Apollo ITS
Cyber security Program Manager
Apollo ITS, Boise, Idaho, 83708
Title: Cyber security Program Manager Location: Boise, ID (Hybrid) Duration: 12 Months Type: Contract Note: IMPORTANT NOTE: This is a hybrid schedule requiring 3 days/week ONSITE and 2 days/week remote. Fully remote work WILL NOT be considered. Because of this onsite requirement, LOCAL CANDIDATES should be submitted. Job Description: General Position Summary: The Cybersecurity Program Manager is responsible for ensuring the CISO's strategy for protecting the Idaho Judiciary's networks, systems, and applications are effectively implemented. This position will assist with determining, analyzing, and proposing security requirements, policies, and technical solutions. This position will work as the liaison for the Information Division to other functional business units representing security concerns and initiatives. This position works under the direction of the CISO. How We Work: The Administrative Office of the Courts is committed to supporting the mission of the Idaho Courts through the use of an agile approach that aligns strategy, work, and capacity. This approach empowers our employees to respond quickly and efficiently to meet the needs of our customers: citizens, courts, judges, employees, and other stakeholders. We believe in continual improvement of our services and products to better serve and support our customers and the evolving environment. Employees are future-focused, take initiative, and are personally responsible for work delivery and professional growth. Our leaders are committed to professional development and growth of employees by empowering and supporting motivated individuals; providing clarity and focus for projects; giving those individuals the environment and support they need; and fostering a culture of collaboration, transparency, learning, trust and shared accountability. Major Duties and Responsibilities: (The examples provided do not cover all the duties which the incumbent in this position may be required to perform.) Assists with obtaining approval of security systems for the Idaho Courts; Tracks and monitors the implementation of security policies and procedures; Ensures tracking of personnel compliance with cybersecurity policies; Works with Client functional business units to track outstanding security compliance questions; Ensures cybersecurity strategy, initiative, and solutions are effectively implemented; Tracks proposed solutions and coordinates actions to mitigate system security threats and risks; Assists with security product evaluation and recommendations to improve the Court's security posture; Assist with leading and tracking the status of the development of security incident response plans and organizes incident response exercises and testing; Assists with review and identification of root causes of security incidents, identifies and tracks corrective actions, risks, and future proactive/preventive actions; vulnerability/risk management processes are being documented in order to improve vulnerability assessments, penetration testing, vulnerability remediation and compliance testing; Ensures reporting and tracks vulnerability and threat trends, including metrics for tracking and analyzing vulnerability remediation efforts. Minimum Qualifications: The Judicial Branch reserves the right to consider an equivalent combination of education, training, and/or experience in determining whether an applicant is capable of performing the assigned duties and fulfilling the assigned responsibilities of this position. Five (5) years of experience in cybersecurity Two (2) years of experience in a program management or leadership role; Cybersecurity certifications such as CISSP, CISM, CISA, or equivalent, preferred; Project Management Professional (PMP) or equivalent project management certification, preferred; Experience with risk management, incident response, and threat assessment; Familiarity with security tools and technologies (e.g., firewalls, intrusion detection systems). Knowledge, Skills, and Abilities Client Information Knowledge of enterprise security architecture and compliance principles; Knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001); Knowledge of infrastructure and application security design; Knowledge of operating systems such as Windows, Windows Server, and VMware as well as Linux and Unix; Knowledge of security compliance and risk management; Knowledge of security awareness, education, and training programs; Knowledge of application and operating systems security configuration and best practices; Skill in communicating complex information in an understandable manner; Skill in identifying complex issues and proposing feasible, cost-effective solutions; Skill in project management, including planning, execution, and monitoring of cybersecurity initiatives; Ability to work independently; Ability to provide leadership to staff; Ability to communicate effectively verbally and in writing, including developing reports and using metrics for illustration; Ability to match system solutions to specific user requirements and functions; Ability to develop and interpret complex policies and procedures; Ability to display an attitude of cooperation and work harmoniously with all levels of court employees, the general public, and other organizations.