Enterprise Information Security Manager

Salary: $100,000.00 - $120,000.00 Annually
Location : Columbus, OH
Job Type: Full-Time
Remote Employment: Flexible/Hybrid
Job Number: 202548
Department: Information Security
Opening Date: 04/08/2025

Summary
Organization Summary

FCDC provides cost-effective, business-driven, collaborative, and secure IT services and solutions to public service agencies throughout Ohio's most dynamic county. Our goals are simple but expansive: to be the most trusted enterprise technology service provider for Franklin County and a national leader in digital government services. Every day, the FCDC team empowers local government departments, agencies, teams, and nonprofits to deliver top-notch services to residents and businesses in central Ohio, and we take pride in the work they accomplish with our support.
Job Summary
The Enterprise Information Security Manager, reporting to the Chief Information Security Officer, is responsible for designing, implementing, and overseeing the Franklin County Data Network (FCDN) information security program and framework. This individual possesses vast experience in information security practices, secure network architecture, Internet Protocol (IP), firewalls, encryption, intrusion detection systems, web filtering, authentication, and authorization methodologies. The Manager of Information Security will assist the CISO with preserving the confidentiality, integrity, availability, and non-repudiation of County information resources by developing, deploying, and embedding information security architecture, policies, and standards. The Manager of Information Security must demonstrate practical communication skills and the ability to train others on security policies and practices. They must be able to manage staff, contractors, and services, providing technical direction as necessary.
The Security Manager's primary focus is work management and product ownership for the assigned individuals and security capabilities. As a secondary focus, the Security Manager will closely collaborate with the CISO in developing the Information Security Strategy and vision. In the absence of the CISO, the Security Manager may assume responsibility for leading all of Information Security.
Employees new to FCDC or promoted into new positions must complete a 180-day probationary period, and all employees must adhere to current Employee Handbook policies.

Essential Duties and Responsibilities
To perform this job successfully, candidates must be able to perform each essential duty and fulfill each responsibility satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform basic functions. The essential duties and responsibilities include:

• Perform complex IT architecture projects with competency to preserve the confidentiality, integrity, availability, and non-repudiation of the FCDN.

• Assist in developing Security strategy, policy, and roadmaps for Franklin County Technology services, software, hardware, and other physical resources (e.g., cloud, client, collaboration, virtualization, network, server, data center, etc.)

• Responsible for the development, deployment, and embedding of information security architecture, policies, and standards
• Collaborate with Enterprise IT and Infrastructure engineers and Enterprise Architects on planning, developing, and supporting core technologies like Azure Active Directory, local and cloud storage and sharing, collaboration, endpoint delivery and security, email systems, and more.
• Coordinate the documentation, distribution, and enforcement of FCDN security policies, standards, and procedures, collaborating with key IT staff to develop and implement communication strategies for all cyber security policies and procedures.
• Create and maintain cyber risk management methodologies.
• Develop effective security risk and control metrics.
• Responsible for leading the execution of day-to-day security operations and engineering teams.
• Regularly collaborate with the directors/managers in enterprise IT, government experience, and partner experience management to ensure cohesion of planning, implementation, and communication strategies.
• Keep abreast of the latest security legislation, regulations, advisories, alerts, and FCDN vulnerabilities.
• Serve as the FCDN security audit and governance lead. Prepare and submit required reports to internal and/or external stakeholders, ensuring that systems, software, networks, and information are evaluated for security compliance.
• Lead and develop Enterprise Information Security team members, in collaboration with HR, using quarterly review frameworks, 1:1 meetings, modeling of professional development behaviors, utilization of training budgets, and encouragement of cross-training opportunities
• Manages direct staff functions, including activity tracking, time reporting, and performance appraisals.
• Lead the vulnerability management program for the external and internal networks, servers, PCs, applications, and endpoint devices.
• Lead the incident response program to address, control, and manage information security incidents, events, or security breaches.
• Act as backup coordinator and communicator for Enterprise Information Security during major incidents at any time
• Participating in Information Security annual strategy development, budgeting, and resource planning.

• Collaborate with Enterprise Financial Services on vendor and contractor reviews, selections, purchases, renewals, and project engagements
• Promote growth of FCDC services and client agency collaborations in line with FCDC's vision, mission, and values

Security Capabilities

Responsible for the effective use of the following security capabilities:

• Intrusion detection and prevention tools
• Vulnerability Management Solution
• Firewall systems
• Web and content filtering tools
• Log correlation engines
• Endpoint and Server Detection and Response Capabilities
• Endpoint and Server Patch Management Solution
• Mobile Device Management (MDM) tools
• Microsoft 365 Security Capabilities

SUPERVISORY RESPONSIBILITIES

The Enterprise Information Security Manager directly supervises assigned team members within Information Security. In the absence of the CISO, the Security Manager may also provide the CIO with broader temporary leadership of Information Security and guidance. The Security Manager will provide the following forms of staff supervision, development, and leadership:

• Set and maintain high expectations for teams and individuals in terms of work quality and quantity
• Develop staff skills via ongoing assessment and utilization of training resources
• Ensure managers are developing their team members in line with FCDC standards
• Actively participate in employee and contractor hiring activities for Information Security
• Collaborate with HR as needed when taking employee disciplinary actions as outlined in FCDC policy
• Demonstrate FCDC values and promote the vision and mission of the organization with staff
• Heavily encourage cross-team collaboration within Information Security and across FCDC
• Develop individual and team project management capacity internally and promote collaboration with Enterprise Delivery Services and Partner Experience Teams

POSITION DETAILS

Enterprise Information Security Manager

Qualifications
Technical Skills

• Proven working experience building and maintaining security systems.
• Excellent analytical and problem-solving skills.
• Solid technical knowledge of security industry best practices and procedures.
• Experience with network technologies and systems, security, and monitoring tools.
• Familiarity with web-related technologies (Web applications, web services, service-oriented architectures) and network/web-related protocols.
• Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Experience with moderate disaster recovery (DR) planning
• Understand the system hardening processes, tools, guidelines, and benchmarks.
• Hands-on experience with vulnerability scanning, firewall, antivirus & malware analysis, proxy, IDS/IPS, log correlation tools, SIEM, and other related tools.
• Strong capacity to relate infrastructure design and troubleshooting knowledge to other team members and FCDC staff, including the ability to mentor new security team members
• Demonstrated ability to gather relevant information systematically to troubleshoot and resolve complex issues crossing multiple server, client, network, security, and application technologies
• Ability to plan sophisticated security deployment and upgrade projects and estimate budgets and resource requirements; can act as solo project manager, mixing internal and external resources in a unified timeline
• Proven success in leading and managing a team of IT engineers, including mentoring, professional development, disciplinary matters, interviewing and hiring, and work quality and quantity management
• Excellent analytical and problem-solving skills in contemporary infrastructure environments, including the ability to work positively under pressure to resolve highly visible incidents
• Ability to prioritize work based on business needs, requirements, and criticality

Education Level/Work Experience & Certification

NOTE: Relevant work experience years can be converted to formal education years at a ratio of 2:1

Preferred: 4-year (bachelor) degree, preferably in computer science or related field.

Required: 2-year (associate) degree, preferably in computer science or a related field.
Preferred: 7+ years of hands-on experience in Information Security; 5+ years of staff management

Required: 5+ years of hands-on experience in Information Security; 3+ years of staff management
Preferred: CISSP or CISM

Required: Security + or any ISC2 certification
Supplemental Information
Decision Making / Problem Solving

• Makes sound, well-informed, and objective decisions promptly.
• Compares data, information, and input from various sources to conclude; acts consistent with available facts, constraints, and probable consequences.
• Applies rational and creative processes to identify unknown root causes of problems.
• Based on the situation, decide the best course of action, implement the solution, and follow up to see how it works.
• Calculates and evaluates the long-term consequences of a decision.

Communication

• Clearly conveys and receives information and ideas through various media to individuals or groups in a manner that engages the listener, helps them understand and retain the message, and invites response and feedback.
• Keeps others informed as appropriate.
• Demonstrates effective written and verbal skills.
• Uses keen, active listening skills to gather and validate information, build trust, and enhance collaboration.

SOCIAL SKILLS

Enterprise Information Security Manager
Trust Development

• Gets along with others
• Acts with dignity and integrity
• Earns and maintains trust and support of supervisors
• Builds trust with client end users
• Earns and maintains trust and support of peers within the organization for technical solutions
• Builds trust with client IT, project, and support contacts
• Earns and maintains trust and support of leaders across the organization for technical ideas and solutions

Builds trust with client leaders

Self + Stress Management

• Maintains effective performance under pressure; handles stress in a manner acceptable to others and the organization.
• Stays calm and even-tempered when handling crises, stressful situations, continuous change, or unexpected developments.
• Handles increased pressure and growing responsibilities
• Rapidly recovers from difficult situations; deals constructively with adversity

Acts as a settling or calming influence in a crisis.

Teamwork

• Works effectively in a team environment to accomplish organizational goals.
• Participates as an active and contributing member of the project and cross-functional teams aligned.
• Helps create and maintain strong morale and a feeling of belonging in their team.

Conflict Management

• Uses appropriate interpersonal styles and techniques to reduce tension and/or conflict between two or more people; can size up situations quickly; identifies common interests; facilitates resolution.
• Steps up to conflicts and sees them as opportunities.
• Finds common ground and achieves cooperation without disrupting workflows or interpersonal relationships.

Inclusion

• Values an inclusive organization where the differences of all people are respected, valued, and utilized towards achieving common goals.
• Respects and relates well to people from varied backgrounds, understands diverse worldviews, and is sensitive to group differences; sees diversity as an opportunity; respectfully challenges bias and intolerance.
• Supports equal and fair treatment.

DRIVE

Enterprise Information Security Manager
Work Ethic

Does what it takes to get the job done; puts in extra hours as needed to ensure designs are detailed and thorough and projects run well; also ensures teammates get what they need for projects and mentoring.

Dependability and Reliability

• Personally responsible.
• Completes work in a timely and consistent manner.
• Demonstrates regular and punctual attendance; arrives prepared for work.
• Diligently follows through on commitments and consistently meets deadlines.

Franklin County Data Center offers a complete benefits package to full-time employees including; health care, dental care, life insurance, long and short term disability insurance, holidays, vacation, sick leave, deferred compensation plans, transportation and credit union.

To learn more details, visit our