Chief Information Security Officer | Minnestar

Minnesota IT Services

Working Title: Chief Information Security Officer
Job Class: MNIT Executive Manager
Agency: Minnesota IT Services

  • Who May Apply: Open to all qualified job seekers
  • Date Posted: 03/02/2023
  • Closing Date: 03/22/2023
  • Hiring Agency/Seniority Unit: Minnesota IT Services
  • Division/Unit: Enterprise / Executive Staff
  • Work Shift/Work Hours: Day
  • Days of Work: Monday – Friday
  • Travel Required: No
  • Salary Range: $56.00 – $80.17 / hourly; $116,928 – $167,395 /annually
  • Classified Status: Unclassified
  • Bargaining Unit/Union: 220 – Manager/Unrep
  • FLSA Status: Exempt – Executive
  • Telework Eligible: Yes
  • Designated in Connect 700 Program for Applicants with Disabilities: No

Make a difference in the lives of Minnesotans.

The work you’ll do is more than just a job. Join the talented, engaged and inclusive workforce dedicated to creating a better Minnesota.

Job Summary

Are you an Information Security executive with a passion to provide meaningful contributions to the community?

We’re looking for someone with limitless passion, a relentless focus on innovation, and a driven commitment to shape and lead cybersecurity strategies for the future of the State of Minnesota.

Join us on a mission that matters — to secure and deliver people-centered digital government services that improve outcomes for all Minnesotans.

About the role:

Securing the state is one of MNIT’s most critical functions. Our agency’s Chief Information Security Officer (CISO) will be a security thought leader with sound knowledge of business management and cybersecurity technologies.

As CISO, your role is vital to setting strategic direction to continually meet the ever-evolving cybersecurity threat to Minnesota’s IT systems. You will develop and implement an information security strategy that protects the state’s data, systems, and networks from cyber threats with a primary focus on risk reduction activities and ensuring the resiliency of core technical infrastructure. You will be responsible for the oversight of people, processes, technology, and governance of the state’s security program.

Your engaging, imaginative, and collaborative leadership approach will set the voice and tone for MNIT’s proactive cybersecurity strategy. You will engage and partner with diverse groups — from the state legislature, executive branch agency and local government leaders, MNIT executive leadership and enterprise security specialists.

You will lead an enterprise team of information security specialists that provide state and local services in core service areas to state and local government. Your future vision will set strategies that maintain effective risk management policies and practices

Your expert knowledge and thought leadership to understand and quantify the cybersecurity risks of IT architectures, along with your strong understanding of the disciplines within a complete cybersecurity program including, but not limited to cybersecurity risk management, regulatory compliance, security operations and staying ahead of the threat landscape are paramount for this role.

The CISO is the most senior-level role responsible for all information and cybersecurity aspects across Minnesota State Government. The CISO and reports to the State Chief Information Officer/Commissioner of Minnesota IT Services and serves as a member of the executive management team.

This role will:

  • Provide leadership, vision, and governance in setting security architecture strategy.
  • Identify security risks and resulting mitigation solutions.
  • Develop security architectures, roadmaps and design patterns that support our products and services including enterprise strategies related to cloud services, applications, and infrastructure.
  • Enable the business by creating security architectures that support and protect investments in MNIT’s products, services, and IT infrastructure
  • Using security architecture as one component of protecting our customer’s data including personal information and enhancing the reliability and quality of our products and services
  • Continuously assessing the technology and security landscape and trends to identify the latest security threats to our business and determining the potential impact on the enterprise architecture
  • Embedding a security mindset in the security architecture community

Who we are:

We are the IT agency for the State of Minnesota, providing services and support for the over 35,000 state employees who use Minnesota’s government systems. MNIT partners with state and local governments to safeguard the private data that 5.7 million Minnesotans have entrusted to the state. MNIT and the state of Minnesota are committed to cultivating an inclusive, diverse culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level.

*This position is statutory unclassified and includes full state fringe benefits; it is anticipated to last up to 01/02/2027.

**At this time, this position is eligible to work full-time teleworking, hybrid or full-time in the office depending on the needs of the business unit and with supervisor approval. Telework is a work arrangement that allows an employee to perform work on a scheduled regular, recurring basis at a remote telework location. 


Minimum Qualifications

Your resume MUST clearly state how you meet the following minimum requirements:

Years of experience:

  • Minimum 8 years of hands-on experience in compliance/cybersecurity, or a complex operational environment.
  • 5 or more of those years must have been in a supervisory leadership role. Supervisory or managerial experience must include oversight of staff (e.g. selection, orientation, training, coaching, performance management, etc.).

Experience in:

  • Leading and managing multiple division managers, teams, projects, and initiatives
  • Engaging, highly developed presentation skills to speak and present to non-technical, technical, and government audiences
  • Effective relationship building and communicating across diverse technical and non-technical stakeholders and peers at all levels to champion security initiatives and influence decisions
  • Implementing, operating, and applying information security and industry best practices to network application and hardware in a regulated or life-safety business environment
  • Knowledge and experience in broadly applicable information security governance and regulations
  • Advanced business, fiscal and human resource management skills
  • Strong understanding of cybersecurity protective controls, digital forensics, and security information and event management (SIEM)

**Successful candidate must pass past-employer reference checks and a criminal history verification**

Job Type: Full-time
Compensation Type: salaried
Location: St. Paul
Posted by Karla Larson on March 6, 2023