State of Oregon
Cyber Security Operations Center Director (IT Cyber Security Manager 3)
State of Oregon, Salem, Oregon, us, 97308
Cyber Security Operations Center Director (IT Cyber Security Manager 3)
Enterprise Information Services (EIS) is a state government-wide information technology (IT) organization led by Oregon's State Chief Information Officer (CIO). Cyber Security Services (CSS) brings together enterprise security - governance, policy, procedure, and operations - under a single, accountable enterprise organization. Cyber Security Services staff maintain certifications in multiple cyber disciplines to work collaboratively with key local and federal partners, EIS teams to deliver secure solutions to our statutory customers. The Director of State-Level Cyber Security Operations Center (CSOC) is a senior leadership role responsible for overseeing and managing the state's cybersecurity operations. The CSOC serves as the central hub for monitoring, detecting, analyzing, and responding to cyber threats and incidents that pose risks to the state's information systems, critical infrastructure, and data. The CSOC identifies and analyzes emerging cyber threats and vulnerabilities to the state's system. The Director leads teams of cybersecurity professionals and collaborates with various state agencies to ensure a proactive and effective defense against cyber threats. An overview of the responsibilities includes: Develop and execute the strategic vision for the State CSOC to enhance cyber threat detection and response capabilities Collaborate with the State CISO in the development and execution of the state's information security strategy and vision. Leverage threat intelligence to improve the state's cyber defenses and stay ahead of evolving threats. Collaborate with state agencies to identify and prioritize security risks and work towards their mitigation. Lead the team in identifying and analyzing emerging cyber threats and vulnerabilities to the state's systems. Ensure the CSOC's compliance with relevant regulations, laws, and standards governing cybersecurity. Prepare and present regular reports on cybersecurity threats and risk reports to state executives and interest groups. Minimum qualifications include: Seven years of supervision, management, or progressively related experience in IT incident response, vulnerability management, security, and cybersecurity operations, with experience in a leadership or managerial role; OR Four years of related experience in IT incident response, vulnerability management, and cybersecurity operations, with experience in a leadership or managerial role AND a bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. The ideal candidate will possess the following desired skills and attributes: Demonstrated skill and ability to lead while building positive business relationships with superiors, subordinates, peers, and others outside of the organization. Demonstrated leadership experience with information security strategies, policies, and procedures, as well as security frameworks, compliance regulations, and budgets. Superior ability to critically analyze complex organizational issues and develop innovative and flexible solutions, take initiative, and deliver results. Experience as a business process redesign leader with expertise to develop long-term plans and create a shared vision for the future of the organization. Demonstrated management experience in coordinating a team of security professionals and skill to cultivate talent by building resilient, growth-minded cultures that drive organizational success. Proven ability and skill to clearly explain complex/technical concepts in terms that are understandable for technical and non-technical audiences. Expertise problem-solving and decision-making skills, especially in high-pressure situations. Ability to inspire, influence, and guide teams through change. Demonstrated ability writing clear and concise reports, legally sufficient documents, technical reports, or press releases. Demonstrated experience in coordinating cybersecurity efforts across multiple agencies and partners. Experience managing or leading a cybersecurity assessment program with significant experience in cybersecurity operations and incident response to deliver cybersecurity assessments to multiple agencies and partners. Preference may be given to those candidates that have completed and are current in one or more cybersecurity certifications [e.g.: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Enterprise Defender (GCED), or Certified Ethical Hacker (CEH).] Please provide the certification details in your application materials. Extensive knowledge of information security technologies, concepts, and tools, best practices, application of NIST standards, and CIS controls (NIST Cybersecurity Framework, ISO27001, etc.) To apply, visit the State of Oregon job opportunities webpage to submit your application. Please ensure the work history in your applicant profile is up to date and attach the required documents. If you are a current State of Oregon employee, you must apply through your Workday account. Required documents: cover letter and resume. The work experience and/or education section of your application must clearly demonstrate how you meet all the minimum qualifications and desired skills and attributes listed above. Failing to attach required documents may result in disqualification of your application. The State of Oregon does not request or require your age, date of birth, attendance or graduation dates from an educational institution during the application process. Complete any supplemental questions through Workday. If you are requesting Veteran's Preference, you will receive a Workday task to submit your supporting documents. Be sure to submit your documentation prior to the close date of this posting in order to have the preference considered. Benefits of joining our team include: Comprehensive Health Coverage: Low-cost medical, vision, and dental plans for you and your family. Additional benefits include life insurance, short- and long-term disability, deferred compensation savings plans, and flexible spending accounts for health and childcare. Optional benefits including life insurance, disability, FSA, and more. Generous Paid Time Off: 11 holidays, 3 personal business days, monthly sick leave and vacation leave that Advancement and learning opportunities that will help grow your career with the State of Oregon. Public Service Loan Forgiveness: You may qualify for the PSLF program. Get There - Oregon's easy-to-use carpool matching tool and trip planner. Live, work, and play in Salem, Oregon. This position is eligible for hybrid work, in-office work may be required approximately 1x per week and as business needs determine. Terms of hybrid work and the work schedule will be discussed and agreed upon with the successful candidate and hiring manager. Additional details: This announcement is for one, full-time, permanent, Management Service, Cyber Security Operations Center Director (IT Cyber Security Manager 3) position and may be used to fill future vacancies. The salary listed is the non-PERS qualifying salary range. If the successful candidate is PERS qualifying, the salary range will reflect an additional 6.95%. Review the Classification and Compensation page for more details on the classification, or you may visit our website for information on the job offer process following pay equity. Applicants must be authorized to work in the United States. Applicants who require VISA sponsorship will not be considered at this time. Within three days of hire, applicants will be required to complete I-9 documentation and confirm authorization to work in the United States. Employee will be required to possess and maintain a valid driver's license issued by the state where the employee resides. Employee is required to obtain and maintain CJIS clearance. Finalists will be subject to a computerized criminal history check. Adverse background data may be grounds for immediate disqualification. Eligible veterans who meet the qualifications will be given veterans' preference. For more information, please visit Veterans Resources. Please save a copy of this job announcement for reference, as it is not available for you to view after the announcement deadline. If you have questions about the announcement, or need an alternate format to apply, please contact the Recruiter, Nancy Karnas at: nancy.karnas@das.oregon.gov | 971-719-3083. Helpful links & resources: How to Set Job Alerts | Workday Applicant FAQ | What You Need to Know to Get the Job Oregon Job Opportunities Webpage | Classification and Compensation | Pay Equity Come for a job. | Stay for a career. | Make a difference... for a lifetime! The Department of Administrative Services is an Equal Opportunity, Affirmative Action Employer Committed to Workforce Diversity. At the Department of Administrative Services, we embody the value of hiring a workforce representative of the communities we serve, understanding that a diverse workforce revitalizes our state. We value diversity and foster a positive and welcoming environment where all employees can thrive.
Enterprise Information Services (EIS) is a state government-wide information technology (IT) organization led by Oregon's State Chief Information Officer (CIO). Cyber Security Services (CSS) brings together enterprise security - governance, policy, procedure, and operations - under a single, accountable enterprise organization. Cyber Security Services staff maintain certifications in multiple cyber disciplines to work collaboratively with key local and federal partners, EIS teams to deliver secure solutions to our statutory customers. The Director of State-Level Cyber Security Operations Center (CSOC) is a senior leadership role responsible for overseeing and managing the state's cybersecurity operations. The CSOC serves as the central hub for monitoring, detecting, analyzing, and responding to cyber threats and incidents that pose risks to the state's information systems, critical infrastructure, and data. The CSOC identifies and analyzes emerging cyber threats and vulnerabilities to the state's system. The Director leads teams of cybersecurity professionals and collaborates with various state agencies to ensure a proactive and effective defense against cyber threats. An overview of the responsibilities includes: Develop and execute the strategic vision for the State CSOC to enhance cyber threat detection and response capabilities Collaborate with the State CISO in the development and execution of the state's information security strategy and vision. Leverage threat intelligence to improve the state's cyber defenses and stay ahead of evolving threats. Collaborate with state agencies to identify and prioritize security risks and work towards their mitigation. Lead the team in identifying and analyzing emerging cyber threats and vulnerabilities to the state's systems. Ensure the CSOC's compliance with relevant regulations, laws, and standards governing cybersecurity. Prepare and present regular reports on cybersecurity threats and risk reports to state executives and interest groups. Minimum qualifications include: Seven years of supervision, management, or progressively related experience in IT incident response, vulnerability management, security, and cybersecurity operations, with experience in a leadership or managerial role; OR Four years of related experience in IT incident response, vulnerability management, and cybersecurity operations, with experience in a leadership or managerial role AND a bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. The ideal candidate will possess the following desired skills and attributes: Demonstrated skill and ability to lead while building positive business relationships with superiors, subordinates, peers, and others outside of the organization. Demonstrated leadership experience with information security strategies, policies, and procedures, as well as security frameworks, compliance regulations, and budgets. Superior ability to critically analyze complex organizational issues and develop innovative and flexible solutions, take initiative, and deliver results. Experience as a business process redesign leader with expertise to develop long-term plans and create a shared vision for the future of the organization. Demonstrated management experience in coordinating a team of security professionals and skill to cultivate talent by building resilient, growth-minded cultures that drive organizational success. Proven ability and skill to clearly explain complex/technical concepts in terms that are understandable for technical and non-technical audiences. Expertise problem-solving and decision-making skills, especially in high-pressure situations. Ability to inspire, influence, and guide teams through change. Demonstrated ability writing clear and concise reports, legally sufficient documents, technical reports, or press releases. Demonstrated experience in coordinating cybersecurity efforts across multiple agencies and partners. Experience managing or leading a cybersecurity assessment program with significant experience in cybersecurity operations and incident response to deliver cybersecurity assessments to multiple agencies and partners. Preference may be given to those candidates that have completed and are current in one or more cybersecurity certifications [e.g.: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Enterprise Defender (GCED), or Certified Ethical Hacker (CEH).] Please provide the certification details in your application materials. Extensive knowledge of information security technologies, concepts, and tools, best practices, application of NIST standards, and CIS controls (NIST Cybersecurity Framework, ISO27001, etc.) To apply, visit the State of Oregon job opportunities webpage to submit your application. Please ensure the work history in your applicant profile is up to date and attach the required documents. If you are a current State of Oregon employee, you must apply through your Workday account. Required documents: cover letter and resume. The work experience and/or education section of your application must clearly demonstrate how you meet all the minimum qualifications and desired skills and attributes listed above. Failing to attach required documents may result in disqualification of your application. The State of Oregon does not request or require your age, date of birth, attendance or graduation dates from an educational institution during the application process. Complete any supplemental questions through Workday. If you are requesting Veteran's Preference, you will receive a Workday task to submit your supporting documents. Be sure to submit your documentation prior to the close date of this posting in order to have the preference considered. Benefits of joining our team include: Comprehensive Health Coverage: Low-cost medical, vision, and dental plans for you and your family. Additional benefits include life insurance, short- and long-term disability, deferred compensation savings plans, and flexible spending accounts for health and childcare. Optional benefits including life insurance, disability, FSA, and more. Generous Paid Time Off: 11 holidays, 3 personal business days, monthly sick leave and vacation leave that Advancement and learning opportunities that will help grow your career with the State of Oregon. Public Service Loan Forgiveness: You may qualify for the PSLF program. Get There - Oregon's easy-to-use carpool matching tool and trip planner. Live, work, and play in Salem, Oregon. This position is eligible for hybrid work, in-office work may be required approximately 1x per week and as business needs determine. Terms of hybrid work and the work schedule will be discussed and agreed upon with the successful candidate and hiring manager. Additional details: This announcement is for one, full-time, permanent, Management Service, Cyber Security Operations Center Director (IT Cyber Security Manager 3) position and may be used to fill future vacancies. The salary listed is the non-PERS qualifying salary range. If the successful candidate is PERS qualifying, the salary range will reflect an additional 6.95%. Review the Classification and Compensation page for more details on the classification, or you may visit our website for information on the job offer process following pay equity. Applicants must be authorized to work in the United States. Applicants who require VISA sponsorship will not be considered at this time. Within three days of hire, applicants will be required to complete I-9 documentation and confirm authorization to work in the United States. Employee will be required to possess and maintain a valid driver's license issued by the state where the employee resides. Employee is required to obtain and maintain CJIS clearance. Finalists will be subject to a computerized criminal history check. Adverse background data may be grounds for immediate disqualification. Eligible veterans who meet the qualifications will be given veterans' preference. For more information, please visit Veterans Resources. Please save a copy of this job announcement for reference, as it is not available for you to view after the announcement deadline. If you have questions about the announcement, or need an alternate format to apply, please contact the Recruiter, Nancy Karnas at: nancy.karnas@das.oregon.gov | 971-719-3083. Helpful links & resources: How to Set Job Alerts | Workday Applicant FAQ | What You Need to Know to Get the Job Oregon Job Opportunities Webpage | Classification and Compensation | Pay Equity Come for a job. | Stay for a career. | Make a difference... for a lifetime! The Department of Administrative Services is an Equal Opportunity, Affirmative Action Employer Committed to Workforce Diversity. At the Department of Administrative Services, we embody the value of hiring a workforce representative of the communities we serve, understanding that a diverse workforce revitalizes our state. We value diversity and foster a positive and welcoming environment where all employees can thrive.