Class Summary

Position Description: As a Security Compliance Administrator, you will be responsible for assisting the Cybersecurity Division with day-to-day information security risk and compliance monitoring activities, executing vendor due diligence activities specific to areas within cybersecurity, and exploring opportunities within the organization to enhance the County’s security posture.

Roles and Responsibilities:

• Serve as a Regulatory Compliance subject matter expert, supporting ongoing compliance activities across applicable Regulations and Standards (e.g. PCI, HIPAA, CJIS, FISMA etc.)
• Understand the vendor lifecycles to develop a managed program that includes vetting potential vendors, interacting with requesting business stakeholders, and completing focused risk questionnaires, to ensure proper risk rankings
• Collaborate with Business Strategic Services to drive optimization and innovation while providing ongoing visibility into vendor security practices, ensuring all new technologies, systems, or processes are compliant with County standards and regulatory compliance
• Perform internal Security Risk Assessments for existing technologies, systems, and applications provided/supported by vendors

Essential Duties:

• Evaluate and implement Vendor Risk Management (VRM) tools to support the assessment, monitoring and management of risk exposure from third-party entities that- currently provide products and services, or have access to enterprise information
• Assist Purchasing and Law in reviewing vendor contracts to ensure that security requirements are consistent and contract verbiage is acceptable
• Collaborate and build relationships with key IT, Security, and core business partners to enable continued security education and awareness around the development of secure architectures

Effective 4/11/2023, this position is eligible for the Employee Referral Program.

Minimum Experience:

• Bachelor's degree in a computer science, information systems, auditing, management, or related field.
• Seven years of progressively responsible, professional experience in cybersecurity.
• Valid driver’s license.

An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above.

Preferred Experience:

• Minimum 5 years of experience directly working with IT security compliance and/or audit
• Minimum 2 years of experience performing reviews of vendors, systems, or solutions as part of an internal risk assessment, procurement process, or other program
• Minimum 2 years of experience in procurement and vendor risk management drafting, revising and reviewing contracts, Service Level Agreements, Master Service Agreements and Statements of Work
• Possess strong working knowledge of information security standards and frameworks (NIST, ISO, CSF, CIS, SOC, etc.)
• Certified Risk Management Professional (CRMP) certification preferred
• Certified Regulatory and Compliance Professional (CRCP) certification preferred
• Audit Certification preferred (CIA, CISA, CISM, CFE, CGAP etc.)
• Experience working with outsourced organizations and third-party vendors preferred
• Experience working with other teams to create new processes and procedures to meet security and compliance requirements
• Experience performing reviews of user access permissions
• Ability to handle multiple tasks under tight deadlines
• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
• Project management process, tools, and techniques
• Knowledge of technology trends and developments
• Must be a critical thinker with strong problem-solving skills
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
• Excellent presentation and facilitation skills

Availability Requirements:
Monday – Friday (8AM-5PM) onsite. After 90 days, a regular telecommute day may be permitted based on employee performance.

On-call and holiday: The SOC rotates on-call status in 1 week intervals among the team. All SOC members are expected to be active during a significant incident regardless of on-call status.

The Grade for this position is D61(1). Salary will be based on qualifications and experience.

This job requires a public safety background check to include thorough motor vehicle histories, criminal histories, and fingerprinting.

NOTE: The class specifications listed on this site are not the official class specifications for Gwinnett County and are subject to change.

Additional Information

Additional Information

About Gwinnett County

Welcome to Gwinnett County — one of America's fastest-growing counties for the past 20 years. Our dynamic and exciting county combines the best of big-city living with the comforts of the suburbs.

The county's population in 2000 was about 588,448 and we’ve only continued to grow since then, with the population expected to reach one million by the year 2022.

Gwinnett has many advantages, beginning with its location and road system. The county is just 45 minutes from Hartsfield-Jackson Atlanta International Airport and 30 minutes from downtown Atlanta. Thanks to this location, 80 percent of the U.S. population is within a two-hour flight. Georgia Highway 316 has been extended to Athens, reducing travel time to the University of Georgia to 25 minutes. Gwinnett's infrastructure includes more than 2,750 miles of roadways to provide excellent mobility for our residents.

The County Administrator and County Attorney are appointed by the Board of Commissioners and serve at its pleasure. To implement the Board's policy directives, the County Administrator uses a management team consisting of members of his immediate staff and 14 department directors. The 14 departments that make up the executive side are Police Services, Fire and Emergency Services, Corrections, Communications, Support Services, Financial Services, Community Services, Human Resources, Information Technology Services, Law, Planning and Development, Water Resources, Child Advocacy & Juvenile Services, and Transportation. Each department is run by a director who is charged with managing operations in a manner which stresses the County’s values.

In addition to the executive side of County government, certain services are provided through Constitutional officers and independent elected officials. These external offices are created by the Georgia Constitution or through state law. In Gwinnett, they include the Sheriff, Tax Commissioner, District Attorney, Solicitor, Probate Court Judge, and Chief Magistrate.

Vision
Gwinnett is the preferred community where everyone thrives!

Mission
Gwinnett proudly supports our vibrantly connected community by delivering superior services.

Values

Integrity: We believe in being honest, building trust, and having strong moral principles.

Accountability: We believe in stewardship, transparency, and sustainability.

Equity: We believe in fairness and respect for all.

Inclusivity: We believe in engaging, embracing, and unifying our communities.

Innovation: We believe in continual adaptation of technology, process, and experience.

Hiring Process

• Hiring Process
• FAQs

Our Benefits program is designed to support every aspect of our employees’ lives, from physical and emotional to social and financial.

Along with their salary, employees receive a variety of comprehensive benefits as part of their total compensation.

On average, our employees’ benefits are worth 48 percent of their base salary!

In other words, employees would spend nearly half of their pay to purchase these benefits on their own. For employees’ medical premium alone, the County contributes an average of 91 percent of the cost!


Health

• Medical plans for active and retired employees
• Dental and vision plans
• Prescription drug plan

Wellness

• Onsite Employee Wellness Center
• 24/7 Employee Assistance Program (EAP)
• Immunizations
• Wellness education and incentive programs
• Annual wellness fair

Family and Career

• Training and professional development opportunities
• Family planning benefits
• Four weeks of paid parental leave

Time

• Annual/Sick Leave
• 12 paid holidays per calendar year
• 1 paid floating holiday per calendar year

Money

• Flexible spending accounts for medical and dependent care
• Health Reimbursement Arrangement (HRA) available
• Health Savings Account (HSA) available
• Retirement and Savings Plans
• 401(a) Defined Contribution
• 457 (b) Deferred Compensation
• Longevity pay
• Tuition reimbursement
• Financial education programs

Protection

• Basic, optional, and dependent life insurance
• Short-term and long-term disability
• Critical illness and accident insurance
• Hospital indemnity insurance
• Identity theft protection

To learn more about the Benefits offered at Gwinnett County