Under minimal direction, the Enterprise Information Security Lead performs all procedures necessary to ensure the security of information and information systems, and to protect systems from intentional or inadvertent access or destruction.
Job Duties and Responsibilities:
- Develops, implements, and manages IT Security Policies and the Exception Management Processes.
- Develops policy drafts, procedures, educational materials, strategy/technology roadmaps, Request for Proposal/Offers (RFP/RFO’s), project plans, communications and executive presentations to support the overall delivery of IT Security objectives.
- Designs and implements processes and tools to proactively monitor and govern the effectiveness of Cybersecurity controls and services.
- Drives the implementation of Harris County Cybersecurity Policies within Universal Services and across the organization.
- Determines key metrics for assessing and measuring cybersecurity risk.
- Develops procedures to routinely gather and produce metrics reports and/or dashboards.
- Develops, manages, and coordinates security risk assessments to include third-party vendor, as required to support governance efforts.
- Supports development of remediation plans and proactively track progress of remediation efforts to ensure open issues/risks are addressed, and assist in presenting cybersecurity risks and gaps to stakeholders as appropriate.
- Conducts periodic assessments and gap analysis related to cybersecurity controls and manage remediation to correct the gaps.
- Participates in the on-going review and management of the Harris County Cybersecurity Framework and Cybersecurity Policies to ensure alignment with governance objectives.
- Collaborates with the cybersecurity training team to conduct ad-hoc Cybersecurity training sessions as required to support the success of the program.
- Conducts evaluation of the level of security required and assists in the evaluation and implementation of other new security solutions and technologies as needed.
- Effectively communicates and present policies, standards, and procedures to stakeholders and articulate data governance solution requirements.
- Works on multiple high complexity projects as a project leader or as the subject matter expert. Works on projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.
- Helps define and monitor policy compliance metrics, determine policy compliance gaps, and recommend/implement changes to improve operations related to data governance compliance.
- Uses Cybersecurity intelligence and understanding of IT systems to inform decisions on policy, exceptions, and system/configuration reviews.
- Facilitates review of Cybersecurity-related documentation, processes, and procedures.
- Establishes reasonable security guidelines and measures to protect data and systems.
- Identifies, measures, control and minimize security risks to information systems across a broad range of disciplines including applications, networking and cybersecurity.
- Other duties as assigned.
Harris County is an Equal Opportunity Employer
If you need special services or accommodations, please call (713) 274-5445 or email
This position is subject to a criminal history check.
Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.