Website City of Dallas, TX
If you are looking for a part-time career then apply for the Information Technology Manager (Risk & Compliance Manager). The new position is open in the Dallas, TX 75201 at City of Dallas, TX local office. Check out the details below.
Job: Information Technology Manager (Risk & Compliance Manager)
Company: City of Dallas, TX
Location: Dallas, TX 75201
The salary listed on this job posting is the entire salary range for the position; amount offered will depend upon qualifications.
For information related to Essential Functions, Knowledge, Skills & Abilities Required to Perform Work, and Working Conditions & Hazards of this position, click here. Locate and click on the position title to view the job classification specification.
For evaluation purposes, acceptable qualifying experience for all positions must have been in a paid capacity unless noted otherwise in the minimum qualifications for the posted position.
Additionally, 30+ hours per week will be counted as full-time employment and will receive full credit for the amount of time employed. A minimum of 15 through 29 work hours per week will be counted as part-time employment and will receive half credit for the amount of time employed.
Vacancies currently available in the following departments / group:
Bachelor’s degree (or higher) in a computer science, engineering, math, Business or Information technology related field.
Five (5) years’ experience in an IT technical role which must have included experience in IT Compliance, Risk Management, or Information Security.
Three (3) years of supervisory experience including performance planning and policy development.
High school diploma/GED plus nine (9) years of the required experience including three (3) of the stated supervisory experience will meet the education and experience requirements.
An associate degree in a specified field plus seven (7) years of the required experience including three (3) of the stated supervisory experience will meet the education and experience requirements.
A bachelor’s degree or higher in a non-specified field plus seven (7) years of the required experience including three (3) of the stated supervisory/experience will meet the education and experience requirements.
A master’s degree or higher in a specified field plus three (3) years of the required experience including three (3) years of the stated supervisory experience will meet the education and experience requirements.
No felony or class A misdemeanor convictions.
No class B misdemeanor conviction within the last ten (10) years.
No family violence convictions.
Cannot currently be on deferred adjudication for any felony, class A misdemeanor or class B misdemeanor charge.
KNOWLEDGE, SKILLS, ABILITY(IES):
Knowledge of, or experience working with Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS) services and Cloud infrastructure
Knowledge of Managing Security Risk and Risk Documentation
Ability to develop and execute methods to identify internal and external risks to data and to enhance objective, data driven risk models
Ability to assist and/or build controls to mitigate risk, re-engineer or assist in re-engineering new processes where required (e.g. on-boarding, off-boarding, vulnerability management, etc.) across all critical business systems
Ability to Perform security internal control assessments and testing based upon NIST 800-53
Ability to Perform risk, business impact, control, and vulnerability assessment
One or more of the following certifications preferred:
Certified Information Systems Auditor (CISA),
Certified Information Security Manager (CISM),
Certified in Risk and Information Systems Control (CRISC),
HealthCare Information Security and Privacy Practitioner (HCISSP) and others including Certified Authorization Professional (CAP).
Experience in application security, security code review, security testing, and incident response/infrastructure
Experience in risk management framework (ERM) and NIST Cybersecurity Framework
Exposure to various control frameworks in SOX, GDPR, PCI, HIPAA, etc.
Risk and Compliance Manager: Manages, directs, and trains a staff of IT Security Risk Management and Compliance staff in the development and maintenance of an ongoing IT Security risk management strategy; Ensure that ITS meets compliance requirements set for by various Federal and State Federal and State agencies; performs vulnerability testing to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action; develops strategies and plans to enforce security requirements and address identified risks, vulnerabilities, and other security exposures and noncompliance; develops security processes and testing/auditing procedures that conform to the enterprise security standards including HIPAA, CJIS and other compliance requirements and segregation of duty concerns. Idea candidate should have a solid working knowledge of the NIST Risk Management Framework and Risk Management tools that support development of an IT risk management strategy. Prior experience in performing IT Risk assessments is a key qualification. Must have a strong working knowledge of Federal and State compliance rules and regulations focused on HIPAA, CJIS, PCI, PCII, etc.