Chief Information Security Officer

Introduction

The Department of Corrections is focused on public safety through the custody and supervision of those in our care. Corrections employees have the opportunity to positively impact the lives of others through careers in a variety of fields.

Using cutting-edge research and evidence-based approaches, employees implement lasting change with a positive impact for the people of Wisconsin.

The Division of Management Services, Bureau of Technology Management is currently recruiting to fill a Chief Information Security Officer (Management Information Chief) position.

This position will be located at our central office at 3099 E. Washington Ave., Madison, WI.

NOTE : This position is eligible to work remotely up to 3 days per week.

In addition to meaningful and rewarding work, we offer a competitive package featuring :

• including at least 3.5 weeks of vacation to start, nine paid holidays, and ample accrued sick time that rolls over each year.
• A casual office atmosphere and flexible work schedules depending on the position’s requirements
• An exceptional pension plan with employer match and lifetime retirement payment, plus an optional tax advantaged 457 retirement savings plan
• DOC is a qualifying employer for the program.
• Wellness Program
• A free and confidential employee assistance program that offers employees and their immediate family dependents a variety of tools, resources, and professional consultation services to support their health, goals, and overall well-being

Please click for a quick downloadable summary of State of Wisconsin employment benefits or click to explore State of Wisconsin employment benefits on the website.

To help you understand what your benefits package would be worth, please see the Total Rewards Calculator .

Position Summary

This position oversees and leads the Information Security Section and is responsible for the agency’s IT security program and the security of agency data by developing and administering policies and initiatives that comply with mandates from the state’s Division of Enterprise Technology (DET);

Federal laws, regulations, and guidelines; and sound security and privacy practices. This position is also the agency’s HIPAA Security Officer, working with divisional staff to implement policies and procedures to avoid, identify, contain, and resolve breaches of ePHI (electronic personal health information).

Other responsibilities include conducting audits and remediation of existing systems and leading the effort to identify, assess, and communicate internal and external threats, vulnerabilities, and risks as well as ensuring that robust monitoring, timely detection, containment and incident response necessary to mitigate the exposure caused by the breach is in place.

Salary Information

The starting pay is between $100,000 and $126,568 per year; plus excellent benefits. Pay upon appointment may vary and will be in accordance with language in the Compensation Plan, Statutes, and Administrative Code.

This is a Career Executive position in pay schedule / range 70-02. A two-year Career Executive trial period is required.

Job Details

Applicants must be legally entitled to work in the United States (i.e., a citizen or national of the U.S., a lawful permanent resident, an alien authorized to work in the U.

S. without DOC sponsorship) at the time of application. The Department of Corrections will conduct criminal background checks on applicants prior to selection to determine whether the circumstances of any conviction may be related to the job being filled.

Upon hire, all new DOC employees are subject to fingerprinting.

The Department of Corrections may conduct pre-employment drug screens. Any applicant who is offered employment in a position which requires a pre-employment drug screen must pass the screen as a contingency to employment.

Applicants who fail or refuse the drug screen will not be given further consideration for employment.

Qualifications

Minimally qualified candidates will have experience :

• Developing and implementing IT security standards, policies, and / or procedures
• Supervising and managing employees (e.g., hiring; assigning, directing, and evaluating work; disciplinary matters; developing performance standards and providing training)
• Coordinating and managing an IT Incident Response Team (IRT)

In addition to the above, well-qualified candidates will have experience :

• Auditing and evaluating IT security compliance procedures and effectiveness; recommending corrective action as needed.
• Conducting IT security reviews and vulnerability assessments
• Investigating and reporting on IT security breaches and violations
• Developing and implementing security policies and procedures related to HIPAA
• Overseeing and directing the deployment of enterprise / organizational wide IT security tools
16 days ago