Position Summary
This position directs and oversees the Information Security (Info Sec) office to ensure MAC Information Assets are protected from unauthorized access by developing and maintaining an Information Security Program that utilizes layers of security controls, manages a team of credentialed professionals, and conducts effective cyber training and awareness for the Metropolitan Airports Commission. This position works closely with all business units to define data protection requirements and solutions. This position ensures that regulatory compliance is maintained for PCI, CJIS, TSA and FAA for security aspects of those regulations. The Information Security team works closely with local and federal law enforcement teams, and the State of Minnesota where shared interests exist.
This individual will have solid Information Security, Risk Management, and Information Technology experience, as well as project management and vendor management skills. As a member of the IT senior leadership team, this role contributes to the development and execution of the enterprise-wide IT strategy as part of the Commission's purpose statement.
To apply: click the "Apply" link located just above the position description, log-in and follow the instructions provided.
Questions regarding this position can be directed to Nicole Kiefer at nicole.kiefer@mspmac.org or 612-726-8166.
Applications will be accepted until 11:59 PM on Sunday, December 8, 2024.
Attention Professional Recruitment Agencies: The Metropolitan Airports Commission is interested in reviewing your qualified candidates. Please contact Nicole Kiefer, Assistant Director, Human Resources at nicole.kiefer@mspmac.org or 612.726.8166 to learn about our terms and conditions.
MAC complies with the Americans with Disabilities Act. If an accommodation is required for you to participate in the application process because of a disability, please contact Tekia Jefferson at 612-726-8196 or Tekia.Jefferson@mspmac.org.
MAC is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, gender, age, nationality, or disability.Position Description
Information Security
- Develop and implement an enterprise-wide information security strategy and risk management program.
- Identify and assess security vulnerabilities and risks and develop appropriate controls and countermeasures to mitigate them.
- Establish and enforce information security policies and procedures across the organization.
- Ensure compliance with relevant regulatory requirements and industry standards.
- Ensure that security incident responses are brought to the correct conclusion, including reporting to TSA/DHS.
- Oversee the design and implementation of security technologies and tools.
- Build and manage a team of security professionals, including hiring, training, and performance management.
- Ensure that effective corporate Info Sec training and security awareness programs are executed and maintained.
- Collaborate with other executives, business units, and external partners to ensure security needs are aligned with business objectives.
- Stay up to date with the latest security threats, trends, and technologies to ensure the organization remains proactive and protected against emerging threats.
- Determine financial needs of the Info Sec department and submit annual budget (Op Ex and Cap Ex) that is consistent with MAC IT's strategic direction, division needs, and stakeholder expectations; monitor and communicate budget to actuals as each budget year plays out.
- Leverage negotiation skills to drive cost competitive results; look for opportunities for cost avoidance.
- Participate in management meetings: takes part in open dialogue; communicates information within the organization and provides feedback to the team.
- Identify strategic and/or critical issues that require CIO direction.
- Drives the adoption and commitment to continual service improvement.
- Can represent the CIO in presentations or discussions regarding strategies, projects; provides issue summaries, discussion opportunities and problem resolution options.
Position Requirements
Manager of Managers (MOM) Competencies
- Customer Focus - Building strong customer relationships and delivering customer-centric solutions
- Strategic Mindset - Seeing ahead to future possibilities and translating them into breakthrough strategies
- Plans and Aligns - Planning and prioritizing work to meet commitments aligned with organizational goals
- Ensures Accountability - Holding self and others accountable to meet commitments
- Drives Results - Consistently achieving results, even under tough circumstances
- Collaborates - Building partnerships and working collaboratively with others to meet shared objectives
- Values Differences - Recognizing the value that different perspectives and cultures bring to an organization
- Builds Effective Teams - Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals
- Communicates Effectively - Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
- Drives Engagement - Creating a climate where people are motivated to do their best to help the organization achieve its objectives
- Organizational Savvy - Maneuvering comfortably through complex policy, process, and people-related organizational dynamics
- Bachelor's degree in computer science, information systems or a related field.
- Ten years of information security leadership experience.
- In lieu of a degree, 14 years of information security leadership experience.
- Four years of leadership responsibilities, managing groups and teams which included responsibility for hiring, disciplining, coaching, rewarding, and terminating employees.
- Excellent verbal and written communication skills.
- Excellent customer service skills
- Ability to understand and communicate technical information to the end user in an easily understood manner.
- Experience managing third parties/vendors.
- Strong vendor negotiating skills.
- Expertise with NIST Cyber Security Framework, and ability to map the CSF domains to MAC's Info Sec policies and roadmaps.
- Valid driver's license.
- Reliable vehicle to commute between job sites.
- Ability to obtain Federal TSA clearance.
- Master's degree in related field
- CISSP credentials
- Public sector experience
- Airport vertical experience
- CISM or C|CISO credentials.
Other Information
This position provides an opportunity for on-site and remote work. MAC's remote work policy requires employees to be on-site three days of the week. Among the three on-site days, one of them must be either a Monday or a Friday.