The Deputy Information Security Officer will be responsible for office operations of the Information Security Office and assist the CISO with management of the Information Security Program. Collaborate, on behalf of the CISO, with key business and IT leaders to ensure information security compliance, to develop security policies, standards, procedures and action plans. Consult with senior IT and business leaders regarding their information security risks and responsibility in minimizing those risks. Must maintain reliable, up- to-date, information from the federal and local government and across the industry regarding identification of new threats and vulnerabilities. Manage the day to day operations and staff of the Information Security Office. Oversee the Information Security’s GRC program. Develop metrics and status reports for the information security program and manage the coordination of state and UT System Reporting
Bachelor of Science in related field such as Computer Science, Management Information Systems, Information Science and Security, or related field. Bachelor degree in an unrelated field is acceptable with demonstrated information security knowledge and experience. A minimum of 7 years of progressively responsible and demonstrated information technology or information security work experience, including experience in designing, implementing, auditing and/or managing information resources, information security, or risk management projects, operations, and/or programs. Demonstrated experience with developing and maintaining information security policies and procedures. Extensive knowledge of and experience in information technology, information security and/or risk management. 2 years supervisory experience required. Experience supervising, coaching, and mentoring information technology professionals. Must have excellent interpersonal, verbal and written communication skills. Successful experience working, collaborating and establishing credibility and relationships with senior leadership, colleagues and customers. Ability to translate technical language to common language for non-technical users.