This position is responsible for the management of the Information Security unit of the Information Technology Services (ITS) Division.  The Manager of Information Security provides leadership for development and support of the Department’s information security, including administration of policies and standards.  The Manager of Information Security directs the planning and implementation of defenses against security breaches, and audits existing systems for vulnerabilities.

This classification is distinguished from other classifications managerial responsibilities which may include the management of resources and providing direction and instruction to staff concerning project management goals, and operating procedures to achieve Division objectives. 

Supervises and provides leadership, direction and coaching to ITS staff. 

 

Drives staff development initiatives to instill shared goals and enhance core competencies across the Division.

 

Responds to escalated matters.  Resolves problems and mediates conflicts.  Promotes teamwork, encourages, and communicates across ITS teams.  Informs staff of relevant business issues and their impact on the Department.

 

Provides recommendations to the CIO and the IT Project Management Office (PMO) on the development of departmental goals, objectives and priorities for the division.

 

Assists the IT PMO in managing project activities to achieve Department goals, priorities, and objectives.

 

Establishes and communicates expectations while providing employee performance feedback on an on-going and annual basis; assists subordinates in establishing professional goals and objectives; evaluates subordinates' goal achievement through conferences or informal meetings.

 

Manages the hiring, orientation, and training process while also participating in and providing input into the disciplinary and dismissal processes.

 

Provides technical assistance as requested by the CIO.

 

Collaborates across ITS teams to develop and maintain technology plans that support Judicial Department business needs.

 

Communicates project updates to the executive team, Department leadership, and end users.

   

Assists the CIO in directing research on potential technology solutions.

 

Adapts Department information security governance processes for revisions to policies, procedures, and statutes.

 

Leads security planning by prioritizing defense initiatives, and deployment and management of security technologies.

 

Designs and implements disaster recovery and business continuity procedures.

 

Oversees development and enforcement of application and system security.

 

Communicates regularly with the Department's leadership and end users on information security issues and facilitates training and awareness initiatives.

 

Manages the information security team's annual budget.

 

Assesses and communicates security risks associated with software or hardware purchases.

 

Promotes and oversees security relationships with external entities.

 

Ensures compliance with C.R.S. 24-37.5-403 as it applies to the Judicial Department.

 

Attends meetings and training as required.

 

Performs other duties as assigned.

Has management and supervisory accountability for other employees, volunteers, or interns.  Plans, directs and coordinates activities for a unit.  Duties include scheduling and assigning of work, training in all facets of work, quality control, and decisions impacting the pay, status and tenure of others.  Conducts performance appraisals, and provides input into and participates in discipline, dismissal, and hiring processes.

Graduation from an accredited college or university with a bachelor’s degree in computer science, computer information systems, or related area; plus, six years of experience in information system management, demonstrated proficiency in information security program management, which includes planning and securing medium-scale information security operations covering applications, midrange servers, Windows, unix, and linux servers, voice and data network, Internet, or other systems.  Must have one year of direct supervisory experience.  Additional related work experience may be substituted on a year for year basis for the required formal education.

While performing the duties of this job, the employee is regularly required to talk or hear.  The employee frequently is required to sit and reach with hands and arms and perform repetitive motions with wrists, hands, and fingers.  The employee is occasionally required to stand and walk.  The employee must occasionally lift and/or move up to 25 pounds.  Specific vision abilities required by this job include close vision, and ability to adjust focus.

The noise level in the work environment is usually moderate.  This position is subject to varying and unpredictable situations; may handle emergency or crisis situations; is subject to many interruptions; may handle multiple calls and inquiries simultaneously; and may occasionally handle absentee replacement on short notice.