Information Security Officer
Information Security Officer
Posted on :
04-10-2024
Employer Active
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Information Security Officer
Location :100 Community Place Crownsville MD 21032
Inperson/telework hybrid
Must also be able to travel throughout Maryland
Deadline for submission : 10/04/2024
Background:
The Department of Information Technology (DoIT) Office of Security Management (OSM) is requiring the services of Information Security Officer (ISO) Subject Matter Experts to support OSM in coordinating the adoption and
implementation of centrally provided cyber security services.
The Information Security Officer/Subject Matter Expert (ISO) will play an active role in integrating DoIT managed services and providing tailored cybersecurity consultation to meet the unique mission needs of various agencies.
Embedded within these agencies the ISO will serve as the primary point of contact ensuring that cybersecurity solutions are effectively aligned with agency objectives with the Cybersecurity Framework (CSF). The ISO will regularly
assess and address cybersecurity needs develop and implement risk management strategies support incident response and maintain security awareness programs. The ISO is expected to reach back to DoIT through the ISO Program Director to answer questions and gather consensus on direction. Close collaboration with the ISO Program Coordinator and the ISO Program Director will be essential to ensure consistent alignment with DoITs cybersecurity goals policies and procedures. These positions require a minimum of 5 years of experience in cybersecurity with relevant certifications such as CISSP or CISM strong communication skills and the ability to manage complex security risks. Prior experience and familiarity with federal state and local government agencies is highly desirable. The ISO will be expected to travel as needed to fulfill their duties.
Duties and Responsibilities:
Develop and maintain metrics to track adoption rates and regularly assess and enhance security controls
conducting assessments and evaluations to ensure effectiveness and compliance with established standards.
Review and implement security policies to ensure compliance with regulatory requirements and organizational standards.
Conduct thorough reviews of vulnerability data coordinating with stakeholders to prioritize and address identified vulnerabilities effectively.
Actively participate in Authorization to Operate (ATO) assessments contributing expertise to ensure systems meet security requirements for operation.
Collaborate with crossfunctional teams to develop and enhance security protocols and procedures for seamless integration and utilization.
Regularly report on adoption rates and identify areas for improvement.
Monitor security systems to detect and respond to potential threats.
Act as the primary point of contact for ISO agencyrelated inquiries and engagements.
Monitor progress against established plans and adjust as necessary.
Develop strategic plans and roadmaps for service delivery.
Implement measures to address identified vulnerabilities
Participate in the design and implementation of secure system architectures.
Develop and deliver security awareness training programs for employees.
Ability to Develop and maintain an incident response plan.
Lead and manage securityrelated projects ensuring timely and successful completion.
Prepare and present security reports to management and stakeholders.
Maintain accurate and uptodate security documentation.
Ensuring efficient allocation of resources.
Prepare and present security reports to management and stakeholders.
Maintain accurate and uptodate security documentation.
Ensuring efficient allocation of resources.
*Education:
Bachelors degree in computer science information technology Information Security Cybersecurity or related field.
Advanced degrees or certifications such as CISSP CISM or CISA Sec CISSO.
*General Experience:
Minimum of 5 years experience in information security management IT administration or related fields.
3 years experience in implementing cyber assessment and remediation plans procedures and cyber defense
operations.
Practical experience with security technologies incident response risk management and compliance.
Analytical and problemsolving skills with the ability to analyze complex security issues and develop effective
solutions.
*Specialized Experience:
Specific experience in implementing ISO plans procedures and cyber defense operations.
Experience tracking adoption rates and implementing centrally managed cyber services.
Experience in developing strategic plans roadmaps and business cases for new cybersecurity initiatives
*Preferred Qualifications:
Graduate degree or certifications such as CISSP CISM or CISA
Strong knowledge of industry standards regulations and best practices related to information security including ISO 27001 and NIST Cybersecurity Framework.
Excellent communication and collaboration skills with the ability to effectively communicate technical concepts.
Strong analytical and problemsolving abilities.
Meticulous attention to detail to identify and mitigate security risks.
Understanding of various security protocols standards and methodologies. Proven experience in managing
scalable cybersecurity projects including planning execution monitoring and closing phases.
Ability to coordinate crossfunctional teams and manage multiple projects simultaneously.
Project management skills with experience in planning scheduling and monitoring the delivery of cybersecurity services.
The candidate must be able to travel to the Maryland Department of Information Technology (DoIT) office located in Crownsville MD as well as to various agencies within the Baltimore/Annapolis region.
Familiarity with federal state and local regulations related to information security and privacy.
Experience in implementing ISO plans procedures and cyber defense operations.
Experience tracking adoption rates and implementing centrally managed cyber services.
Experience in developing strategic plans roadmaps and business cases for new cybersecurity initiatives.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
