Deputy Chief Information Security Officer

Working Title: Deputy Chief Information Security Officer
Job Class: MNIT Division Manager 2
Agency: Minnesota IT Services

• Who May Apply: Open to all qualified job seekers
• Date Posted: 09/12/2023
• Closing Date: 10/02/2023
• Hiring Agency/Seniority Unit: Minnesota IT Services
• Division/Unit: Enterprise Security
• Work Shift/Work Hours: Day
• Days of Work: Monday – Friday
• Travel Required: No
• Salary Range: $54.12 – $77.47 / hourly; $113,002 – $161,757 / annually
• Classified Status: Classified
• Bargaining Unit/Union: 220 – Manager/Unrep
• FLSA Status: Exempt – Executive
• Telework Eligible: Yes #LI-Hybrid
• Designated in Connect 700 Program for Applicants with Disabilities: Yes

Make a difference in the lives of Minnesotans.

The work you’ll do is more than just a job. Join the talented, engaged and inclusive workforce dedicated to creating a better Minnesota.

Join the 2,500+ professionals of Minnesota IT Services (MNIT) who connect Minnesotans to services that will improve their lives. This position will be part of the Enterprise Security team, which embeds security protection statewide.

As the Deputy Chief Information Security Officer (Deputy CISO), you will provide assistance and support to the State’s Chief Information Security Officer in the strategic direction and operation of the State’s full-spectrum information security program.  This position provides leadership, management and oversight of the programs and activities of the security teams.  The Deputy CISO establishes and implements short and long term organizational goals, objectives, strategic plans, policies, standards and operating procedures to ensure that all State information assets are adequately protected against current and future, internal and external threats.

The Deputy CISO will execute decision-making authorities and establish a vision and direction for the State’s cyber-related resources operations.  This position is a member of MNIT’s Senior Management Team and oversees strategic delivery of cybersecurity programs statewide, including cybersecurity programs for executive branch agencies and additional programs supporting local government cybersecurity program development and enhancements.

This position is currently eligible for full-time telework: 

• Telework for Minnesota IT Services allows an employee to perform work from a telework location and an employee may be required to be in the office based on business needs and other dependencies in St. Paul, Minnesota.
• Only candidates located in Minnesota and bordering states (Iowa, North Dakota, South Dakota, or Wisconsin) are telework eligible.

Minimum Qualifications

Candidates must clearly demonstrate all of the following qualifications in their resume:

Position requires a minimum of eight (8) years of experience providing leadership and management of information security program development in a large, complex environment

AND

A minimum of four (4) years of supervisory or managerial experience. Supervisory/managerial experience should cover multiple areas, such as: selecting, orienting, and training employees; coaching, counseling, and performance managing employees; planning, monitoring, and appraising job results; etc.

Experience must include:

• Leading and managing multiple teams, projects, and initiatives across the information security domains
• Effective relationship building across technical and non-technical peers to champion security initiatives and influence process to manage enterprise cybersecurity risk
• Experience in advising appropriate senior leadership or Authorizing Official of changes affecting the organization’s cybersecurity posture
• Experience implementing, operating, and applying information security and industry best practices to network, application and hardware in a regulated or life-safety business environment
• Knowledge of and experience with broadly applicable information security governance and regulation
• Advanced business, fiscal and human resource management skills to acquire the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology security goals

Preferred Qualifications

• Bachelor’s and/or Master’s degree in Information Technology OR related field
• Advanced information security certifications
• Advanced experience with information security technologies, markets and vendors
• Experience performing or supporting the performance of IT, security, or financial audits and implementing large-scale, enterprise level projects
• Highly developed communication and presentation skills and experience presenting or writing on security topics intended for non-technical audiences
• Direct experience implementing, operating in, or applying information security technology or processes to support:
  • A security monitoring and response function
  • A vulnerability scanning and penetration testing function
  • Secure application development
  • Identity and Access Management
  • Governance Risk and Compliance

Additional Requirements

This position is based in St. Paul, Minnesota. This position will require the employee to be in the office based on business needs and other dependencies.

It is the policy of Minnesota IT Services that all employees submit to a background investigation prior to employment. The background check may consist of the following components:

• SEMA4 Records Check (applies to current and past state employees only)
• Criminal History Check
• Employment Reference Check
• Social Security and Address Verification
• Education Verification
• CJIS Background Check
• Other required records checks

Minnesota IT Services will not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.