City of Chicago INFORMATION SECURITY MANAGER in Chicago, Illinois



Job Announcement

Department of Innovation & Technology

Number of Positions: 1

Essential Duties:

· Works with the Chief Information Security Officer as a point person on citywide IT security initiatives as well as the implementation, revision and enforcement of security policies and procedures to ensure information systems reliability and accessibility

· Develops network security architecture for the City in order to control people processes, technologies which include hardware and software components

· Develop and deploy controls for information system to meet regulatory requirement including but not limited to Payment Card Industry (PCI) and Health Insurance Portability and Accountability (HIPAA) compliance

· Identifies, investigates and responds to information security incidents reported by client departments and provides post-mortem analysis and recommendations

· Supervises staff responsible for administering IT security services across the City’s enterprise network

· Performs quarterly recertification of City’s firewall infrastructure configuration and rule base

· Analyzes existing network and firewall architecture against best practices and provides recommendations to ensure alignment

· Oversees and conducts application and network security scans and works with technology teams to develop remediation plans to ensure the protection of data

· Performs security audits, monitors compliance, performs risk and vulnerability assessments of systems and implements processes and methods for addressing non-compliance to information security standards

· Oversees quarterly and yearly security scans required for compliance with Regulatory Standards

· Identifies foreseeable information security risks in order to comply with privacy and information security policies and procedures

· Reviews and evaluates the impact of changes in software infrastructure that may potentially affect the confidentiality, integrity, and availability of data

· Leads or participates in security meetings with peers and senior management

· Participates in the development, documentation, communication, testing and periodic review and revision of the City’s disaster recovery plan

· Participates in the evaluation and selection of security applications and systems and provides technical assistance on the impact that new solutions may have on the enterprise

· Assists in the preparation and management of the security operating budget

· Oversees vendors and other team members on security related projects

· Keeps abreast of security related technology, best practices and regulations

· Prepares project, status and ad hoc reports to keep management abreast of project progress, problems and solutions

Perform related duties as necessary



Graduation from an accredited college or university with a Bachelor’s degree in Computer Science, Information Technology/Systems, or a directly related field plus five years of experience in information security management and/or network architecture, including three years of project management experience or an equivalent combination of education, training and experience.

Licensure, Certification, or Other Qualifications

· Preference may be given to applicants who possess professional IT security, firewall and network certifications (e.g., CISSP, CISA, CCNA, CCNP, CCIE)

· Preference may be given to applicants who have experience working with ISO27001, NIST 800-53, PCI, and/or HIPPA frameworks

Disclaimer - "Accredited" means any nationally or regionally accredited college, university, or law school where the applicant is enrolled in or has completed an Associates, Bachelors, Masters, or Juris Doctorate degree program.

Education & Employment Verification - Please be advised that if you are selected to be hired you must provide, upon request, adequate information regarding your educational and employment history as it relates to the qualifications of the position for which you are applying. If you received your degree internationally, all international transcripts/diploma must be accompanied by a Foreign Credential Evaluation. If the City of Chicago cannot verify this information, any offer extended to you will be withdrawn and you will not be hired.

NOTE: You must provide your transcripts or diploma, professional license, or training certificates at time of processing, if applicable. You must also provide your valid U.S. driver's license at time of processing.

NOTE: To be considered for this position you must provide information about your educational background and your work experience. You must include job titles, dates of employment, and specific job duties. (If you are a current City employee, Acting Up cannot be considered.) If you fail to provide this information at the time you submit your application, it will be incomplete and you will not be considered for this position. There are three ways to provide the information: 1) you may attach a resume; 2) you may paste a resume; or 3) you can complete the online resume fields.


Your initial evaluation will be based on information provided on the application form and documents submitted with the application. Applications must be submitted by the individual applicant. No second party applications will be accepted.

Residency Requirement

All employees of the City of Chicago must be actual residents of the City as outlined in 2-152-050 of the City of Chicago Municipal Code. Proof of residency will be required.

If you would like to request a reasonable accommodation due to disability or pregnancy in order to participate in the application process , please contact the City of Chicago, Department of Human Resources, at 312-744-4976 (voice) or 312-744-5035 (TTY). Please be prepared to provide information in support of your reasonable accommodation request.


The City of Chicago is an Equal Opportunity and Military Friendly Employer

City of Chicago Department of Human Resources

Rahm Emanuel, Mayor Soo Choi, Commissioner