Chief Information Security Officer - Career Executive

Chief Information Security Officer - Career Executive Organization:

State of Wisconsin

Madison, WI

About the job

Introduction

The Department of Workforce Development is currently seeking a candidate for their Chief Information Security Officer (CISO) vacancy! The CISO is responsible for developing and implementing a department-wide information security program ensuring confidentiality, integrity, and availability of on-premise and cloud enterprise systems data, and technology assets. The position is responsible for maintaining collaboration and coordination within the department, with our partner state agencies, local governments, Wisconsin tribes, and educational entities.

Seasoned IT professionals with a background and a passion for cybersecurity and risk management are encouraged to apply.

The Department of Workforce Development (DWD) offers interesting and meaningful work with an employee-friendly work environment, work-life balance, a casual office environment, flexibility, and many opportunities to grow your skills.

Position Summary

Under the general direction of the DWD CIO & Bureau Director of the Bureau of Information Technology Services (BITS), this position serves as the agency Chief Information Security Officer (CISO) and oversees agency's IT security program in support of the agency’s strategic business plan.

This position leads the agency in the developing and maintaining a defensible security program consisting of policies, procedures, standards and controls that protect agency's data, systems, and resources, while balancing this with the ease of staff and stakeholder access to sensitive information and the efficient use of computer systems. This position champions a risk-aware culture to help safeguard agency's information by applying people, processes, and technologies to minimize IT security, cybersecurity risk and foster IT security and cybersecurity awareness.

This position will have the option of working remotely upon agreement of the supervisor but may be asked to come into the office periodically. In the event of an emergency, this position is required to be onsite at the GEF1 headquarters within approximately one hour of notification. This schedule may change based on operational needs and organizational requirements.

Job Details

Remote work:
Employees with approved remote and hybrid-remote work arrangements are generally expected to work within the state of Wisconsin. High-speed internet access is required to meet the needs of remote work. Remote work options are subject to change.

Criminal histories:
We consider all qualified applicants with criminal histories, consistent with applicable federal, state, and local law. Finalists for this position may be required to allow DWD to conduct a background check or other checks to determine whether the circumstances of any conviction may be related to the job being filled. This position will have access to sensitive federal tax information and FBI fingerprinting will also be required.

Eligibility to work in United States:
Applicants must be legally entitled to work in the United States (i.e. a US citizen or national or a lawful permanent resident) at the time of appointment. DWD does not sponsor visas and is not an eligible OPT employer for those with F1 visas. This is not a contract position. Any appointment made will be contingent on the applicant completing the I-9 upon hire.

Qualifications It is very important that you specify your experience for the qualifications that are marked with asterisks (*) and include applicable certifications in your letter and resume, as these qualifications and certifications will be evaluated in the first step of the selection process. Additional qualifications, including certifications, may be evaluated in subsequent steps.

• * Progressive and extensive experience in IT, such as information security, cloud security, IT risk management, or cybersecurity operations
• * Direct and practical experience working with common information security management frameworks, such as ISO/IEC 27001, and NIST 800-53, and similar regulatory compliance standards
• * Experience in various cybersecurity domains such as incident response, vulnerability management, regulatory compliance reviews, and creation of security awareness training
• * Experience communicating cybersecurity and risk-related concepts to technical and nontechnical audiences at various levels, ranging from senior executives to technicians
• Ability to adapt to and implement change
• Excellent decision-making skills
• Building and maintaining relationships with a variety of internal and external stakeholders
• Staying abreast and informed of latest cybersecurity threats and trends
• * Experience in leadership roles in information security or cybersecurity operations is preferred
• * Bachelor's degree, preferably in Computer Science, Information Security or a related field
• * Security/Risk certification such as…