IT Security Manager

Company Description

The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia’s businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city’s technology assets and the return on the city’s technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency.

The City of Philadelphia is seeking a highly motivated and experienced Information Security Manager to work in the Department of Revenue IT’s unit in support of the Chief Information Security Officer (CISO). This critical role will be responsible for ensuring the confidentiality, integrity, and availability of our information systems, with a strong focus on compliance with IRS Compliance and the NIST Cybersecurity Framework. The candidate possesses a deep understanding of security best practices, regulatory requirements, and technical expertise in implementing and maintaining security controls. The IT Security manager will also work with the owners of OT and IT services to identify and communicate risk and develop mitigation strategies for these risks. The candidate will have a background in cyber security that includes technical skills as well as experience with developing policies and procedures.

 

Job Description

Essential Functions

• Manage IT Security projects including implementation of an updated security program while ensuring cross-team collaboration with necessary stakeholders.
• Ensure incident response procedures are documented including identification of roles and responsibilities.
• Monitor and analyze security event data by responding to, prioritizing, and managing security events and managing security incidents from occurrence to closure, in coordination with internal and external resources.
• Schedules periodic security audits and works with outside consultants as appropriate for independent security audits.   
• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate risks.
• Develop and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).   
• Respond to security incidents and implement corrective actions.
• Stay abreast of the latest security trends to maintain the security of RevIT and OT systems.
• Partner with the City’s Security Team to ensure City policies are applied throughout Revenue.
• Stay up-to-date on the latest security threats, vulnerabilities, and regulatory requirements.
• Participate in security audits and compliance reviews.
• Contribute to the development and implementation of security policies and procedures.
• Perform risk assessments and identify mitigation strategies.
• Communicate security-related information effectively to both technical and non-technical audiences, performs miscellaneous job-related duties as assigned.

 

Qualifications

Qualifications (Education and Experience)

• Completion of a bachelor’s degree program at an accredited college or university, which has included major course work in computer science, information science, system analysis, software engineering, or a closely related field.
• Minimum of eight years of work experience, which must include at least three years of direct IT security-related experience, including exposure to the NIST Framework.
• Experience performing information security risk assessments including identifying threats, vulnerabilities, and risk.
• Experience with Vulnerability Management programs.
• Experience working with common information security tools including Endpoint Detection and Response, network filtering technologies (Web, DNS), Identity and Access Management solutions, and SIEM technologies required.
• Valid Certified Information Systems Security Professional (CISSP) credential, such as CISSP-ISSAP, CISSP-ISSEP or CISSP-ISSMP, is preferred but not required.
• Experience leading security initiatives and coordinating work across technical teams; direct people management experience preferred.

• The candidate should have knowledge of the following tools/platforms: AWS, Azure, O365, Carbon Black, Crowdstrike, Rapid 7, QRadar and/or JSA.
• Experience with OT systems such as SCADA and PLCs is a plus.

Competencies, Knowledge, Skills and Abilities

• Must be an articulate and persuasive leader who can communicate security-related concepts to a broad range of technical and non-technical staff.
• Should have experience with planning, auditing, and risk management, as well as contract and vendor negotiation.
• Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.
• Skill in organizing resources and establishing priorities.
• Strategic planning and advanced leadership skills.
• Ability to develop requests for and evaluate proposals in reference to leading-edge information services technology.
• Ability to provide strategic guidance and counsel to clientele in the assessment and development of existing and/or proposed systems.
• Ability to foster a cooperative work environment.

Additional Information

Salary Range: $115,000 - $125,000 

Salary cannot exceed $125,000.

All applications should include the following: 
•    Cover Letter clarifying your interest and qualifications for the role.
•    Resume
We won’t accept or review incomplete applications.

Work Setting: in-person (onsite)

Discover the Perks of Being a City of Philadelphia Employee:
•    We offer Comprehensive health coverage for employees and their eligible dependents
•    Our wellness program offers eligibility into the discounted medical plan
•    Employees receive paid vacation, sick leave, and holidays
•    Generous retirement savings options are available
•    Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness.
•    Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails.
•    Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too!
Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth!

*The successful candidate must be a city of Philadelphia resident within six months of hire

Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated.

The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to faqpchr@phila.gov.
 

Client-provided location(s): Philadelphia, PA

Job ID: 48247a7b-ed74-4eae-a3d1-429371426bc4

Employment Type: OTHER

Posted: 2026-02-18T20:23:23