Chief Information Security Officer (CISO)

About The Position

Requirements

• Bachelor’s degree in information technology, information security, cybersecurity, computer science, or a related field; or equivalent combination of education and experience.
• Demonstrated experience in information security, cybersecurity, or IT risk management within a complex organizational environment.
• Experience developing, implementing, or overseeing information security policies, standards, and procedures.
• Working knowledge of cybersecurity risk management, incident response, and regulatory compliance requirements.
• Ability to communicate cybersecurity risks and recommendations clearly to executive leadership and non-technical stakeholders.
• Experience coordinating security activities across multiple teams or functional areas.
• Supervisory or leadership experience over technical or professional staff.
• Experience supporting audits, assessments, or regulatory reviews.
• This position requires travel. As such, the incumbent must be able to present a valid driver’s license or another form of reliable transportation.
• Regular and reliable attendance required.

Nice To Haves

• Demonstrated experience leading an enterprise-level cybersecurity or information security program.
• Experience working in a public-sector, regulated, or highly complex organizational environment.
• Experience advising executive leadership on cybersecurity risk, governance, and investment decisions.
• Knowledge of recognized cybersecurity frameworks and standards (e.g., NIST, ISO, CIS).
• Experience managing or overseeing security incident response, audits, or regulatory compliance activities.
• Experience with cloud security, third-party/vendor risk management, and modern IT environments.
• Strong background in developing security policies, standards, and governance structures.
• Experience leading cross-functional teams and coordinating with legal, risk, privacy, and operations stakeholders.
• Professional cybersecurity or risk management certifications (e.g., CISSP, CISM, CRISC) preferred.
• Advanced degree in information security, information technology, risk management, or a related field

Responsibilities

• Enterprise Cybersecurity Strategy & Governance: Develops, implements, and maintains the agency’s enterprise information security strategy, policies, standards, and governance framework aligned with business and mission objectives.
• Risk Management & Compliance: Leads cybersecurity risk assessments, vulnerability management, and compliance with applicable federal, state, and regulatory security requirements; oversees audits and corrective action plans.
• Incident Response & Operational Resilience: Directs cybersecurity incident response, threat mitigation, and coordination of business continuity and disaster recovery efforts to minimize operational impact and ensure rapid recovery.
• Executive Advisement & Reporting: Provides regular briefings and advisement to the Director and executive leadership on cybersecurity posture, risks, trends, and investment needs; supports informed decision-making.
• Security Program Management & Oversight: Oversees security operations, tools, and initiatives, including coordination with IT, network, and operations teams to ensure effective implementation of security controls.
• Security Awareness, Training & Vendor Risk: Leads agency-wide security awareness and training programs and manages third-party and vendor security risk to ensure protection of agency data and systems.
• Other duties as assigned and within the scope of the classification.

Benefits

• 13 paid holidays
• Vacation and sick leave that begin accruing immediately
• Military leave
• 156% (that's not a typo!) state-matched retirement
• Tuition reimbursement
• Employee assistance program
• 79% employer paid health insurance plans
• Dental and vision insurance plans
• Employer-paid $20,000 life insurance policy
• Public Service Loan Forgiveness Program (PSLF) through the Federal government
• Wide variety and availability of career advancement as the largest and most diverse employer in the State
• Opportunity to be part of meaningful work and make a difference through public service
• Training and Development based on your career aspirations
• Fun, inviting teammates
• A safe and secure environment