IT Security and Compliance Manager

Seeking a highly skilled and forward-thinking IT professional to lead and strengthen our cybersecurity and compliance initiatives across City operations. This critical role will help safeguard the systems and infrastructure that support essential public services systems residents and employees rely on every day. Will work collaboratively across departments to build a strong security-first culture while ensuring the City remains aligned with industry security standards. This is an opportunity to make a meaningful impact while growing your career in public sector cybersecurity leadership. Cybersecurity & Risk Management - Assess, analyze, and recommend security safeguards to protect the confidentiality, integrity, and availability of systems and data; review security controls and conduct security framework assessments; identify vulnerabilities and help coordinate remediation efforts across systems and infrastructure; assist with operating system configuration compliance, and security baseline implementation; support security operations involving cloud environments, identity management, networking, virtualization, and enterprise systems; and help maintain and strengthen the information security program aligned with industry best practices. Compliance & Governance - Conduct compliance assessments and assist departments in resolving identified gaps; support audits and respond to inquiries regarding compliance with cybersecurity frameworks and regulations; develop and maintain security policies, standards, procedures, and documentation; translate regulatory and contractual requirements into practical, measurable security controls; maintain records related to compliance and security governance activities. Security Awareness & Communication - Lead engaging cybersecurity awareness and training initiatives for City employees; educate staff on compliance requirements and secure technology practices; communicate security risks and compliance obligations to leadership and stakeholders in clear, actionable language; contribute cybersecurity-related content to employee communications and publications. Collaboration & Vendor Management - Coordinate security initiatives with Information Technology staff and City departments; manage vendor relationships and contracts related to cybersecurity services and operations; and promote exceptional customer service and foster a collaborative, professional workplace culture. Position may involve occasional after-hours support during security incidents or critical operations. Bachelor's degree in Cybersecurity, Computer Science, or a closely related field. Minimum of five (5) years of experience in cybersecurity, compliance, or information security. Strong analytical and problem-solving abilities, excellent written and verbal communication skills, strong organizational skills, attention to detail, and the ability to explain complex security concepts to technical and non-technical audiences are critical to be successful in this position. One or more professional certifications preferred: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Cloud Security Professional (CCSP) or equivalent. Candidates should have experience or familiarity with security frameworks such as Center of Internet Security (CIS) Controls, National Institute of Standards and Technology (NIST) Cybersecurity Framework, International Organization for Standardization (ISO) 27001, Cloud Security Alliance (CSA), and Cloud Controls Matrix (CCM); risk management methodologies such as NIST 800-39 and

ISO 27005

; regulatory frameworks including Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry—Data Security Standard (PCI-DSS) and Criminal Justice Information Services (CJIS) Security, ICS/SCADA environments and IT/OT security concepts; Microsoft Windows Server/Desktop environments; Microsoft Active Directory and Entra ID; cloud platforms and identity management systems; network infrastructure, TCP/IP, DNS, DHCP, and firewalls; and virtualization technologies and enterprise applications. Starting pay commensurate with experience. Competitive benefits package includes medical, dental, prescription, vision, wellness incentives, life insurance, retirement pension plan with Illinois Municipal Retirement Fund, other retirement savings options, and much more. Check out what it's like to work with us! . Resumes and additional documents can be attached. If you are unable to apply online, or for other assistance, please contact 630-377-4446. The City of St. Charles is an Equal Opportunity Employer.