Deputy Information Services Director

Government agencies depend on technology for nearly everything they do — processing permits, managing benefits claims, maintaining records, communicating with the public, and running financial systems. The Deputy Information Services Director is responsible for keeping all of that running and for making it better.

The role operates at the intersection of technology operations and organizational management. On any given day, a Deputy Director at a large county might review a cyber incident report from the previous night, chair a vendor review for a cloud storage renewal, meet with the county administrator's office about a new digital permitting initiative, and handle an escalation where a department director's staff can't access a critical application. The technical content is real but the job is fundamentally about judgment and communication, not hands-on system administration.

Security has become the dominant operational concern at most government agencies. Ransomware attacks on local governments — which lock or encrypt critical data and sometimes expose personally identifiable information — have become frequent enough that virtually every government IT leader now treats security posture as a core management priority. This means running regular vulnerability assessments, managing patching discipline, training staff on phishing recognition, and maintaining incident response plans that actually work.

Budget management is a persistent constraint. Government IT purchases require competitive procurement processes that can add months to a timeline. Legacy systems that should be replaced often persist because replacement budgets haven't been approved. A significant part of the Deputy Director's job is making the case to non-technical leadership for technology investment — translating security risks and operational inefficiencies into language that resonates with finance and executive teams.

Education:

• Bachelor's degree in computer science, information systems, information technology, or a related technical field (required)
• Master's degree in information systems, MPA, or MBA (preferred for senior leadership roles)
• Relevant certifications carry significant weight where advanced degrees are absent

Certifications (valued):

• CISSP (Certified Information Systems Security Professional) for cybersecurity-focused roles
• PMP (Project Management Professional) for capital project-heavy agencies
• CISM (Certified Information Security Manager) — increasingly common in government IT leadership
• CompTIA Security+, ITIL Foundation — standard technical literacy baselines
• CGCIO (Certified Government Chief Information Officer) from PTI or equivalent state programs

Experience:

• 10–15 years in IT with at least 4–6 years in an IT management role
• Experience managing vendors and technology contracts in a government procurement environment
• Direct experience with cybersecurity program management or major ERP/enterprise system projects

Technical knowledge required:

• Infrastructure: enterprise networks, server environments, cloud platforms (Azure, AWS GovCloud), storage systems
• Security: NIST CSF, FISMA compliance, vulnerability management, incident response planning
• Enterprise applications: ERP systems (Tyler Technologies Munis, Oracle PeopleSoft, SAP Public Sector are common), GIS, permitting software
• Project management: structured delivery of multi-year technology programs with governance reporting to elected or appointed bodies

Management capabilities:

• Building and retaining technical teams in a compensation-constrained environment
• Translating complex technology issues into clear risk and investment decisions for non-technical executives

Government IT leadership is a field with growing demand and significant talent constraints. The number of people who combine technical depth, management skill, government procurement experience, and the ability to communicate effectively with elected officials is genuinely limited — which means experienced professionals at this level have strong negotiating position and good job security.

The cybersecurity threat environment has elevated the profile and urgency of government IT leadership. Ransomware attacks on state and local governments — including high-profile incidents affecting large county and municipal systems — have made technology risk a board-level and elected official-level concern in a way it wasn't five years ago. This increased visibility comes with more resources and more accountability.

Federal investment in state and local technology modernization has also expanded the available capital. Programs through CISA, the FCC's E-Rate program, and various infrastructure funding streams have put technology dollars in front of local governments that previously couldn't fund basic infrastructure upgrades. Managing those funds compliantly and strategically is a skill set that experienced Deputy Directors bring.

Compensation has been improving but remains below private sector equivalents in most markets. Large counties and state agencies in competitive metro areas have made meaningful salary adjustments to retain technology leadership. Smaller agencies face persistent difficulty competing with private sector offers for technical staff.

For Deputy Directors who develop strong reputations, career paths lead to CIO or CTO positions at larger agencies, state chief information officer roles, federal IT leadership, and transition to government technology consulting or vendor-side government relations. The experience of managing technology programs under public scrutiny is valued in the broader market.

Dear [Director Name],

I am applying for the Deputy Information Services Director position at [Agency]. I have 13 years of IT experience in government settings, the last five as IT Operations Manager at [County/Agency], where I oversee infrastructure, security, and application support for a 1,200-employee county government with a $6.8M annual IT budget.

The most relevant experience I bring to this role is cybersecurity program management. Two years ago we were operating with no formal vulnerability management process and significant gaps in our patching discipline. I built a program from the ground up — adopted the NIST CSF, contracted a third-party penetration test, and used the findings to develop a prioritized remediation roadmap. Within 18 months we had reduced our critical and high vulnerabilities by 74% and established monthly patch cycle compliance reporting to the County Administrator. When CISA released their Known Exploited Vulnerabilities catalog, we were already operating a process that could incorporate it.

I also have direct experience managing a major ERP implementation — a Tyler Technologies Munis conversion that affected Finance, HR, and Payroll. That project ran over schedule by four months but was delivered without the data loss or payroll disruption that had affected peer counties on similar implementations. I attribute that to the data migration validation process we ran in parallel with the vendor's testing.

I am drawn to [Agency]'s emphasis on digital service delivery modernization, and I would welcome the opportunity to discuss how my experience in legacy system management and security program development would support that work.

Thank you for your consideration. [Your Name]