DEPUTY STATE CHIEF INFORMATION SECURITY OFFICER

$130,000 - $145,000/Yr

State of Florida - Tallahassee, FL

posted 4 months ago

Full-time - Senior
Tallahassee, FL
Executive, Legislative, and Other General Government Support

About the position

The Deputy State Chief Information Security Officer (CISO) is a pivotal role within the Florida Digital Service, tasked with the responsibility of designing and deploying Florida's inaugural enterprise cybersecurity program. This position is part of a broader initiative by the state to enhance its cybersecurity capabilities, backed by significant financial investments. The Deputy State CISO will work closely with the Chief Information Security Officer and other executive leaders to build a robust cybersecurity framework that will protect the state's digital assets and infrastructure. In this technical executive leadership role, the Deputy State CISO will lead and facilitate cross-team collaboration and activities related to cybersecurity monitoring, operations, intelligence, and incident response. The position requires a proactive approach to managing security operations and incident response teams, ensuring that the cybersecurity operations center (CSOC) is effectively established and maintained. The Deputy CISO will oversee the administration and configuration of enterprise security solutions, ensuring continuous monitoring of the enterprise environment and timely response to incidents. The role also involves developing and maintaining incident response plans, organizing post-incident reviews, and ensuring that all cybersecurity tools are properly tuned and maintained. The Deputy State CISO will engage with local, state, federal, and commercial partners to enhance intelligence and response efforts, while also ensuring compliance with necessary policy frameworks and state statutes. This position is not only about managing current operations but also about strategically planning for the future of cybersecurity in Florida, making it a unique and significant opportunity for the right candidate.

Responsibilities

  • Lead security operations and incident response (IR) teams and functions.
  • Partner to stand up and run the cyber security operations center (CSOC).
  • Own administrations, configuration, and day-to-day operations of enterprise security solutions.
  • Oversee continuous monitoring activities of the enterprise environment, ensuring incidents are addressed, stakeholders are informed, and protective and remediating measures are taken.
  • Serve as the owner and executor for cyber incident response plans and documentation, including periodic updates.
  • Facilitate key conferences and communications between various parties across various groups and partners.
  • Organize and chair post-incident reviews.
  • Lead the development and maintenance of runbooks for incidents, maximizing assistance and resolution automation.
  • Oversee tuning and maintenance activities of enterprise cybersecurity tooling, including all endpoint, managed detection, extended detection, network, and other CSOC related systems as appropriate.
  • Develop and maintain metrics on CSOC performance.
  • Lead engagement efforts for intelligence and response with local, state federal, and commercial partners and agencies.
  • Ensure proper implementation of required policy frameworks (i.e. NIST), state statute, and rules. Works to proactively identify risks and, in the event of audit findings, ensure remediation actions are completed.
  • Perform other duties and tasks as assigned.

Requirements

  • Undergraduate degree in engineering, computer science, or information technology; graduate degree preferred.
  • Demonstrated experience and leadership running cybersecurity operations and incident response at a large private, public, defense, or government organization.
  • Strong organization skills necessary to manage and coordinate across multiple teams with varying levels of technical and non-technical understanding of incident response procedures.
  • Deep and wide knowledge of cybersecurity concepts, operations, and cybersecurity tools.

Nice-to-haves

  • CCISO, CISSP-ISSMP, CISSP, CASP, GCIH certifications highly desirable.
  • CISM, CCSP, CISSP-ISSAP, CRISC, CGEIT, SSCP, OSCP, Security+ certifications desirable.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service