Chief Information Security Officer

Company: CTI Education Group
Location: Chelsea
Posted on: January 15, 2021

Job Description:

An Official website of the Commonwealth of Massachusetts Job Description - Chief Information Security Officer (200007ME) Job Description Chief Information Security Officer - ( 200007ME ) Description Overview A&F IT is a unit under the Executive Office for Administration & Finance (A&F) that is overseen by the A&F IT Chief Information Officer (A&F CIO). A&F IT is comprised of 186 employees working on IT systems and applications for 15 various A&F agencies. Information regarding these supported agencies is available at-- https://www.mass.gov/orgs/executive-office-for-administration-and-finance --(see section on "Related Organizations"). A&F IT is seeking a-- highly motivated, experienced professional with a background in IT to serve as its-- Chief Information Security Officer (CISO).--The CISO will be a member of A&F IT's senior team and report to the A&F CIO. The CISO will manage a staff of 5-7 individuals. The CISO will ensure the confidentiality, integrity and availability of information by communicating risk; creating and maintaining enforceable policies supporting processes; and ensuring compliance with regulatory requirements. The CISO will coordinate security-related activities with A&F IT-supported agencies. Activities include the evaluation, procurement and deployment of security-related products and the development and coordination of security awareness, disaster recovery and incident response plans. Specific responsibilities include:

• Exercising strong leadership, while ensuring resources are appropriate, have adequate tools and work in a cohesive and professional manner.
• Maintaining IT standards, documentation and support in alignment with Commonwealth IT policies and procedures.
• Implementing a security control framework across supported agencies.
• Collaborating with the Executive Office of Technology Services and Security (EOTSS) on strategic initiatives and security operations.
• Developing communication strategies and building professional relationships with security peers across the Commonwealth.
• Developing, initiating, maintaining and revising security policies and procedures.
• Monitoring emerging technologies for potential impacts to operations and long-term strategy.
• Coordinating risk management and internal audit to direct compliance issues to appropriate reviewing bodies.
• Identifying potential areas of compliance vulnerability and risk; directing the development and implementation of corrective action plans for resolution of identified issues.
• Ensuring adherence to legal standards regarding information security compliance; implementing and following industry standards and best practices for security compliance; and developing reliable, efficient and effective project development processes.
• Provide strategic and tactical advice to address existing and evolving security threats.
• In collaboration with DOR's Risk Management team, liaise with the IRS safeguards and other governing agencies in support of periodic security assessments. Qualifications The right candidate will be a strategic thinker, collaborative partner, and strong personnel manager with deep experience in IT. Strong communication and interpersonal skills and the ability to manage in a public and dynamic milieu are essential. -- Required knowledge, skills and abilities include:
  • 15 years of experience within information technology
  • 10 years of experience in information security or cyber security; with at least 5 years of exposure to various security frameworks, preferably NIST
  • 5 years of managerial, team leadership or supervisory experience in large, matrixed organizations
  • Extensive experience with policies/procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis and disaster recovery
  • Ability to supervise staff including performance appraisal, employee coaching, training, development and performance management
  • Excellent written and verbal communication skills, with a proven ability to translate security and risk to all levels of the business in technical and non-technical terms
  • Ability to develop and maintain effective working relationships with a variety of stakeholders Preferred knowledge, skills and abilities include:
    • CISSP, CISM or CISA certification, etc.
    • Government or public sector experience Qualifications MINIMUM ENTRANCE REQUIREMENTS: Applicants must have at least (A) seven (7) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in IT administration or IT management, of which (B) at least three (3) years must have been in a managerial capacity. An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply. Official Title : IT Manager IX Primary Location : United States-Massachusetts-Chelsea-200 Arlington Street Job : Information Systems and Technology Agency : Exec Office of Administration and Finance Schedule : Full-time Shift : Day Job Posting Number of Openings : 1 Salary : 92,077.00 - 158,277.00 Yearly If you have Diversity, Affirmative Action or Equal Employment Opportunity questions or need a Reasonable Accommodation, please contact Diversity Officer / ADA Coordinator : Allan Motenko - 6176263410

Keywords: CTI Education Group, Chelsea , Chief Information Security Officer, Executive , Chelsea, Massachusetts