State of South Dakota
Chief Information Security Officer Job at State of South Dakota in Sioux Falls
State of South Dakota, Sioux Falls, SD, US
Job ID: 29282 Agency: Bureau of Information & Telecommunications Location:Pierre, SD or Sioux Falls, SDSalary: $107,000 - $158,000 annually, depending on qualifications Pay Grade: O Closing Date: 12/6/24 This is a Full-Time 40 Hours Weekly position with the Bureau of Information & Telecommunications (BIT). For more information on the BIT, please visit https://www.sd.gov/bit. The Chief Information Security Officer (CISO) will lead South Dakota's strategic cybersecurity vision and statewide security initiatives, focusing on proactive risk management, regulatory compliance, and embedding cybersecurity within all aspects of state government operations. This role involves coordinating with agencies to establish a cohesive security framework, prioritizing investments in security technology, and maintaining the state's readiness against evolving cyber threats. The CISO serves as the state's foremost security leader, liaising with external partners, advising executive leadership, and fostering a security-conscious culture across all state departments. Key responsibilities will include: Strategic Security Leadership: Develop and implement a cybersecurity strategy that prioritizes risk-based initiatives. Advise BIT leadership and agency executives on security policies and investment needs. Policy Oversight: Ensure statewide compliance with security policies and regulations; lead cross-agency governance to maintain consistent risk management practices. Risk Management & Threat Intelligence: Establish a comprehensive risk management framework; oversee threat intelligence programs and assess statewide security risks. Incident Response & Crisis Management: Lead Incident Response and Disaster Recovery programs, ensuring readiness and continuous improvement through post-incident analysis. Inter-Agency Coordination: Collaborate with agency leaders to embed security across operations and drive unified security practices. Security Awareness: Champion a security-conscious culture through statewide training and awareness programs. Public & Stakeholder Engagement: Represent South Dakota in federal and industry partnerships, advocating for the state's cybersecurity priorities. Budget & Resource Management: Oversee cybersecurity budgets and investments, ensuring resources align with strategic goals. Performance & Reporting: Track KPIs to monitor the effectiveness of security initiatives; provide transparent performance reports to BIT leadership. The Ideal Candidate Will Have: Bachelor's or Master's degree in Information Security, Information Technology, Computer Science, or a related field; advanced degrees are preferred. Certifications such as CISSP, CISM, or CISA are preferred to validate expertise in information security. 10 years of cybersecurity experience, including at least 5 years in an executive or senior leadership role. Proven success in managing and implementing cybersecurity strategies, policies, and compliance initiatives in a multi-agency or large enterprise environment. Strong record of collaborating with external agencies, private sector partners, and cross-functional teams. Skills & Competencies: Strategic Leadership: Ability to drive long-term cybersecurity strategy and risk management programs. Communication: Strong skills in communicating complex security concepts to executive and non-technical audiences. Technical Knowledge: Comprehensive understanding of cybersecurity frameworks, regulatory compliance, and threat intelligence. Analytical Thinking: Proficient in assessing risk, analyzing threat intelligence, and making high-stakes decisions. Collaborative Approach: Able to work across departments and with external partners to enhance state-wide security efforts. Personal Attributes: Integrity and Discretion: Trusted to handle sensitive security matters with professionalism and confidentiality. Decision-Making Skills: Proven track record of judiciously setting priorities and responding to urgent threats. Service Orientation: Strong commitment to safeguarding public assets and promoting cybersecurity best practices across agencies. Work Conditions: Availability: On-call availability required, with flexibility for extended hours during critical incidents or reviews. Physical Requirements: Standard office environment; proficiency with computer and security tools. This position is exempt from the Civil Service Act. Successful applicant(s) will be required to undergo a background investigation. An arrest/conviction record will not necessarily bar employment. The State of South Dakota does not sponsor work visas for new or existing employees. All persons hired will be required to verify identity and eligibility to work in the United States and complete an Employment Eligibility Verification, Form I-9. The State of South Dakota as an employer will be using E-Verify to complete employment eligibility verification upon hire. The State of South Dakota offers $0 premium employee health insurance option plus eleven paid holidays, generous vacation and sick leave accrual, dental, vision, and other insurance options, and retirement benefits. You can view our benefits information at https://bhr.sd.gov/job-seekers/work-for-state-government/. This position is a member of Class A retirement under SDRS. Must apply online: https://gen-stateofsouthdako-trn.inforcloudsuite.com/hcm/xmlhttp/shorturl.do?keyLT You must apply online, emailed resumes or submissions will not be accepted. South Dakota Bureau of Human Resources Telephone: 605.773.3148 Email: careersstate.sd.us http://bhr.sd.gov/workforus "An Equal Opportunity Employer" LI-Onsite