Provide strategic oversight, direction, and coordination for City of Phoenix information security and privacy programs based on internationally recognized information security governance best practices. Directs Information Security and Privacy Office (ISPO). Duties include drafting, vetting and implementing information security and privacy policies, standards, and standard operating procedures for 15,000 plus employees. Responsible and accountable for critical control system security program oversight to include recommendation and implementation of approved citywide critical control system policy based on industry best practices, federal and state regulations, legal requirements, and line-of-business needs. Serves as the primary liaison between City Departments, the Office of Emergency Management, and Arizona Counter Terrorism Information Center (ACTIC) relative to critical controls security. Spearheads City's Payment Card Industry Data Security Standards (PCI DSS) strategic assessment and remediation for 26 functional Departments processing $200 million plus transactions annually.
As Chief Privacy Officer (CPO) responsible for coordination and oversight of City’s Information Management Plans. Duties include monitoring security and privacy trends; coordinating with City Attorney and Deputy City Manager; and collaborating with government and private sector critical infrastructure key resource (CIKR) partners on security and privacy related initiatives. Direct all actions to investigate or remediate a privacy breach.