Information Security Officer

If you are an Internal City Employee, Retiree or Dependent/Survivor of a City Employee please apply internally via Career Icon in your Workday account.

Make a difference in the community you live in! As a Community Builder—an employee with the City of Gainesville— you will have a direct hand in building and improving your community and making a visible impact on the lives of your neighbors. Working for local government is more than a job, it’s a chance to contribute to community success and to help enhance the Gainesville way of life.

Department:

GG_Technology: Technology Administration

Salary Range Minimum:

$119,725.49

Salary Range Maximum:

$190,213.87

Closing Date:

07/25/2025

Job Details:

Job Description:

The Information Security Officer (ISO) is responsible for building a Cyber Security Program to ensure the protection and resilience of the technology systems and information assets that the City of Gainesville employees need to enable the delivery of “Best in Class” Neighbor Services for our community. The ISO is responsible for the citywide cybersecurity strategy, risk management, compliance initiatives, and incident response leadership. This position ensures the confidentiality, integrity, and availability of City information systems and supports the City’s strategic goals by aligning cybersecurity with organizational priorities.

The ISO reports to the Technology Director and leads cyber security analysts in addition to cross-functional Incident Response Team (IRT) members and is the primary liaison with external response partners and service providers.

SUMMARY

The Information Security Officer (ISO) is responsible for building a Cyber Security Program to ensure the protection and resilience of the technology systems and information assets that the City of Gainesville employees need to enable the delivery of “Best in Class” Neighbor Services for our community. The ISO is responsible for the citywide cybersecurity strategy, risk management, compliance initiatives, and incident response leadership. This position ensures the confidentiality, integrity, and availability of City information systems and supports the City’s strategic goals by aligning cybersecurity with organizational priorities.

The ISO reports to the Technology Director and leads cyber security analysts in addition to cross-functional Incident Response Team (IRT) members and is the primary liaison with external response partners and service providers.

EXAMPLES OF WORK*

*This section of the job description is not intended to be a comprehensive list of duties and responsibilities of the position.  The omission of a specific job function does not absolve an employee from being required to perform additional tasks incidental to or inherent in the job.  Performance of lower-level duties may be required.

ESSENTIAL JOB FUNCTIONS

Develops and maintains a comprehensive citywide cyber security program aligned with industry standards and regulatory requirements.

Supports the planning and execution of efforts to insource technology infrastructure, cybersecurity, applications, and IT service delivery.

Leads risk assessment activities and implements controls to mitigate cybersecurity threats.

Assess, implement, operate and maintain cyber security systems e.g. firewalls, web and email scanners, vulnerability scanners, endpoint protection etc.

Establishes and enforces cyber security policies, standards, and procedures.

Oversees incident response planning and execution, including investigations and coordination with law enforcement when necessary.

Ensures compliance with applicable laws, regulations, and frameworks such as NIST, ISO, CIS, FIPA, HIPAA, and PCI-DSS.

Coordinates security awareness and training programs to promote a culture of cybersecurity across the organization.

Provides guidance on secure system design and development throughout the technology lifecycle.

Conducts audits and assessments of internal systems and third-party vendors to evaluate security posture.

Advises senior leadership on current cyber risks, threats, and strategies for mitigation.

NON-ESSENTIAL JOB FUNCTIONS

Attends work on a continuous and regular basis.

Performs related duties as required or assigned by the Director of Technology.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential job function satisfactorily. Below are the required education, experience, knowledge, skills and abilities to perform the essential functions.

EDUCATION AND EXPERIENCE

Bachelor’s degree from an accredited college or university in cyber security, computer science, management information systems, business administration, or a related field.

Eight (8) years of progressively responsible experience in cyber security, including three (3) years of team and program leadership experience.

A Master’s degree may substitute for one (1) year of non-supervisory experience.

DESIRED CERTIFICATIONS

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Ethical Hacker (CEH)

GIAC Security Essentials (GSEC)

CompTIA Security+

Microsoft Certified: Azure Security Engineer Associate

KNOWLEDGE, SKILLS AND ABILITIES

Thorough knowledge of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and best practices.

Working knowledge of applicable state and federal laws related to information security and privacy.

Ability to develop and implement a comprehensive cyber security program including policies, procedures, and technical standards that strengthen cybersecurity.

Strong understanding of network, endpoint, and cloud security technologies.

Ability to assess and manage information security risks and effectively lead the response to cyber security incidents.

Excellent written and verbal communication skills, with the ability to present technical concepts to non-technical stakeholders.

Strong interpersonal and leadership skills, including the ability to influence, advise, and collaborate across departments.

Ability to manage confidential information with a high level of discretion and professionalism.

Knowledge of audit processes and the ability to interface with internal/external auditors and regulators.

Ability to develop and lead security awareness and training programs.

Ability to work collaboratively with teams across the organization to resolve issues and implement process improvements.

Knowledge of security performance metrics and reporting tools.

Ability to foster a culture of security while enabling operational excellence through the use of technology and innovation.

PHYSICAL AND ENVIRONMENTAL REQUIREMENTS

To perform this job successfully, an individual must possess certain physical abilities and be able to withstand work related environmental conditions.

PHYSICAL REQUIREMENTS

While performing the duties of this job, the employee is often required to sit for prolonged periods of time.

WORK ENVIRONMENT

May be required to work and attend meetings outside regular business hours.

Requires occasional travel to City offices and facilities for on-site support coordination.

Note: 

May Require Assessment(s).

May fill multiple positions.

May establish an eligibility list.

Come join our team! The City of Gainesville offers a competitive benefits package and opportunities to grow both professionally and personally.

All ‘regular’ employees are eligible for traditional benefits such as health insurance, life insurance, paid leave, 11 paid a holidays a year, a pension plan and a deferred compensation plan, but we also offer great things like on-site fitness centers, tuition reimbursement, on-site medical staff and a wellness program to keep you healthy and happy. Please note; benefits are not available for temporary employees.

Equal Opportunity

The City of Gainesville is an equal opportunity/affirmative action employer and does not discriminate in hiring. Minorities, women and individuals with disabilities are encouraged to apply. Individuals with a disability, who require special accommodations during the selection process, should notify the Human Resources Department at 352-334-5077 or TDD/TTY at 352-334-2292.

Veterans' Preference

Veterans are encouraged to apply. Veterans’ Preference ensures that veterans and eligible persons are given consideration at each step of the selection process. However, preference does not guarantee that a veteran or other eligible person will be the candidate selected to fill the position. Section 295.07, Florida Statutes (F.S.) specifies who is eligible for Veterans’ Preference. State of Florida residency is not required for Veterans’ Preference.

If you are unable to apply online due to a disability, contact recruiting at HR@cityofgainesville.org or by calling 352-334-5077.