Deputy Chief Information Security Officer for Security Operations
Apply NowCompany: State of Washington
Location: Olympia, WA 98501
Description:
Salary: $120,000.00 - $154,848.00 Annually
Location : Thurston County - Olympia, WA
Job Type: Exempt
Remote Employment: Flexible/Hybrid
Job Number: 2025-WaTech-5107-11647
Department: Washington Technology Solutions
Division: OCS
Opening Date: 04/21/2025
Closing Date: 5/12/2025 11:59 PM Pacific
Description
Deputy Chief Information Security Officer (CISO) for Security Operations (EMS 3)
WaTech: Leading the way forward!
Washington Technology Solutions (WaTech) is at the forefront of integrating cutting-edge technologies that revolutionize how state services are delivered in Washington. By joining the WaTech team, you contribute to assisting other state agencies in providing essential services to millions of Washingtonians daily. WaTech manages the state's essential technology infrastructure, enhancing governmental efficiency, security and safety.
About the position
The Deputy Chief Information Security Officer (CISO) for Security Operations is one of four deputies and a key member of the leadership team in the Office of Cybersecurity. In this position, you will manage the Security Operations Center (SOC), Computer Incident Response (CIRT), and vulnerability management teams to track, coordinate, analyze and address security issues effectively. This position plays a critical role in the statewide organization of information security and is responsible for safeguarding the state's information systems and data from security threats and exposures. In this role you will be relied upon to manage enterprise security platforms and facilitate services, advise WaTech, state agencies and the statewide enterprise on our security direction and resource investments, and administer a model to effectively manage information security incidents and risks.
Duties
Some of what to expect with this role:
Here's what we're looking for:
*A bachelor's or master's degree in computer science, Business Administration, Information Security, or a related field may substitute for four or six years, respectively, of the overall 12 years of required experience.
Preference may be granted to applicants with the following:
Telework: This position is approved for telework. However, requires the incumbent to come onsite monthly to attend meetings and training, or as needed for business purposes.
We value diversity and different perspectives:
WaTech is committed to providing equal access and opportunities to all qualified applicants and employees. We seek to attract and retain a diverse staff and welcome your experiences, perspectives, and unique identity.
What WaTech Offers:
As an employee of WaTech, you'll have access to an outstanding that includes medical and dental plan options for you and your family, paid leave and holidays, retirement plan options and more.
While WaTech is headquartered in Olympia, Washington, which is near some of the country's most , we are able to offer many of our positions telework and flexible schedule options to help support a healthy work life balance.
To learn more about WaTech, and what our employees enjoy about working here, please .
How to apply:
Applications for this recruitment will be accepted electronically. Please select the large "apply button" at the top of this announcement. You may need to create a profile and account in Washington state's automated application system. We invite you to include your name and pronouns in your material to ensure we address you correctly throughout the application process.
To be considered for this position you will need to:
Applicants wishing to claim Veterans Preference should attach a copy of their DD-214 (Member 4 copy), NGB 22, or signed verification of service letter from the United States Department of Veterans Affairs to their application. (Please redact any personally identifiable data such as social security number prior to submittal.)
Note: Applications without the requested attachments identified above or containing supplemental question responses with comments such as "see resume" may lead to your application being disqualified from consideration.
Conditions of employment:
This position requires a background check. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position and is a continued condition of employment.
Recruitment process:
First round of application assessments will be conducted seven days after the initial job posting date. The hiring authority reserves the right to offer the position at any time after the initial seven-day job posting date during the recruitment process. It is to the applicant's advantage to apply as early as possible. This recruitment may be used to fill multiple positions.
Contact us: For inquiries about this position, please contact Rebekah Wilkes at (360) 407-8646 or email to
Persons requiring accommodation in the application process or for an alternative format may contact Human Resources at (360) 407-8242 or . Persons of disability or those who are deaf or hard of hearing can call the Washington Relay Service by dialing 7-1-1 or 1-800-833-6388. WaTech complies with the employment eligibility verification requirements of the federal Form I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
Supplemental Information
More than Just a Paycheck!
Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.
We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. That's why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.
Read about our benefits:
The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.
Note: If the position offers benefits which differ from the following, the job posting should include the specific benefits.
Insurance Benefits
Employees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.
Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.
To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.
Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.
Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.
The Washington State Employee Assistance Program promotes the health and well-being of employees.
Retirement and Deferred Compensation
State Employees are members of the Washington Public Employees' Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems' web site.
Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.
Social Security
All state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.
Public Service Loan Forgiveness
If you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.
Holidays
Full-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.
Note: Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.
Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.
Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.
Sick Leave
Full-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.
Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.
Vacation (Annual Leave)
Full-time employees accrue vacation leave at the rates specified in (1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.
Part-time employees accrue vacation leave hours in accordance with (1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.
Pay status includes hours worked, time on paid leave and paid holiday.
As provided in , an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.
Note: Most agencies follow the civil service rules covering leave and holidays for exempt employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.
Military Leave
Washington State supports members of the armed forces with 21 days paid military leave per year.
Bereavement Leave
Most employees whose family member or household member dies, are entitled to three (3) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.
Additional Leave
Leave Sharing
Family and Medical Leave Act (FMLA)
Leave Without Pay
Please visit the State HR Website for more detailed information regarding benefits.
Updated 12-31-2022
01
Please select the option that best describes how you meet the required qualifications:
02
Please briefly explain how you gained the experience and/or education in question #1, If this does not apply, type N/A.
03
Do you have four years of experience in managing security operations, incident response, and threat intelligence functions?
04
Please briefly explain how you gained the experience in question #3, If this does not apply, type N/A.
05
Which of the following areas do you have six years of experience? (Check all that apply)
06
Please briefly explain how you gained the experience in each of the areas you selected in question #5, If this does not apply, type N/A.
07
Will you now or in the future require sponsorship for employment visa status (e.g. H-1B visa status or F1 OPT etc.)?
Required Question
Location : Thurston County - Olympia, WA
Job Type: Exempt
Remote Employment: Flexible/Hybrid
Job Number: 2025-WaTech-5107-11647
Department: Washington Technology Solutions
Division: OCS
Opening Date: 04/21/2025
Closing Date: 5/12/2025 11:59 PM Pacific
Description
Deputy Chief Information Security Officer (CISO) for Security Operations (EMS 3)
WaTech: Leading the way forward!
Washington Technology Solutions (WaTech) is at the forefront of integrating cutting-edge technologies that revolutionize how state services are delivered in Washington. By joining the WaTech team, you contribute to assisting other state agencies in providing essential services to millions of Washingtonians daily. WaTech manages the state's essential technology infrastructure, enhancing governmental efficiency, security and safety.
About the position
The Deputy Chief Information Security Officer (CISO) for Security Operations is one of four deputies and a key member of the leadership team in the Office of Cybersecurity. In this position, you will manage the Security Operations Center (SOC), Computer Incident Response (CIRT), and vulnerability management teams to track, coordinate, analyze and address security issues effectively. This position plays a critical role in the statewide organization of information security and is responsible for safeguarding the state's information systems and data from security threats and exposures. In this role you will be relied upon to manage enterprise security platforms and facilitate services, advise WaTech, state agencies and the statewide enterprise on our security direction and resource investments, and administer a model to effectively manage information security incidents and risks.
Duties
Some of what to expect with this role:
- Direct and oversee the operations of the Security Operations Center (SOC) and vulnerability management teams to actively defend the state government network from cyberattacks.
- Select and implement appropriate security tools for the hybrid (on-premises and cloud) infrastructure.
- Strategically design the collection and aggregation of data to detect and respond to threats, decrease false positives, and improve focus on real and actionable incidents.
- Measure SOC performance metrics and report on security operations and incident management to WaTech and state agency leaders.
- Oversee the management and maintenance of security platforms, tools and technologies, such as intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM) systems, network monitoring, and endpoint detection and response (EDR) solutions.
- Coordinate with other IT and business units to integrate security controls and practices into the organization's operations.
- Direct and oversee the day-to-day operations of the Computer Incident Response (CIRT) team.
- Develop and implement a comprehensive security operations strategy aligned with the state's overall security objectives and risk management framework.
- Monitor and analyze threat intelligence sources to identify threats and vulnerabilities to the organization's information assets.
- Establish and maintain a robust vulnerability management program in coordination with state agencies to identify, prioritize, address and report the vulnerability status in a timely manner.
Here's what we're looking for:
- 12 years of experience in the field of information technology. This experience includes:
- Four years of experience in managing security operations, incident response and threat intelligence functions.
- Six years of recent experience in Information Security in each of the following areas:
- Supervisory experience leading technical teams.
- Developing and implementing policies and standards in a large enterprise environment.
- Assessing security threats and recommending appropriate mitigation strategies and compensating controls.
- Identifying security solutions that meet predefined regulatory/compliance requirements.
*A bachelor's or master's degree in computer science, Business Administration, Information Security, or a related field may substitute for four or six years, respectively, of the overall 12 years of required experience.
- Demonstrated experience in implementing and managing security technologies and tools, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
- Strong understanding of relevant laws, regulations, and compliance requirements and experience interpreting laws, regulations, and administrative rules to understand how existing and newly introduced legislation impacts the delivery and implementation of information technology security policy and standards.
- Proven experience in a senior cybersecurity leadership role.
- Demonstrated ability to assess security threats and recommend appropriate mitigation strategies quickly.
- Demonstrated ability to lead and manage complex work tasks of security and technical employees in a fast-paced operational work unit.
- Ability to lead response efforts for single- or multiple-entity cybersecurity incidents.
- Ability to communicate complex technical issues with technical staff, customer security professionals and non-technical senior management.
- In-depth knowledge of cybersecurity principles, technologies and best practices.
- Demonstrated knowledge and ability in negotiating and managing third-party vendor contracts.
Preference may be granted to applicants with the following:
- A master's degree in computer science, Business Administration, Information Security, or a related field.
- Applicable industry-accepted certifications, including but not limited to:
- Certified Information Systems Security Professional (CISSP).
- Holistic Information Security Practitioner (HISP) - Certified Information Security Manager (CISM).
- Certified Information Systems Auditor (CISA).
- Certified in Risk and Information Systems Controls (CRISC).
- Department of Homeland Security (DHS) secret-level clearance.
- Ability to speak effectively and persuasively before a large audience.
- Demonstrated experience in budget development, implementation, and financial forecasting of information technology services.
- Demonstrated experience in project management, including managing multiple projects with strong organizational and time-management skills.
- Demonstrated commitment to continuous learning and professional development, such as participation in professional organizations (e.g., ISACA, ISC2) and attendance at industry conferences.
- Previous experience in managing information technology in the government or public sector is highly desirable.
Telework: This position is approved for telework. However, requires the incumbent to come onsite monthly to attend meetings and training, or as needed for business purposes.
We value diversity and different perspectives:
WaTech is committed to providing equal access and opportunities to all qualified applicants and employees. We seek to attract and retain a diverse staff and welcome your experiences, perspectives, and unique identity.
What WaTech Offers:
As an employee of WaTech, you'll have access to an outstanding that includes medical and dental plan options for you and your family, paid leave and holidays, retirement plan options and more.
While WaTech is headquartered in Olympia, Washington, which is near some of the country's most , we are able to offer many of our positions telework and flexible schedule options to help support a healthy work life balance.
To learn more about WaTech, and what our employees enjoy about working here, please .
How to apply:
Applications for this recruitment will be accepted electronically. Please select the large "apply button" at the top of this announcement. You may need to create a profile and account in Washington state's automated application system. We invite you to include your name and pronouns in your material to ensure we address you correctly throughout the application process.
To be considered for this position you will need to:
- Submit your online application.
- Answer all required Supplemental Questions.
- Attach a Letter of Interest that addresses how your experience qualifies you for this role.
- Attach a Resume that clearly documents the work history, training, and education that makes you a viable and competitive candidate for this position.
- Include Three professional references and their contact information.
Applicants wishing to claim Veterans Preference should attach a copy of their DD-214 (Member 4 copy), NGB 22, or signed verification of service letter from the United States Department of Veterans Affairs to their application. (Please redact any personally identifiable data such as social security number prior to submittal.)
Note: Applications without the requested attachments identified above or containing supplemental question responses with comments such as "see resume" may lead to your application being disqualified from consideration.
Conditions of employment:
This position requires a background check. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position and is a continued condition of employment.
Recruitment process:
First round of application assessments will be conducted seven days after the initial job posting date. The hiring authority reserves the right to offer the position at any time after the initial seven-day job posting date during the recruitment process. It is to the applicant's advantage to apply as early as possible. This recruitment may be used to fill multiple positions.
Contact us: For inquiries about this position, please contact Rebekah Wilkes at (360) 407-8646 or email to
Persons requiring accommodation in the application process or for an alternative format may contact Human Resources at (360) 407-8242 or . Persons of disability or those who are deaf or hard of hearing can call the Washington Relay Service by dialing 7-1-1 or 1-800-833-6388. WaTech complies with the employment eligibility verification requirements of the federal Form I-9. The selected candidate must be able to provide proof of identity and eligibility to work in the United States consistent with the requirements of that form on the first day of employment.
Supplemental Information
More than Just a Paycheck!
Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.
We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. That's why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.
Read about our benefits:
The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.
Note: If the position offers benefits which differ from the following, the job posting should include the specific benefits.
Insurance Benefits
Employees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.
Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.
To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.
Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.
Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.
The Washington State Employee Assistance Program promotes the health and well-being of employees.
Retirement and Deferred Compensation
State Employees are members of the Washington Public Employees' Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems' web site.
Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.
Social Security
All state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.
Public Service Loan Forgiveness
If you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.
Holidays
Full-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.
Note: Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.
Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.
Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.
Sick Leave
Full-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.
Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.
Vacation (Annual Leave)
Full-time employees accrue vacation leave at the rates specified in (1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.
Part-time employees accrue vacation leave hours in accordance with (1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.
Pay status includes hours worked, time on paid leave and paid holiday.
As provided in , an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.
Note: Most agencies follow the civil service rules covering leave and holidays for exempt employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.
Military Leave
Washington State supports members of the armed forces with 21 days paid military leave per year.
Bereavement Leave
Most employees whose family member or household member dies, are entitled to three (3) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.
Additional Leave
Leave Sharing
Family and Medical Leave Act (FMLA)
Leave Without Pay
Please visit the State HR Website for more detailed information regarding benefits.
Updated 12-31-2022
01
Please select the option that best describes how you meet the required qualifications:
- I have 12 years of experience in the field of information technology.
- I have a bachelor's degree in computer science, Business Administration, Information Security, or a related field AND eight years of information technology experience.
- I have a master's degree in computer science, Business Administration, Information Security, or a related field AND six years of information technology experience.
- I do not have the required experience and/or education, but I am willing to learn.
02
Please briefly explain how you gained the experience and/or education in question #1, If this does not apply, type N/A.
03
Do you have four years of experience in managing security operations, incident response, and threat intelligence functions?
- Yes
- No
04
Please briefly explain how you gained the experience in question #3, If this does not apply, type N/A.
05
Which of the following areas do you have six years of experience? (Check all that apply)
- Supervisory experience leading technical teams.
- Developing and implementing policies and standards in a large enterprise environment.
- Assessing security threats and recommending appropriate mitigation strategies and compensating controls.
- Identifying security solutions that meet predefined regulatory/compliance requirements.
- I do not have experience with any of these, but I am willing to learn.
06
Please briefly explain how you gained the experience in each of the areas you selected in question #5, If this does not apply, type N/A.
07
Will you now or in the future require sponsorship for employment visa status (e.g. H-1B visa status or F1 OPT etc.)?
- Yes
- No
Required Question