Chief Information Security Officer

Chief Information Security Officer - Career Executive The experience expected from applicants, as well as additional skills and qualifications needed for this job are listed below. Organization: State of Wisconsin Location: Madison, WI Description: About the job Introduction The Department of Workforce Development is currently seeking a candidate for their Chief Information Security Officer (CISO) vacancy The CISO is responsible for developing and implementing a department-wide information security program ensuring confidentiality, integrity, and availability of on-premise and cloud enterprise systems data, and technology assets. The position is responsible for maintaining collaboration and coordination within the department, with our partner state agencies, local governments, Wisconsin tribes, and educational entities. Seasoned IT professionals with a background and a passion for cybersecurity and risk management are encouraged to apply. The Department of Workforce Development (DWD) offers interesting and meaningful work with an employee-friendly work environment, work-life balance, a casual office environment, flexibility, and many opportunities to grow your skills. Position Summary Under the general direction of the DWD CIO & Bureau Director of the Bureau of Information Technology Services (BITS), this position serves as the agency Chief Information Security Officer (CISO) and oversees agency's IT security program in support of the agency’s strategic business plan. This position leads the agency in the developing and maintaining a defensible security program consisting of policies, procedures, standards and controls that protect agency's data, systems, and resources, while balancing this with the ease of staff and stakeholder access to sensitive information and the efficient use of computer systems. This position champions a risk-aware culture to help safeguard agency's information by applying people, processes, and technologies to minimize IT security, cybersecurity risk and foster IT security and cybersecurity awareness. Qualifications: This position will have the option of working remotely upon agreement of the supervisor but may be asked to come into the office periodically. In the event of an emergency, this position is required to be onsite at the GEF1 headquarters within approximately one hour of notification. This schedule may change based on operational needs and organizational requirements. Job Details Remote work: Employees with approved remote and hybrid-remote work arrangements are generally expected to work within the state of Wisconsin. High-speed internet access is required to meet the needs of remote work. Remote work options are subject to change. Criminal histories: We consider all qualified applicants with criminal histories, consistent with applicable federal, state, and local law. Finalists for this position may be required to allow DWD to conduct a background check or other checks to determine whether the circumstances of any conviction may be related to the job being filled. This position will have access to sensitive federal tax information and FBI fingerprinting will also be required. Eligibility to work in United States: Applicants must be legally entitled to work in the United States (i.e. a US citizen or national or a lawful permanent resident) at the time of appointment. DWD does not sponsor visas and is not an eligible OPT employer for those with F1 visas. This is not a contract position. Any appointment made will be contingent on the applicant completing the I-9 upon hire. Qualifications It is very important that you specify your experience for the qualifications that are marked with asterisks (*) and include applicable certifications in your letter and resume, as these qualifications and certifications will be evaluated in the first step of the selection process. Additional qualifications, including certifications, may be evaluated in subsequent steps. You Will Need to Have Training And/or Experience In *Progressive and extensive experience in IT, such as information security, cloud security, IT risk management, or cybersecurity operations *Direct and practical experience working with common information security management frameworks, such as ISO/IEC 27001, and NIST 800-53, and similar regulatory compliance standards *Experience in various cybersecurity domains such as incident response, vulnerability management, regulatory compliance reviews, and creation of security awareness training *Experience communicating cybersecurity and risk-related concepts to technical and nontechnical audiences at various levels, ranging from senior executives to technicians Ability to adapt to and implement change Excellent decision-making skills Building and maintaining relationships with a variety of internal and external stakeholders Staying abreast and informed of latest cybersecurity threats and trends *Experience in leadership roles in information security or cybersecurity operations is preferred *Bachelor's degree, preferably in Computer Science, Information Security or a related field *Security/Risk certification such as Certified Information Systems Security Professional (CISSP) or equivalent Information Security certification *Additional Security/Risk certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or other SANS certifications in Cloud Security and/or Information Security Management areas It would be nice to have experience in any of the following: *Experience in leadership roles in information security or cybersecurity *Bachelor's degree, preferably in Computer Science, Information Security or a related field *Security/Risk certification such as Certified Information Systems Security Professional (CISSP) or equivalent Information Security certification *Additional Security/Risk certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or other SANS certifications in Cloud Security and/or Information Security Management areas Compensation: Salary Information Starting salary is between $85,000 - $130,000 per year, depending on qualifications and experience, plus excellent benefits. Use this Total Rewards Calculator to see an estimate of the total value of our competitive benefits package The classification title for this position is Information Technology Management Consultant (schedule 70, range 02). A two-year Career Executive Trial period may be required. Pay will be set in accordance with the State Compensation Plan in effect at the time of appointment. Starting pay may vary for current state employees. We know how to fine-tune corporate security because we've led effective and efficient Fortune 500-level security programs. The SEC helps businesses find the best balance of risk mitigation, cost and innovation. Want insight delivered to your inbox? xrczosw Subscribe to Security Insight newsletter.