IT Security Manager

Job Description

Essential Functions

• Own and operate the Revenue IT GRC program, including risk management processes, governance structures, and compliance tracking
• Establish and maintain a centralized risk register, including identification, prioritization, and escalation of risks to leadership
• Develop, implement, and maintain security policies, standards, and procedures aligned to organizational needs and regulatory requirements
• Define and enforce governance processes, including clear ownership, accountability, and escalation paths across teams and vendors
• Lead security-related risk assessments and partner with system owners to define and track mitigation strategies
• Coordinate and manage internal and external audits, including documentation, response tracking, and remediation follow-up
• Work with vendors and internal teams to ensure accountability for security controls, deliverables, and knowledge transfer
• Communicate security risks, priorities, and program status to leadership in a clear and actionable manner
• Build structure in areas with limited process, ensuring consistency and transparency across security-related activities
• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate risks
• Develop and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).   
• Respond to security incidents and implement corrective actions.
• Partner with the City’s Security Team to ensure City policies are applied throughout Revenue.
• Participate in security audits and compliance reviews.
• Communicate security-related information effectively to both technical and non-technical audiences, performs miscellaneous job-related duties as assigned.
• Coach teams on risk ownership and control implementation; develop a culture of accountability and transparency

Qualifications

Qualifications (Education and Experience)

• Minimum of 2 years of experience in information security, with a focus on governance, risk, and compliance
• Demonstrated experience owning or leading GRC processes, including risk management, policy development, and governance
• Experience developing and implementing security policies, standards, and procedures
• Experience conducting risk assessments and managing risk through formal tracking and escalation processes
• Experience working with regulatory frameworks such as NIST, IRS Pub 1075, or similar (framework-agnostic experience acceptable)
• Experience coordinating audits and managing remediation efforts
• Experience working across business and technical teams to drive alignment and accountability
• Prior management or team leadership experience preferred

Competencies, Knowledge, Skills and Abilities

• Strong ability to build and operate structured programs in environments with limited existing process
• Demonstrated experience defining ownership and driving accountability across teams without direct authority
• Ability to translate technical risk into clear business impact and communicate effectively with leadership
• Experience working in complex environments with multiple stakeholders, including vendors and external partners
• Comfort operating in ambiguity and establishing clear direction and priorities
• Strong organizational and operational discipline, with a focus on documentation, tracking, and follow-through

Additional Information

Salary Range: $115,000 - $125,000 

Salary cannot exceed $125,000.

All applications should include the following: 
•    Cover Letter clarifying your interest and qualifications for the role.
•    Resume
We won’t accept or review incomplete applications.

Work Setting: in-person (onsite)

Discover the Perks of Being a City of Philadelphia Employee:
•    We offer Comprehensive health coverage for employees and their eligible dependents
•    Our wellness program offers eligibility into the discounted medical plan
•    Employees receive paid vacation, sick leave, and holidays
•    Generous retirement savings options are available
•    Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness.
•    Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails.
•    Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too!
Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth!

*The successful candidate must be a city of Philadelphia resident within six months of hire

Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated.

The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to [email protected].