ASSOCIATE CHIEF INFORMATION SECURITY OFFICER - 72004195
Position Overview and Responsibilities:
The Florida Digital Service was established to propose innovative solutions that securely modernize state government, including technology and information services, to achieve value through digital transformation and interoperability, and to fully support the state's cloud-first policy. It is also the lead entity responsible for enterprise cybersecurity.
The Associate Chief Information Security Officer (CISO) serves as a member of the CSOC leadership team in coordination with the CISO and Deputy CISO. The Associate CISO oversees and manages satellite Cybersecurity Operations Center (CSOC) operations including coordinating with the CSOC on augmenting the day-to-day work of the CSOC, security incident response operations, policy, processes, and procedures. On-site satellite operations are conducted primarily from a fully equipped physical CSOC facility in strategic location(s) throughout the State. Additionally, the Associate CISO is responsible for developing and implementing agency and enterprise-wide cybersecurity policies and procedures.
Specific Responsibilities:
- Coordinate with the cybersecurity team, particularly with the Incident Response and Threat Intelligence professionals under the CISO. In alignment with the CSOC, respond to cybersecurity incidents, especially as an escalation point for high-priority or highly complex incidents, or as an alternate-network asset. Drive development and continuous updating of cybersecurity policies, standard operating procedures and documentation for operational domains, including the use of automation and integrations where possible. Develop and maintain partnerships with relevant partners of the CSOC, including the University network for subject matter expertise, cutting-edge research, and possible internship educational opportunities. Ensure complete and accurate documentation of all activities and processes is maintained for all activities and tools to ensure an operating environment that is sound, sustainable, and compliant with policies and requirements, and seamlessly integrates with the CSOC. Participate in the design and execution of vulnerability assessments, red team/penetration tests, security audits, and cybersecurity exercises. Support the recruitment, development, and performance of personnel. Train, mentor, and guide other team members on cyber incident response practices, tooling, and capabilities. While working directly under the Deputy CISO, maintain a professional relationship and an effective partnership with the Incident Response Manager.
- Provide timely and relevant operational and procedural updates. Develop and provide daily operations and intelligence updates to the Incident Response Manager and Deputy CISO.
- In instances where the CSOC is not able to provide direct response, where multiple events require separate lines of effort, or as assigned by the CSOC, this position will lead incident response with full authority and autonomy.
- Provide after business hours support in response to security alerts and investigations.
- Research and lead cybersecurity policy initiatives; revise and implement policies and procedures to stay abreast of potential cybersecurity incidents.
- Other duties as needed.
Knowledge, Skills, and Abilities:
- Demonstrated experience and leadership running cybersecurity operations and incident response at a large private, public, defense, or government organization.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of physical security best-practices and intersection with cyber defense.
- Strong organization skills necessary to manage and coordinate across multiple teams with varying levels of technical and non-technical understanding of incident response activities.
- Develop and publish security incident analysis reports.
- Deep and wide knowledge of cybersecurity concepts, operations, and cybersecurity tools.
- Expert knowledge of industry best practices and frameworks (e.g. NIST, MITRE ATT&CK).
Desired Qualifications:
- Desirable education: Undergraduate degree in engineering, computer science, or information technology.
- Desirable certifications: GCIH, Security+, ECIH, CSIH, or equivalent certifications.
- Highly desirable certifications: CISSP, GSLC, or equivalent certifications.
Special Notes:DMS is committed to successfully recruiting and onboarding talented and skilled individuals into its workforce. We recognize the extensive training, experience, and transferrable skills that veterans and individuals with disabilities bring to the workforce. Veterans and individuals with disabilities are encouraged to contact our recruiter for guidance and answers to questions through the following provided email addresses:[email protected][email protected] individual with a disability is qualified if he or she satisfies the skills, experience, and other job related requirements for a position and can perform the essential functions of the position with or without reasonable accommodation.
The State of Florida is an Equal Opportunity Employer/Affirmative Action Employer, and does not tolerate discrimination or violence in the workplace.
The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act.
#J-18808-Ljbffr