Deputy Chief Information Security Officer for Security Operations
Deputy Chief Information Security Officer for Security Operations
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Description
Deputy Chief Information Security Officer (CISO) for Security Operations (EMS 3
WaTech: Leading the way forward!
Washington Technology Solutions (WaTech) is at the forefront of integrating cuttingedge technologies that revolutionize how state services are delivered in Washington. By joining the WaTech team you contribute to assisting other state agencies in providing essential services to millions of Washingtonians daily. WaTech manages the states essential technology infrastructure enhancing governmental efficiency security and safety.
About the position
The Deputy Chief Information Security Officer (CISO) for Security Operations is one of four deputies and a key member of the leadership team in the Office of Cybersecurity. In this position you will manage the Security Operations Center (SOC) Computer Incident Response (CIRT) and vulnerability management teams to track coordinate analyze and address security issues effectively. This position plays a critical role in the statewide organization of information security and is responsible for safeguarding the states information systems and data from security threats and exposures. In this role you will be relied upon to manage enterprise security platforms and facilitate services advise WaTech state agencies and the statewide enterprise on our security direction and resource investments and administer a model to effectively manage information security incidents and risks.
Duties
Some of what to expect with this role:
- Direct and oversee the operations of the Security Operations Center (SOC) and vulnerability management teams to actively defend the state government network from cyberattacks.
- Select and implement appropriate security tools for the hybrid (onpremises and cloud) infrastructure.
- Strategically design the collection and aggregation of data to detect and respond to threats decrease false positives and improve focus on real and actionable incidents.
- Measure SOC performance metrics and report on security operations and incident management to WaTech and state agency leaders.
- Oversee the management and maintenance of security platforms tools and technologies such as intrusion detection/prevention systems (IDS/IPS) security information and event management (SIEM) systems network monitoring and endpoint detection and response (EDR) solutions.
- Coordinate with other IT and business units to integrate security controls and practices into the organizations operations.
- Direct and oversee the daytoday operations of the Computer Incident Response (CIRT) team.
- Develop and implement a comprehensive security operations strategy aligned with the states overall security objectives and risk management framework.
- Monitor and analyze threat intelligence sources to identify threats and vulnerabilities to the organizations information assets.
- Establish and maintain a robust vulnerability management program in coordination with state agencies to identify prioritize address and report the vulnerability status in a timely manner.
Heres what were looking for:
- 12 years of experience in the field of information technology. This experience includes:
- Four years of experience in managing security operations incident response and threat intelligence functions.
- Six years of recent experience in Information Security in each of the following areas:
- Supervisory experience leading technical teams.
- Developing and implementing policies and standards in a large enterprise environment.
- Assessing security threats and recommending appropriate mitigation strategies and compensating controls.
- Identifying security solutions that meet predefined regulatory/compliance requirements.
*A bachelors or masters degree in computer science Business Administration Information Security or a related field may substitute for four or six years respectively of the overall 12 years of required experience.
- Demonstrated experience in implementing and managing security technologies and tools including SIEM IDS/IPS firewalls and endpoint protection systems.
- Strong understanding of relevant laws regulations and compliance requirements and experience interpreting laws regulations and administrative rules to understand how existing and newly introduced legislation impacts the delivery and implementation of information technology security policy and standards.
- Proven experience in a senior cybersecurity leadership role.
- Demonstrated ability to assess security threats and recommend appropriate mitigation strategies quickly.
- Demonstrated ability to lead and manage complex work tasks of security and technical employees in a fastpaced operational work unit.
- Ability to lead response efforts for single or multipleentity cybersecurity incidents.
- Ability to communicate complex technical issues with technical staff customer security professionals and nontechnical senior management.
- Indepth knowledge of cybersecurity principles technologies and best practices.
- Demonstrated knowledge and ability in negotiating and managing thirdparty vendor contracts.
Preference may be granted to applicants with the following:
- A masters degree in computer science Business Administration Information Security or a related field.
- Applicable industryaccepted certifications including but not limited to:
- Certified Information Systems Security Professional (CISSP).
- Holistic Information Security Practitioner (HISP) Certified Information Security Manager (CISM).
- Certified Information Systems Auditor (CISA).
- Certified in Risk and Information Systems Controls (CRISC).
- Department of Homeland Security (DHS) secretlevel clearance.
- Ability to speak effectively and persuasively before a large audience.
- Demonstrated experience in budget development implementation and financial forecasting of information technology services.
- Demonstrated experience in project management including managing multiple projects with strong organizational and timemanagement skills.
- Demonstrated commitment to continuous learning and professional development such as participation in professional organizations (e.g. ISACA ISC2 and attendance at industry conferences.
- Previous experience in managing information technology in the government or public sector is highly desirable.
Telework:This position is approved for telework. However requires the incumbent to come onsite monthly to attend meetings and training or as needed for business purposes.
We value diversity and different perspectives:
WaTech is committed to providing equal access and opportunities to all qualified applicants and employees. We seek to attract and retain a diverse staff and welcome your experiences perspectives and unique identity.
What WaTech Offers:
As an employee of WaTech youll have access to an outstanding employee benefits package that includes medical and dental plan options for you and your family paid leave and holidays retirement plan options and more.
While WaTech is headquartered in Olympia Washington which is near some of the countrys most scenic national parkswe are able to offer many of our positions telework and flexible schedule options to help support a healthy work life balance.
To learn more about WaTech and what our employees enjoy about working here please visit our website.
How to apply:
Applications for this recruitment will be accepted electronically. Please select the large apply button at the top of this announcement. You may need to create a profile and account in Washington states automated application system. We invite you to include your name and pronouns in your material to ensure we address you correctly throughout the application process.
To be considered for this position you will need to:
- Submit your online application.
- Answerallrequired Supplemental Questions.
- Attach a Letter of Interest that addresses how your experience qualifies you for this role.
- Attach a Resume that clearly documents the work history training and education that makes you a viable and competitive candidate for this position.
- Include Three professional references and their contact information.
Applicants wishing to claim Veterans Preference should attach a copy of their DD214 (Member 4 copy) NGB 22 or signed verification of service letter from the United States Department of Veterans Affairs to their application. (Please redact any personally identifiable data such as social security number prior to submittal.
Note:Applications without the requested attachments identified above or containing supplemental question responses with comments such as see resume may lead to your application being disqualified from consideration.
Conditions of employment:
This position requires a background check. Information from the background check will not necessarily preclude employment but will be considered in determining the applicants suitability and competence to perform in the position and is a continued condition of employment.
Recruitment process:
First round of application assessments will be conducted seven days after the initial job posting date. The hiring authority reserves the right to offer the position at any time after the initial sevenday job posting date during the recruitment process. It is to the applicants advantage to apply as early as possible. This recruitment may be used to fill multiple positions.
Contact us:For inquiries about this position please contact Rebekah Wilkesat or email to
Persons requiring accommodation in the application process or for an alternative format may contact Human Resources ator . Persons of disability or those who are deaf or hard of hearing can call the Washington Relay Service by dialing 711 or. WaTech complies with the employment eligibility verification requirements of the federal Form I9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
Supplemental Information
Required Experience:
Chief
Employment Type
Full Time
