkOther
Per our County Mission statement, “to responsibly serve the Adams County community with integrity and innovation”, this position will own and pursue integrity and innovation.
  • Must be able to work outside of regular business hours to respond to system outages
Adams County complies with Colorado’s Job Application Fairness Act (“JAFA”). JAFA prohibits employers from asking individuals to disclose their age, date of birth, or dates of school attendance or graduation on an initial employment application. However, additional application materials such as certifications and transcripts containing this information may be required for certain positions; if such additional materials are requested, applicants may redact information that identifies the applicant’s age, date of birth, or dates or attendance or graduation.Adams County provides a comprehensive benefits package to employees that goes above and beyond what is offered at most organizations.Click to watch our video about why Adams County is an Employer of Choice!Benefits You Expect:
  • AFLAC Supplemental Medical Insurance
  • Basic Term Life & Optional Term Life Insurance
  • Deferred Compensation Plan
  • Dental/Vision/Medical Plans
  • Generous Vacation/Sick leave
  • Long-Term Disability
  • Retirement Plan
  • Short-Term Disability
Plus some you might not expect:
  • Employee Assistance Program
  • Employee Fitness Center
  • Employee Health Clinics
  • Flexible Work Schedules
  • Recreation Center Discounts
  • Training & Tuition Reimbursement Programs
  • Wellness programs
  • Lactation friendly certified workplace

Adams County