Cybersecurity Administrator

City of Gulfport

Gulfport, MS

JOB DETAILS
SALARY
$62,244.19–$70,056.39 Per Year
SKILLS
Access Control, Analysis Skills, Artificial Intelligence (AI), Auditing, Authentication, Benchmarking, Best Practices, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, CompTIA - Computing Technology Industry Association, CompTIA Security+, Computer Forensics, Computer Science, Computer Security, Continuous Improvement, Corrective Action, Criminal Justice, Data Management, Disaster Recovery, Documentation, Driver's License, Endpoint Security, Establish Priorities, GIAC - Global Information Assurance Certification, IT Governance, Identity Data Management, Incident Management, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Insurance, Internet Security, Keyboards, Law Enforcement, Loss Prevention, Machine Tool, Maintain Compliance, Manual Dexterity, Metrics, Microsoft Product Family, Multitasking, Network Security, Office Equipment, Operations Management, Penetration Testing, People Management, Performance Analysis, Performance Metrics, Phishing, Physical Demands, Policy Development, Procedure Development, Purchasing/Procurement, Regulations, Regulatory Compliance, Regulatory Requirements, Reporting Skills, Requirements Management, Risk, Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Monitoring, Security Policy, Software as a Service (SaaS), Strategic Planning, System Architecture, Systems Administration/Management, Systems Analysis, Technical Leadership, Training/Teaching, U.S. National Institute of Standards and Technology (NIST), Vendor/Supplier Planning, Vendor/Supplier Selection, Willing to Travel
LOCATION
Gulfport, MS
POSTED
1 day ago

Cybersecurity Administrator

Department: Information Technology

FLSA Status: Exempt

Annual Salary: $62,244.19 - $70,056.39

Position Overview:

This position answers to the Director of Information Technology. Responsibilities include for the overall cybersecurity posture of the City of Gulfport. This role leads the implementation, management, and continuous improvement of the City's cybersecurity program, including threat detection and response coordination, identity and access management, regulatory compliance (including CJIS), data protection, and user security awareness.

This position serves as the primary administrator and internal owner of the City's Managed Detection and Response (MDR) platform and associated security tooling, ensuring proper configuration, monitoring, and response to threats across all systems. The Cybersecurity Administrator works closely with internal IT staff, City departments, law enforcement stakeholders, and external vendors to proactively identify risks, mitigate vulnerabilities, and ensure compliance with applicable standards and regulations.

This position is classified as Essential. Essential status is defined as employees whose duties are vital to maintain basic municipal functions during an emergency. 


Essential Job Functions: 

Essential job duties and functions, pursuant to the Americans with Disabilities Act, may include the following:

  • Oversees security operations and threat management. This includes but is not limited to administering and managing the City's cybersecurity platform, including managed detection and response (MDR) services. This position will also monitor, analyze and respond to security alerts and suspicious activity, serve as the liaison with MDR provider for escalation, investigation and remediation, conduct endpoint, network and identity based thread investigations, coordinate containment, eradication and recovery efforts during security incidents, identify and mitigate enhanced AI threats through advanced detection tools and user awareness training.
  • Manages incident response and cyber recovery. This includes leading the City's cyber security incident response program in alignment with industry frameworks, developing and maintaining incident response plans, procedures and playbooks, coordinates cross-departmental response efforts during incidents, conducts post-incident reviews, implements corrective action plans and supports disaster recovery and continuity planning related to cyber events.
  • Oversees vulnerability and risk management. This includes identifying, assessing and prioritizing vulnerability's across the systems, networks and applications. Will provide cloud security oversight, including Microsoft 365 and other cloud/SaaS providers. Maintain cybersecurity risk register, and provide risk-based recommendations. Perform security assessments for new systems, vendors and initiatives, coordinate and manage third-party penetration testing engagements, including scope definition, vendor selection, scheduling and oversight. Conduct follow-up validation to ensure vulnerabilities have been properly mitigated. Maintain documentation and reporting to support audit, CJIS compliance and cyber insurance requirements.
  • Manages Identity and Access Management (IAM). This includes the management and enforcement of Multifaction Authentication (MFA), development and maintenance of conditional access policies and identity security controls. Oversight of role-based access control (RBAC) and enforce least privilege principles. Conducts periodic access reviews and privileged account audits and recommends / implements advanced identity protection strategies.
  • Manages Data Protection & Data Loss Prevention (DLP). Oversees logging, monitoring and visibility across critical systems, platforms, network devices, services, and endpoints. Monitors log integrity, retention and availability for audit and investigative purposes.
  • Ensures compliance with Criminal Justice Information Services (CJIS) security policy. Conducts regular audits and assessments of CJIS related systems and processes. Maintains documentation required for CJIS compliance and audits. Works closely with Police department stakeholders to enforce security controls. Stay current on SJIS and other applicable regulatory requirements.
  • Creates and manages a comprehensive cybersecurity awareness program. Conducts phishing simulations and track user performance. Provide targeted training to reduce user risk and improve security posture. Provides reports on training effectiveness and user compliance metrics.
  • Oversees security policy and governance leading the alignment of city security practices with the NIST Cybersecurity Framework (CSF), with focus on identify, protect, detect, respond and recover. Conduct annual security self-assessments based on NIST 800-53 and CIS Critical Security policies that govern data classification and system hardening. Participate in IT governance and strategic planning initiatives. Provides guidance on secure system architecture and design. Work with team to develop and maintain the City's Artificial Intelligence (AI) Acceptable Use Policy, ensuring that the use of Generative AI tolls complies with data privacy standards and CJIS requirements.
  • Evaluate and monitor the security posture of vendors and service providers. Participate in procurement processes to ensure security requirements are defined and enforced. Review vendor security documentation, certifications, and compliance posture. Coordinate with vendors to remediate identified risks.
  • Responsible for developing and presenting regular cybersecurity reports to IT leadership. Track and report KPIs including: phishing susceptibility rates, incident response metrics, vulnerability remediation timelines, and MFA adoption rates. Reports on penetration testing results, remediation status, and residual risk. Provides actionable recommendations to improve the City's security posture.
  • Will service as the City's primary point of contact for the Multi-State Information Sharing and Analysis Center (MS-ISAC). Will develop intelligence & external partnerships. Will monitor MS-ISAC thread advisories and vulnerabilities specifically affecting State, Local, Tribal and Territorial (SLTT) governments and coordinate proactive defenses. Will participate in the Nationwide Cybersecurity Review (NCSR) to benchmark the City's security maturity against other municipal entities. Will actively engage with the Mississippi Cyber Initiative (MCI) to leverage state-specific cybersecurity resources, including threat intelligence sharing, digital forensics support and professional development opportunities.
  • All other duties as assigned.


Knowledge Skills and Abilities:

Must possess the required knowledge, skills, abilities and experience and be able to explain and demonstrate, with or without reasonable accommodations, that the essential functions of the job can be performed.

  • Requires strong knowledge of cybersecurity principles, frameworks and best practices.
  • Demonstrates experience with Managed Detection and Response (MDR) platforms and security operations.
  • Shows proficiency in identity and access management, including MFA and conditional access.
  • Understands endpoint protection, network security and cloud security concepts.
  • Requires knowledge of vulnerability management and risk assessment methodologies.
  • Demonstrates knowledge of vulnerability management and risk assessment methodologies.
  • Demonstrates familiarity with CJIS security policy and regulatory compliance requirements.
  • Ability to analyze security events and respond to incidents effectively.
  • Strong communication skills for working with technical and non-technical stakeholders.
  • Ability to develop policies, procedures and documentation.
  • Ability to manage multiple priorities in a fast-paced environment.
  • Requires strong analytical and problem-solving skills.
  • Demonstrates familiarity with emerging AI security risks, and frameworks and their application in a municipal or law enforcement environment.


Education and Experience

Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field.  A combination of education and experience can be accepted if applicant does not have a degree, but has coursework completed in computer science, information technology, cybersecurity or related field.

Applicants must have a minimum of 3-5 years' experience in cyber security, systems administration, or network security. Applicants must have 3-5 years' experience with security monitoring, incident response, and vulnerability management. It is preferred that applicants have experience in a government or regulated environment.


Licenses of Certifications

A valid Mississippi Driver's License. Applicant will take all required National Incident Management System classes or additional classes as assigned by Director of Information Technology.

Preferred certifications include:

  • CompTIA Security+
  • CompTIA SecurityX (formerly CASP+)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Microsoft Security, Compliance, or Identity certifications
  • GIAC or equivalent security certifications


Physical Demands and Working Conditions

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

Physical requirements include occasional lifting/carrying of 10+ pounds; visual acuity, speech and hearing; hand and eye coordination and manual dexterity necessary to operate a computer keyboard and basic office equipment. Subject to sitting, standing, reaching, walking, twisting, kneeling and viewing monitors for extended periods to perform the essential functions. Working conditions are primarily inside an office environment. Primarily standard business hours; however, the role requires responsiveness to cybersecurity emergencies and on-call availability for critical incidents. Must be able to travel to local city facilities as needed for meetings, audits or other, as assigned by the Director of Information Technology.

About the Company

C

City of Gulfport