empty

Airport IT Security Manager Sr

City of Atlanta

Job Description

Posted on: 
November 24, 2024

Summary and company overview

General Description and Classification Standards

The Airport Information Technology Security Senior Manager is responsible for IT security policy enforcement and maintenance; design of security policy education, training, and awareness activities; monitoring compliance within the Department of Aviation and applicable laws; and coordinating investigation and reporting of security incidents. Monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

Develop and monitor practices to ensure that the network and data is secured against unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion. Duties include training in and dissemination of security policies and practices as well as developing strategies and plans to provide for timely business resumption in the event of a serious disruption. Applicants employed in this position will be required to work extra hours, as needed, and to be on-call for scheduled after-hour emergencies and respond to after-hours emergencies as needed.

Supervision Received

Direction received is very general and focuses on end results and is typically collaborative in nature. Position plans own work and project schedules and sequences.

Responsibilities

  • Monitor and advise on information security issues related to the systems and workflow at the DOA to ensure the internal security controls for the Aviation IT infrastructure is appropriate and operating as intended.
  • Coordinate and execute IT security projects.
  • Coordinate and execute IT security assessment audits and manage remediation.
  • Coordinate response to information security incidents.
  • Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
  • Conduct data classification assessment and security audits and manage remediation plans.
  • Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities.
  • Create, manage and maintain user security awareness.
  • Conduct security research in keeping abreast of latest security issues.
  • Prepare security notification, alerts and procedures for handling security incidents.
  • Perform other related duties as assigned.
  • Creating, testing and implementing network disaster recovery plans
  • Performing risk assessments and testing of data processing systems
  • Installing firewalls, data encryption and other security measures
  • Recommending security enhancements and purchases
  • Training staff on network and information security procedures

Decision Making

Decisions which you make:

  • Implementation of process/procedures to improve job efficiency
  • Implementation of solutions to enhance cyber resiliency reduce system downtime.
  • Implementation of system maintenance to improve system performance and availability
  • Design and development decisions

Job Requirements

Minimum Qualifications - Education and Experience

  • BA or BS in Computer Science, Management Information Systems, or related field.
  • Five years of progressive management experience in computing and information security, including experience with Internet technology and security issues.
  • Experience in aviation preferred.
  • Experience should include security policy development; vulnerability management; cloud security; endpoint security; network access control; threat monitoring and intelligence; multi-factor authentication; vulnerability scanning; server hardening and CIS benchmark principles; penetration testing; security awareness; forensic analysis; networking principles and basic network flows; and defining and interpreting firewall rules.
  • Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e.g., NIST CSF, ISO27001, PCI, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
  • Strong analytical and problem-solving skills.
  • Excellent communication (oral, written, presentation), interpersonal and consultative skills.

Preferred Education & Experience

  • CISSP, CISM, GIAC, or other security certifications desired.

Licensures and Certifications

  • Valid Georgia driver’s license

Additional commentary

Required physical, lifting, and sensory capabilities are requirements to perform the job successfully. Typical environmental conditions associated with job.

It is the policy of the City of Atlanta (“COA”) that qualified individuals with disabilities are not discriminated against because of their disabilities regarding job application procedures, hiring, and other terms and conditions of employment. It is further the policy of the COA to provide reasonable accommodations to qualified individuals with disabilities in all aspects of the employment process. The COA is prepared to modify or adjust the job application process or the job or work environment to make reasonable accommodations to the known physical or mental limitations of the applicant or employee to enable the applicant or employee to be considered for the position he or she desires, to perform the essential functions of the position in question, or to enjoy equal benefits and privileges of employment as are enjoyed by other similarly situated employees without disabilities, unless the accommodation will impose an undue hardship. If reasonable accommodation is needed, please contact the Human Resources Director for your department.

The City of Atlanta is an Equal Opportunity Employer and does not unlawfully discriminate on the basis of race, color, religion, age, disability, sex, sexual orientation, gender identity, marital status, veteran’s status or national origin, or any other basis prohibited by federal, state, or local law. We value and encourage diversity in our workforce.

Summary and company overview

General Description and Classification Standards

The Airport Information Technology Security Senior Manager is responsible for IT security policy enforcement and maintenance; design of security policy education, training, and awareness activities; monitoring compliance within the Department of Aviation and applicable laws; and coordinating investigation and reporting of security incidents. Monitor, assess, and fine-tune the IT business continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

Develop and monitor practices to ensure that the network and data is secured against unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion. Duties include training in and dissemination of security policies and practices as well as developing strategies and plans to provide for timely business resumption in the event of a serious disruption. Applicants employed in this position will be required to work extra hours, as needed, and to be on-call for scheduled after-hour emergencies and respond to after-hours emergencies as needed.

Supervision Received

Direction received is very general and focuses on end results and is typically collaborative in nature. Position plans own work and project schedules and sequences.

Apply now