City of Cleveland Heights, OH
Information Security Governance, Risk, Compliance and Privacy Analyst
City of Cleveland Heights, OHUnited States23 hours ago
Full-timeInformation Technology
Typical duties performed, include, but are not limited to oversight of daily operations to ensure alignment with departmental objectives and organizational priorities. Dependent upon service area, may manage and direct staff to maintain efficient workflows, ensuring productivity and high-quality outcomes. Develop, implement, and evaluate operational strategies, procedures, and best practices to improve efficiency and effectiveness. Monitor performance metrics and identify opportunities for process improvement. Collaborate with leadership and cross-functional teams to support departmental initiatives. Perform other job-related duties as required.

High School Diploma or GED required. Bachelor’s degree required. Substitution: Two (2) years of any equivalent combination of education, training, and experience may substitute for each year of college education lacking. Six (6) years of full-time management experience required. Four (4) years of demonstrated leadership experience. Strong critical thinking and analytical skills, with the ability to identify process inefficiencies and implement effective solutions. Excellent written and verbal communication skills. Valid State of Ohio Driver’s License required.

Duties and Tasks

  • Maintain policies, standards, plans related to data access, business continuity, and the City’s Cybersecurity posture
  • Help with internal and external audits, and compliance reviews
  • Helps with system security plans, plans of action and milestones, and privacy impact analysis
  • Reports on Governance, Risk, Compliance and Privacy metrics
  • Assist with employee security and privacy awareness training
  • Understanding of IT security principles, IT security controls and related technologies and products
  • Strong verbal/written communication, collaboration, analytical and presentation skills
  • Monitor compliance responses, follow up if needed and build and maintain trust-based relationships with peers and leaders
  • Liaise with IT control owners and other representatives, validate their ownership and control description

Preferred Qualifications

  • Experience in Information Security Governance, Risk, Compliance and Privacy
  • Experience with NIST and financial compliance models
  • Can manage multiple priorities and projects with competing priorities at once
  • Has general business knowledge of IT/Cybersecurity concepts, including familiarity with the Health Insurance Portability and Accountability Act (HIPAA), Security Rule/concepts and/or National Institute of Standards and Technology (NIST) Cybersecurity Framework
  • Hands-on experience with cybersecurity auditing, assessment or consulting
  • Proficient with Microsoft Office Tools
  • Experience translating complex technical content into clear action items or presentations
  • Familiarity with common cybersecurity frameworks, controls and terminology (example – CISSP concepts)

The City's guiding principles are as follows: Placing Clevelanders at the Center, Empowering Employees to Do Purposeful Work, Defining Clear and Pragmatic Objectives, Leading with Trust and Transparency, Striving for Equity in All We Do, and Embracing Change. All City employees are responsible for embracing and carrying out these principles in all that they do.

Key Skills

Ranked by relevance
Apply