INFORMATION TECHNOLOGY SECURITY COORDINATOR ††††††††††††††† ††††††††††† 0559
An employee in this class has overall responsibility for protecting the information technology infrastructure of the County or the Community College. The incumbent provides direction and leadership to all County or College departments through education and awareness programs and the implementation of security policies, standards and processes. Work is performed under the general direction of the county Commissioner of Information Technology or a College administrator.† Does related work as required.
Develops and coordinates the implementation of college or countywide information security policies, standards, procedures and other control processes to safeguard electronically maintained information and systems;
Investigates alleged information security violations and assures adherence to procedures when referring investigations to other investigatory and law enforcement agencies;†
Participates in the development, implementation and maintenance of disaster recovery processes and techniques to assure continuity of business and security controls in the event of system unavailability;
Develops and implements access and usage policies for networks, internet, electronic mail and voice mail and assures compliance with such policies;
Conducts security risk assessments and consults with the supervisor and other County or College departments regarding security on existing and new implementations;
Prepares technical specifications for hardware and software purchases for security applications;
Reviews and approves all external connections to the County or College network;
Assures security awareness through training programs and other education for all County and College employees and, where appropriate, third party individuals;
Represents the Commissioner or College General Counsel at meetings regarding legal, regulatory and other security issues;
Comprehensive knowledge of the current principles, practices and procedures of developing and implementing an information security program; thorough knowledge of network protocols, encryption techniques, firewalls, virtual private networks, database structures, wireless communications, and access security techniques; thorough knowledge of the current principles, practice, and procedures of information technology; good knowledge of training methods in staff development; ability to coordinate the activities of subordinate personnel; ability to establish effective working relationships with associates and official representatives; ability to express oneself effectively, both orally and in writing.
A. Graduation from a college with federally-authorized accreditation or registration by NY State with a Bachelorís Degree plus four (4) years of experience reviewing, evaluating, implementing and assuring compliance with information technology security programs and procedures; or,
B. Graduation from a standard high school or possession of a high school equivalency diploma plus eight (8) years of experience in information technology implementation and processing which includes at least four (4) years reviewing, evaluating, implementing and assuring compliance with information technology security programs and procedures; or,
C. An equivalent combination of education and experience as defined by the limits of A. and B.
Additional computer-related education beyond a Bachelorís Degree may be substituted for experience on a year-for-year basis to a maximum of two (2) years.