Chief Information Security Officer
Apply NowCompany: Masse
Location: Boston, MA 02115
Description:
The Executive Office for Administration and Finance (A&F) plans and executes fiscal and administrative policies that serve to ensure the financial stability, efficiency, and effectiveness of state government. The key responsibilities of A&F include managing the operational and capital budgets of the Commonwealth and managing funds received from the federal government. A&F IT is a unit under the Executive Office for Administration & Finance (A&F) and is overseen by the Secretariat Chief Information Officer (SCIO). A&F IT is a team of approximately 300 skilled and committed IT professionals who develop and maintain technical solutions that address business challenges for Executive Office of Administration and Finance agencies. Information regarding these supported agencies is available at the Executive Office for Administration and Finance webpage (see section on Related Organizations).
A&F IT is seeking a highly motivated, experienced professional with a background in IT to serve as its Chief Information Security Officer (CISO). The CISO will ensure the confidentiality, integrity, and availability of information by communicating risk; creating and maintaining enforceable policies supporting processes; and ensuring compliance with regulatory requirements. The CISO will coordinate security-related activities with A&F IT-supported agencies. Activities include the evaluation, procurement and deployment of security-related products and the development and coordination of security awareness, disaster recovery and incident response plans. The CISO will be a member of A&F IT's senior team and report to the SCIO. The CISO will manage a staff of 5-10 individuals.
Responsibilities include:
Required knowledge, skills and abilities include:
The right candidate will be a strategic thinker, collaborative partner, and strong personnel manager with deep experience in IT. Strong communication and interpersonal skills and the ability to manage in a public and dynamic milieu are essential.
An external candidate recommended for a position with the Executive Office for Administration and Finance IT will be subject to extended background checks by the agency and the Executive Office of the Governor that includes checks for: state and federal tax compliance; child support compliance; education verification; Massachusetts CORI checks; criminal background checks in state(s) of current and previous residence/employment; validation of eligibility to work in the United States; and national fingerprint-based criminal background checks.
Qualifications:
MINIMUM ENTRANCE REQUIREMENTS:
Applicants must have at least (A) seven (7) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in IT administration or IT management, of which (B) at least three (3) years must have been in a managerial capacity.
Comprehensive Benefits
When you embark on a career with the Commonwealth, you are offered an outstanding suite of employee benefits that add to the overall value of your compensation package. We take pride in providing a work experience that supports you, your loved ones, and your future.
Want the specifics? Explore our Employee Benefits and Rewards!
An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.
The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. Research suggests that qualified women, Black, Indigenous, and Persons of Color (BIPOC) may self-select out of opportunities if they don't meet 100% of the job requirements. We encourage individuals who believe they have the skills necessary to thrive to apply for this role.
A&F IT is seeking a highly motivated, experienced professional with a background in IT to serve as its Chief Information Security Officer (CISO). The CISO will ensure the confidentiality, integrity, and availability of information by communicating risk; creating and maintaining enforceable policies supporting processes; and ensuring compliance with regulatory requirements. The CISO will coordinate security-related activities with A&F IT-supported agencies. Activities include the evaluation, procurement and deployment of security-related products and the development and coordination of security awareness, disaster recovery and incident response plans. The CISO will be a member of A&F IT's senior team and report to the SCIO. The CISO will manage a staff of 5-10 individuals.
Responsibilities include:
- Define, lead, and manage comprehensive security programs across A&F to strengthen security posture and enhance controls.
- Drive compliance of security programs.
- Define and be escalation path for senior leadership on security-related activities, risks, and concerns.
- Oversee and manage all IT related audits.
- Exercise strong leadership, while ensuring resources are appropriate, have adequate tools and work in a cohesive and professional manner.
- Maintain IT standards and documentation in alignment with Commonwealth IT policies and procedures.
- Implement and maintain a consistent security control framework across supported agencies.
- Partner with the Executive Office of Technology Services and Security (EOTSS) on strategic initiatives and security operations.
- Develop communication strategies and building professional relationships with security peers across the Commonwealth.
- Develop, initiate, and maintain security policies, procedures and governance processes.
- Monitor emerging technologies for potential impacts to operations and long-term strategy.
- Coordinate risk management and internal audit to direct compliance issues to appropriate reviewing bodies.
- Identify potential areas of compliance vulnerability and risk; directing the development and implementation of corrective action plans for resolution of identified issues.
- Ensure adherence to legal standards regarding information security compliance; implementing and following industry standards and best practices for security compliance; and developing reliable, efficient, and effective project development processes.
- Provide strategic and tactical advice to address existing and evolving security threats.
- Collaboration closely with DOR's Risk Management team, liaise with the IRS safeguards and other governing agencies in support of periodic security assessments.
Required knowledge, skills and abilities include:
The right candidate will be a strategic thinker, collaborative partner, and strong personnel manager with deep experience in IT. Strong communication and interpersonal skills and the ability to manage in a public and dynamic milieu are essential.
- 15+ years of experience in information technology.
- 10+ years of experience in information security or cyber security; with at least 5 years of exposure to various security frameworks, preferably NIST.
- Minimum 5 years of experience in managerial, team leadership, or supervisory roles in large, matrixed organizations.
- Experience in government or public sector preferred.
- CISSP, CISM or CISA certification, etc.
- Extensive experience with policies/procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis and disaster recovery.
- Ability to supervise staff including performance appraisal, employee coaching, training, development and performance management.
- Excellent written and verbal communication skills, with a proven ability to translate security and risk to all levels of the business in technical and non-technical terms.
- Ability to develop and maintain effective working relationships with a variety of stakeholders.
An external candidate recommended for a position with the Executive Office for Administration and Finance IT will be subject to extended background checks by the agency and the Executive Office of the Governor that includes checks for: state and federal tax compliance; child support compliance; education verification; Massachusetts CORI checks; criminal background checks in state(s) of current and previous residence/employment; validation of eligibility to work in the United States; and national fingerprint-based criminal background checks.
Qualifications:
MINIMUM ENTRANCE REQUIREMENTS:
Applicants must have at least (A) seven (7) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in IT administration or IT management, of which (B) at least three (3) years must have been in a managerial capacity.
Comprehensive Benefits
When you embark on a career with the Commonwealth, you are offered an outstanding suite of employee benefits that add to the overall value of your compensation package. We take pride in providing a work experience that supports you, your loved ones, and your future.
Want the specifics? Explore our Employee Benefits and Rewards!
An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.
The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. Research suggests that qualified women, Black, Indigenous, and Persons of Color (BIPOC) may self-select out of opportunities if they don't meet 100% of the job requirements. We encourage individuals who believe they have the skills necessary to thrive to apply for this role.