Job Board
View all jobs

Chief information security


Mass Inc

Boston, MA, US

2 months ago
No degree mentioned

Job highlights


    • Health Insurance

    Job Description


    Overview : A&F IT is a unit under the Executive Office for Administration & Finance (A&F) that is overseen by the A&F IT Chief Information Officer (A&F CIO). A&F IT is comprised of 220 employees working on IT systems and applications for 15 various A&F agencies. Information regarding these supported agencies is available at (see section on Related Organizations). A&F IT is seeking a highly motivated, experienced professional with a background in IT to serve as its Chief Information Security Officer (CISO). The CISO will be a member of A&F IT's senior team and report to the A&F CIO. The CISO will manage a staff of 5-10 individuals. The CISO will ensure the confidentiality, integrity, and availability of information by communicating risk; creating and maintaining enforceable policies supporting processes; and ensuring compliance with regulatory requirements. The CISO will coordinate security-related activities with A&F IT-supported agencies. Activities include the evaluation, procurement and deployment of security-related products and the development and coordination of security awareness, disaster recovery and incident response plans. Drive compliance of security programs Define and be escalation path for Senior Leadership on security related activities and risks. Manage all IT related audits. Exercising strong leadership, while ensuring resources are appropriate, have adequate tools and work in a cohesive and professional manner. Maintaining IT standards, documentation, and support in alignment with Commonwealth IT policies and procedures. Implementing a security control framework across supported agencies. Collaborating with the Executive Office of Technology Services and Security (EOTSS) on strategic initiatives and security operations. Developing communication strategies and building professional relationships with security peers across the Commonwealth. Developing, initiating, maintaining, and revising security policies and procedures. Monitoring emerging technologies for potential impacts to operations and long-term strategy. • Coordinating risk management and internal audit to direct compliance issues to appropriate reviewing bodies. Identifying potential areas of compliance vulnerability and risk; • directing the development and implementation of corrective action plans for resolution of identified issues. Ensuring adherence to legal standards regarding information security compliance; implementing and following industry standards and best practices for security compliance; and developing reliable, efficient, and effective project development processes. Provide strategic and tactical advice to address existing and evolving security threats. In collaboration with DOR's Risk Management team, liaise with the IRS safeguards and other governing agencies in support of periodic security assessments. Required knowledge, skills and abilities include : The right candidate will be a strategic thinker, collaborative partner, and strong personnel manager with deep experience in IT. Strong communication and interpersonal skills and the ability to manage in a public and dynamic milieu are essential. 15 years of experience within information technology 10 years of experience in information security or cyber security; with at least 5 years of exposure to various security frameworks, preferably NIST 5 years of managerial, team leadership or supervisory experience in large, matrixed organizations Government or public sector experience CISSP, CISM or CISA certification, etc. • Extensive experience with policies / procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis and disaster recovery Ability to supervise staff including performance appraisal, employee coaching, training, development and performance management Excellent written and verbal communication skills, with a proven ability to translate security and risk to all levels of the business in technical and non-technical terms Ability to develop and maintain effective working relationships with a variety of stakeholders An external candidate recommended for a position with the Executive Office for Administration and Finance IT will be subject to a background check that includes checks for : state and federal tax compliance; • child support compliance; education verification; Massachusetts CORI checks; criminal background checks in state(s) of current and previous residence / employment; validation of eligibility to work in the United States; and national fingerprint-based criminal background checks.Qualifications : MINIMUM ENTRANCE REQUIREMENTS : Applicants must have at least (A) seven (7) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in IT administration or IT management, of which (B) at least three (3) years must have been in a managerial capacity. Comprehensive Benefits When you embark on a career with the Commonwealth, you are offered an outstanding suite of employee benefits that add to the overall value of your compensation package. We take pride in providing a work experience that supports you, your loved ones, and your future. Want the specifics? Explore our Employee Benefits and Rewards! An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply. The Commonwealth is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity or expression, sexual orientation, age, disability, national origin, veteran status, or any other basis covered by appropriate law. Research suggests that qualified women, Black, Indigenous, and Persons of Color (BIPOC) may self-select out of opportunities if they don't meet 100% of the job requirements. We encourage individuals who believe they have the skills necessary to thrive to apply for this role. Last updated : 2023-10-19