Cybersecurity Officer (ITSecurity-Expert)

About us:
The Office of the State Treasurer (OST) is the bank for the Washington state government. OST provides banking, investment, debt issuance, and accounting services for state government and plays a major role in providing financial services to local government. The agency has a staff of approximately 70 employees committed to promoting and maintaining public trust and confidence through consistent application of responsible financial practices, quality customer service, and continuous efforts to improve agency efficiency and productivity.

Opportunity: 
The Office of the State Treasurer is seeking a dedicated Cybersecurity Officer (CISO) to establish and implement our cybersecurity strategy.As the CISO, you will report directly to the Director of Information Services (CIO).You will oversee developing and implementing comprehensive security policies and procedures, ensuring the protection of our information assets from cyber security threats. You will oversee risk management, incident response, and compliance with regulatory requirements while increasing cybersecurity awareness across the organization. Additionally, you will collaborate with the leadership team and IT management team to align security initiatives with business operations and goals.

As the CISO, your key functions include risk assessment, implementing security protocols and policies, managing security incident responses, and ensuring compliance with regulations. You will also educate employees on cybersecurity best practices and coordinate with other executives to align security with business objectives.

What we are looking for:
The ideal candidate will be highly strategic, detail-oriented, and possess a strong background in information security with experience in enterprise architecture. In addition, they will have excellent communication skills, along with a proven track record of implementing effective cybersecurity measures and protocols while collaborating and mentoring IT professionals.

Duties

• Develop and implement a comprehensive cybersecurity strategy that align with the company‘s business objectives.
• Oversee the creation of a security policy and enforcement of procedures to protect information assets.
• Conduct information security risk assessments to identify vulnerabilities and develop mitigation plans.
• Lead incident response efforts to quickly address and recover from any security incident.
• Ensure compliance with industry-relevant regulations and standards.
• Train employees in security awareness.
• Collaborate with other executives to integrate cybersecurity measures with overall business strategies.
• Establish metrics and reporting mechanisms to monitor the effectiveness of security initiatives.
• Evaluate and implement new security technologies and tools to enhance the company‘s defenses.
• Mentor and train ISD staff on best practices and implementing security measures and protocols.
• Maintain relationships with external partners, security professionals, and vendors to ensure robust security measures.
• Provide regular updates to the CIO and Executives on the state of the agency’s security posture.
• Develop and test business continuity and disaster recovery plans.
• Manage third-party information security risk by assessing and monitoring vendor security practices.
• Stay abreast of emerging threats and industry trends to continuously evolve the security strategy.

Qualifications

Any combination of education and/or work experience that equal a total of 10 years, with at least five of those years working full-time in IT security in two or more of the following domains:

• Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)
• Asset Security (Protecting Security of Assets)
• Security Engineering (Engineering and Management of Security)
• Communication and Network Security (Designing and Protecting Network Security)
• Identity and Access Management (Controlling Access and Managing Identity)
• Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
• Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery) Software Development Security (Understanding, Applying, and Enforcing Software Security)

Education would usually consist of a degree in computer science or closely related field.

Experience operating and analyzing logging and monitoring systems, antivirus solutions, and security configurations.

Experience with recommending and/or writing Information Technology policies. Experience training on IT policy is a plus.

Preferred Education, Experience, and Competencies:

• Ability to obtain any of the following certifications: Security Certification (GIAC Security Essentials, Certified Information Systems Security Professional CISSP, Certified Information Security Manager CISM or equivalent)
• Experience working in cloud-based environments such as AWS and Azure.
• Working knowledge of Washington State Security Standards and Office of the Chief Information Office policies.

Throughout our selection processes, we will also evaluate candidates for knowledge, skills, abilities, behaviors and capacity for effective leadership that aligns with our agency culture.

Supplemental Information

How to apply:
In addition to completing the online application, applicants must attach to their profile a letter of interest explaining how you meet the qualifications of this position and a current resume.

A background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the candidates’ suitability and competence to perform in the position.

Location, Hours, Salary & Benefits: 
The OST takes pride in being a family-friendly and healthy work environment. The OST operates on a standard work week from Monday through Friday with the core business hours of 8:00 am to 5:00 pm. The duty station for this position is in Olympia, Washington, within the Helen Sommers Building located on the Capitol Campus.

All OST employees are required to work in the office a minimum of two days per month. The remainder of your work schedule is determined by your position requirements, most of our staff maintain a hybrid remote working schedule. This position will require you to work in the office regularly during the first 6 months of hire; this position is eligible for telework. The incumbent will work with their supervisor to identify an appropriate work schedule and balance between remote and in person work based on operational need and employee preference.

Salary:
The annual salary range for this position is $109,464 – 147,204 with step M being a longevity step.

Benefits:
Washington State offers a competitive benefits package. Beyond the traditional benefits such as health insurance, life insurance and retirement benefits, we offer flex spending accounts, dependent care assistance, deferred compensation, 12 paid holidays, paid vacation, and sick leave. Click on the “Benefits” tab near the top of the page to learn more.

Equal Employment Opportunity (EEOC):
OST is an equal opportunity employer; committed to providing employees with a work environment free of discrimination and harassment. OST provides equal access and opportunity to anyone who qualifies regardless of immigration status, on the bases of race, color, religion, national origin, sex (including pregnancy and related conditions, sexual orientation, or gender identity), age (40 and older), disability, genetic information (including employer requests for, or purchase, use, or disclosure of genetic tests, genetic services, or family medical history) retaliation for filing a charge, reasonably opposing discrimination, or participating in a discrimination lawsuit, investigation, or proceeding.

Recruitment access, assistance and contact information:
For questions about this recruitment or for applicants in need of assistance during the application process, please contact Nadine Sordahl at (360) 902-8919 or via email to [email protected]. TTY users should first call 711 to access the Washington Relay Service.