Chief Information Security Officer 1
Under the general direction of the Chief Risk Management Officer, the incumbent represents the agency's interests with respect to the security of its information and information systems and has a senior advisory role in decisions affecting information security and assurance. Duties include:
o Coordinates agency development, deployment and maintenance of information security architecture, policies, standards, and procedures in accordance with State and agency information security policies. o Maintains knowledge of agency IT systems and potential risks to such systems, including development of information security and risk mitigation solutions for those systems. o Monitors information security compliance and recommends improvements to control access to agency information assets and ensure security safeguards are maintained. o Directs the development and implementation of the agency's information security risk management program and determines the level of security controls required to protect information technology and information assets. o Reviews threat and vulnerability reports and create detailed Action Plans to address risks. o Works with third-party contractors to ensure compliance with information security requirements. o Develops effective disaster recovery policies and standards; coordinates the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a disaster and provides direction and in-house consulting in these areas. o Coordinates agency technical efforts in response to information and system security compliance reviews or audits performed by external regulatory organizations or auditors. o Coordinates with ITS and applicable investigatory entities in the investigation of alleged information security violations. o Maintains awareness of IT/ Security industry trends, evaluate new solutions and techniques, and remain aware of emerging threats. Preferred Skills:
o Master's degree in information technology or information security. o Minimum of two years of cyber security experience. o CISM, CISA, CISSP or other equivalent security certification. o Experience in project management or relevant experience coordinating large IT projects. o Strong written and oral communication skill, including the production of technical specifications and documentation, and the ability to translate technical information into plain language.
Job Function
Under the general direction of the Chief Risk Management Officer, the incumbent represents the agency's interests with respect to the security of its information and information systems and has a senior advisory role in decisions affecting information security and assurance. Duties include:
o Coordinates agency development, deployment and maintenance of information security architecture, policies, standards, and procedures in accordance with State and agency information security policies. o Maintains knowledge of agency IT systems and potential risks to such systems, including development of information security and risk mitigation solutions for those systems. o Monitors information security compliance and recommends improvements to control access to agency information assets and ensure security safeguards are maintained. o Directs the development and implementation of the agency's information security risk management program and determines the level of security controls required to protect information technology and information assets. o Reviews threat and vulnerability reports and create detailed Action Plans to address risks. o Works with third-party contractors to ensure compliance with information security requirements. o Develops effective disaster recovery policies and standards; coordinates the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a disaster and provides direction and in-house consulting in these areas. o Coordinates agency technical efforts in response to information and system security compliance reviews or audits performed by external regulatory organizations or auditors. o Coordinates with ITS and applicable investigatory entities in the investigation of alleged information security violations. o Maintains awareness of IT/ Security industry trends, evaluate new solutions and techniques, and remain aware of emerging threats. Preferred Skills:
o Master's degree in information technology or information security. o Minimum of two years of cyber security experience. o CISM, CISA, CISSP or other equivalent security certification. o Experience in project management or relevant experience coordinating large IT projects. o Strong written and oral communication skill, including the production of technical specifications and documentation, and the ability to translate technical information into plain language.
Salary Range:
From $91365 to $115490 Annually
Minimum Qualification
Bachelor's degree and five years of information technology experience, including three years of information security or information assurance experience. Substitution:
Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience. This is a newly classified position and the jurisdictional class assignment (non-competitive) is still pending approval. As such, the incumbent will serve temporary in the position until the jurisdictional class is approved. At that time, the incumbent's status can change to permanent.Estimated Salary: $20 to $28 per hour based on qualifications.
o Coordinates agency development, deployment and maintenance of information security architecture, policies, standards, and procedures in accordance with State and agency information security policies. o Maintains knowledge of agency IT systems and potential risks to such systems, including development of information security and risk mitigation solutions for those systems. o Monitors information security compliance and recommends improvements to control access to agency information assets and ensure security safeguards are maintained. o Directs the development and implementation of the agency's information security risk management program and determines the level of security controls required to protect information technology and information assets. o Reviews threat and vulnerability reports and create detailed Action Plans to address risks. o Works with third-party contractors to ensure compliance with information security requirements. o Develops effective disaster recovery policies and standards; coordinates the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a disaster and provides direction and in-house consulting in these areas. o Coordinates agency technical efforts in response to information and system security compliance reviews or audits performed by external regulatory organizations or auditors. o Coordinates with ITS and applicable investigatory entities in the investigation of alleged information security violations. o Maintains awareness of IT/ Security industry trends, evaluate new solutions and techniques, and remain aware of emerging threats. Preferred Skills:
o Master's degree in information technology or information security. o Minimum of two years of cyber security experience. o CISM, CISA, CISSP or other equivalent security certification. o Experience in project management or relevant experience coordinating large IT projects. o Strong written and oral communication skill, including the production of technical specifications and documentation, and the ability to translate technical information into plain language.
Job Function
Under the general direction of the Chief Risk Management Officer, the incumbent represents the agency's interests with respect to the security of its information and information systems and has a senior advisory role in decisions affecting information security and assurance. Duties include:
o Coordinates agency development, deployment and maintenance of information security architecture, policies, standards, and procedures in accordance with State and agency information security policies. o Maintains knowledge of agency IT systems and potential risks to such systems, including development of information security and risk mitigation solutions for those systems. o Monitors information security compliance and recommends improvements to control access to agency information assets and ensure security safeguards are maintained. o Directs the development and implementation of the agency's information security risk management program and determines the level of security controls required to protect information technology and information assets. o Reviews threat and vulnerability reports and create detailed Action Plans to address risks. o Works with third-party contractors to ensure compliance with information security requirements. o Develops effective disaster recovery policies and standards; coordinates the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a disaster and provides direction and in-house consulting in these areas. o Coordinates agency technical efforts in response to information and system security compliance reviews or audits performed by external regulatory organizations or auditors. o Coordinates with ITS and applicable investigatory entities in the investigation of alleged information security violations. o Maintains awareness of IT/ Security industry trends, evaluate new solutions and techniques, and remain aware of emerging threats. Preferred Skills:
o Master's degree in information technology or information security. o Minimum of two years of cyber security experience. o CISM, CISA, CISSP or other equivalent security certification. o Experience in project management or relevant experience coordinating large IT projects. o Strong written and oral communication skill, including the production of technical specifications and documentation, and the ability to translate technical information into plain language.
Salary Range:
From $91365 to $115490 Annually
Minimum Qualification
Bachelor's degree and five years of information technology experience, including three years of information security or information assurance experience. Substitution:
Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year-for-year basis; an associate's degree requires an additional two years of information technology, information security, or information assurance experience. Experience solely in information security or information assurance may substitute for the general information technology experience. This is a newly classified position and the jurisdictional class assignment (non-competitive) is still pending approval. As such, the incumbent will serve temporary in the position until the jurisdictional class is approved. At that time, the incumbent's status can change to permanent.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
