• Leads day-to-day cybersecurity operations for the Town, ensuring effective monitoring, detection, response, and recovery activities.
• Provide technical leadership and guidance to the Information Security team, and supporting a high-performing environment.
• Serves as an incident response lead and may act as incident commander during cybersecurity events based on availability and incident scope.
• Participates in on-call rotations and responds to after-hours security incidents affecting Town systems.
• Coordinates cybersecurity response and recovery efforts for Police, Fire, and other mission-critical and life-safety systems.
• Ensures compliance with CJIS security requirements, supports audits, and implements required safeguards and corrective actions.
• Support and drives the operational management of security technologies, including SIEM, EDR, vulnerability management, identity and access management, email security, cloud security platforms, and related tools.
• Conducts security investigations, forensic analysis, and containment actions in coordination with IT, public safety, legal, and executive leadership.
• Reviews and implements security controls and technical safeguards under the strategic direction of the CISO.
• Provides architectural input on infrastructure, application, and cloud initiatives to ensure security is integrated into Town technology solutions.
• Develops and refines operational security procedures, playbooks, and documentation.
• Designs, implements, manages, and reviews network security controls, including firewalls, access control lists (ACLs), and network segmentation, to protect enterprise and public safety systems.
• Administers identity and access management controls, including multi-factor authentication (MFA), single sign-on (SSO), and privileged access mechanisms, across on-premises and cloud environments.
• Reviews and approves firewall rules, access policies, and identity configurations to ensure alignment with security standards, CJIS requirements, and operational needs.
• Conducts operational security simulations and exercises to test response effectiveness and improve readiness.
• Represents information security in cross-departmental technical meetings and project initiatives.
• Supports emergency operations, including participation in the Emergency Operations Center (EOC) during declared incidents.
• Leads cybersecurity operations, risk management, and incident response activities for industrial control systems and operational technology (OT), including SCADA environments supporting Town utilities and other critical services, in coordination with Utilities, Public Works, and public safety stakeholders.
• Performs related duties as assigned.

Knowledge of:

• Enterprise cybersecurity principles, frameworks, and best practices.
• Incident response, threat detection, and digital forensics methodologies.
• Security controls for cloud, on-premises, and hybrid environments.
• CJIS security requirements and public-sector regulatory obligations.
• Network security architectures, including firewalls, access control lists (ACLs), network segmentation, and secure connectivity models.
• Identity and access management principles, including MFA, SSO, conditional access, and privileged access management in enterprise and cloud environments.
• Security operations tooling and platforms.
• Cybersecurity principles, risk management practices, and threat mitigation strategies applicable to industrial control systems (ICS), operational technology (OT), and SCADA environments supporting critical infrastructure.
• Risk management concepts and applied security architecture.

Skill in:

• Directing technical security operations and incident response activities.
• Bringing deep technical knowledge to the team
• Analyzing complex security incidents and coordinating effective responses.
• Implementing and managing security technologies.
• Designing, configuring, and maintaining firewall policies, access controls, and identity-based security solutions.
• Evaluating and improving access control effectiveness across users, systems, applications, and cloud services.
• Assessing and mitigating cybersecurity risks in SCADA and OT environments and coordinating incident response activities across IT, utilities, public safety, and executive stakeholders without disrupting operational safety or service continuity.
• Communicating technical risk and response actions to technical and non-technical audiences.

Ability to:

• Operate effectively in high-pressure, mission-critical situations.
• Balance operational autonomy with executive oversight.
• Prioritize security work based on risk, impact, and resource availability.
• Work collaboratively across departments, including Police and Fire.

Any combination of education and experience equivalent to graduation from a four-year college or university with a bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Computer Engineering, or related field; and a minimum of seven (7) years of experience in an Information Technology role, including at least five (5) years in cybersecurity, systems engineering, network engineering, application engineering, or a related security field.

Additionally, CISSP or CISM is required (or able to obtain within 6 months of start of employment).

PREFERRED QUALIFICATIONS:

• Additional advanced cybersecurity certifications including GIAC certifications (e.g., GSEC, GCED, GCIA, GCED, GCIH), cloud security certifications (e.g., CCSP, Azure Security Engineer, AWS Security Specialty), or other recognized enterprise security credentials.
• Demonstrated technical experience may be considered in lieu of certifications.

PHYSICAL REQUIREMENTS:Must be able to perform work requiring extended periods of sitting, standing, and computer use. Must be able to respond onsite during emergencies and access secure facilities, including data centers and public safety environments. Able to lift up to 35lbs

SPECIAL REQUIREMENTS:

• Requires drug testing and background check (which may include criminal check, education verification, and credit history review) prior to employment.
• Must be eligible for and able to maintain CJIS access and certification.
• Participation in on-call rotations and emergency response activities is required.
• Requires possession of a valid driver’s license with an acceptable driving record.