IT Security Manager

Full Job Description

AGRICULTURE - A Cornerstone of Washington's Economy

The Washington State Department of Agriculture has been serving the state for more than 100 years.

Through service, regulation, and advocacy, we keep agriculture viable and vital in Washington State, while protecting consumers, public health, and the environment.

We work extensively with farmers and ranchers, but our responsibilities – from ensuring food safety to environmental protection – touch the lives of millions of people locally, nationally, and abroad.

The agency includes 780 employees approximately and grows close to 1,000 employees at the peak of seasonal work. To learn more and view additional openings, please visit our Employment Page.

The Opportunity

This position oversees the Agency’s Information Technology security and risk management functions for new, existing, and enhanced services critical to the agency.

Using an in-depth understanding of industry trends and available technologies, the position partners with peers, internal and external stakeholders to recommend and develop solutions to support the agency mission.

The role will provide leadership, direction and oversight to implement and maintain a comprehensive agency-wide IT plan that aligns with business strategy.

Responsible for advancing shared information systems and security compliant enterprise architecture throughout the agency, including internally developed and externally provided business solutions.

The position is able to effectively articulate to staff the vision and direction of IT and how that fits in with the agency’s overall goals and objectives. Through the demonstration of effective leadership and supervisory skills they foster an environment of performance and accountability where employees feel valued and respected and are empowered to achieve success.

This position is expected to maintain the highest level of cross functional technical and business understanding for IT, Cybersecurity, and Risk Management for the Agency.

Requirements

Include but not limited to:

Security Program

• Develop and maintain Agency Cybersecurity Program and is responsible for the strategic planning and alignment with State and Agency level strategies.
• Evaluate staff provided recommendations of new information security technologies and countermeasures against threats to information or privacy.
• As a member of State Level policy development committees, this position identifies information technology security initiatives and standards for the State Enterprise and develops Agency policy and strategies which align with State goals.
• Manage the development, implementation, and maintenance of the WSDA information security policy, standards, guidelines and procedures.
• Develop the access and authorization controls for everyday operations as well as emergency procedures for data.
• Set the standards for access controls, audit trails, event reporting, encryption and integrity controls.
• Keep abreast of latest security and legislation, regulations, advisories, alerts and vulnerabilities pertaining to WSDA’s IT investments.
• Provide Bill Analysis for proposed legislature that would impact Cybersecurity, IT, and Agency related business operations related to IT by conducting impact and cost analysis and providing expert level feedback used by the legislative body.

Security Risk and Prevention

• Develop and implement an ongoing risk management program targeting information security and privacy matters.
• Act as the Agency IT Risk Manager.
• Determine the methods for vulnerability detection and remediation and oversee ongoing vulnerability testing.
• Lead the information technology security assessments to identify agency risk due to changes or modifications to the WSDA computing environment.
• Direct the agency security assessments/audits to identify vulnerabilities in security program and policies.
• Control testing of security procedures, mechanisms and measures.
• Collaborate with Federal and State auditors, Agency managers, and subject matter experts for satisfactory completion of compliance and program audits of the WSDA information security program.

Security Incident and Authoritative Contact

• Act as the Incident Commander as defined by the National Incident Management Framework.
• Responsible for all aspects of cybersecurity emergency response; including quickly developing incident objectives, managing all incident operations, application of technical resources as well as responsibility for all persons involved.
• Agency designated manager of security incident reporting and official responses to security incidents (breaches), responds to potential policy violations, or complaints from external parties.
• Work with Federal and State incident responders in relation to cybersecurity issues as incident require (FBI, DHS, OCIO, OCS).
• Lead the oversight and activities for intrusion detection and response.
• Ensure the internal control systems are monitored and that appropriate access levels are maintained.
• Investigate agency security breaches and develop agency after-action reports for CIO.
• Act as the CIO's designee representing WSDA on information security matters.
• Serve as the contact point for external auditors and agencies, survey requests, etc. and on department security/privacy matters.
• Initiate, facilitate, and promote activities to create information security awareness and training throughout the organization.

Supervision and Mentoring

• Supervise and mentor technical level staff in order to support an effective, motivated team.
• Set strategic goals and objectives, develop strategies to implement, and develop performance measurements and standards for the purpose of ensuring individual and program performance objectives are met.
• Monitor and inspect work in progress to ensure continuity and timely completion of work.
• Develop the Performance Development Plan (PDP) for each assigned direct report; create or update position descriptions; monitor and document employee performance; provide on-going feedback regarding levels of performance and conduct timely and meaningful employee performance evaluations.
• Manage personnel issues relating to staff conflicts, absenteeism, performance issues, etc. in a positive manner for the purpose of ensuring the efficient and effective functioning of the work unit.
• Develop and implement staff training and development plans to provide cross training of employees, specific job related training and other approaches to provide opportunities for staff flexibility and development.

Qualifications

Professionals with:

Required Qualifications:

• A bachelor’s degree in computer science.

• Five (5) years of experience and/or training related to the Information Security Technology field.

• Equivalent combination of education and professional experience related to the Information Security Technology field.

• Six (6) or more years of recent experience (within the last 6 years) with cybersecurity risk assessment methodologies (NIST, HITECH, RMF).
• Six (6) or more years of recent IT experience (within the last 5 years) including vulnerability scanning, risk assessments, and incident response.
• Working knowledge of prevailing industry security standards and Common Body of Knowledge gained via a CISSP, SANS, and/or CISA Certification(s).
• Demonstrated experience with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) or other NIST standards.

Desired Qualifications:

• CISSP (Certified Information Systems Security Professional) this certification is required within the first six months of WSDA employment.
• Experience working in cloud-based environments such as AWS and Azure.
• Experience operating and analyzing logging and monitoring systems, antivirus solutions, and security configurations.
• Working knowledge of Washington State Security Standards and Office of the Chief Information Office policies.

Additional Information

Employee Benefits

• A healthy work/life balance, which may include flexible work schedules, and teleworking.
• WSDA provides an excellent benefits package beyond traditional benefits. State employment offers Dependent Care Assistance, Flexible Spending Accounts, Public Service Loan Forgiveness, Tuition Waiver, Deferred Compensation, Employee Recognition Leave; click here for more information.
• 12 paid Holidays & Vacation and Leave Accruals.
• All Personal Protective Equipment (PPE) required will be provided by the agency.

How to apply

You must complete your careers.wa.gov profile and answer the supplemental questions. In addition to completing the online application, and supplemental questions applicants must attach the following documents to their profile to be considered for this position:

· A resume detailing experience and education

· A cover letter describing how you meet the specific qualifications for this position

· Three professional references

By submitting these materials, you are indicating that all information is true and correct. The state may verify information. Any untruthful or misleading information is cause for removal from the applicant pool or dismissal if employed.

If you are having technical difficulties creating, accessing, or completing your application, please call NEOGOV toll-free at (855) 524-5627 or email support@neogov.com.

The initial screening will be solely based on the contents and completeness of your application and the materials submitted. All information may be verified, and documentation may be required.

Applications received via e-mail will not be accepted in lieu of applying through the state's on-line recruitment system.

WSDA uses a I-9 form(Download PDF reader) to determine Employment Eligibility and Verification, once hired. This document is the authorization of an individual’s ability to be hired for employment within the United States. Applicants must be eligible to work in the United States.

Equity at WSDA

The Department of Agriculture recognizes, appreciates, supports, embraces, and respects all cultural identities and backgrounds while we collaborate in authentic ways.

We hire amazing people that share in the commitment to our Pro-Equity Anti-Racist (PEAR) strategic plan, our Healthy Environment for All (HEAL) Act implementation plan, and our unique needs and desires for belonging, respect, and inclusion.

We value the growth and development of our team members by providing equitable access to resources and opportunities for continuous learning, improvement, and advancement.

We strive to hire, cultivate, and retain a productive and dedicated workforce that reflects the communities we serve while we are committed to a workplace that celebrates our differences and supports equal opportunity employment and inclusion regardless of race, creed, color, national origin, citizenship or immigration status, marital status, families with children (including pregnancy, childbirth, or related medical conditions), sex, sexual orientation, gender identity diversity, age, status as a protected veteran, honorably discharged veteran or military status, status as an individual with the presence of any sensory, mental, or physical disability or the use of a trained dog guide or service animal by a person with disabilities or other applicable legally protected characteristics.

We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws.

Contact Us

Should you have any questions regarding this position or the online application, contact the Human Resource Office at Recruitment@agr.wa.gov.

Prior to a new appointment into the Department of Agriculture, a background check including criminal record history will be conducted.

Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.

The Human Resources Division may use referrals from this recruitment to help fill future similar vacancies for up to six months.

Veteran's Preference: Applicants who meet the minimum qualifications and wish to claim Veteran's Preference MUST attach a copy of their DD214, or other verification of military service.

Please blackout any personally identifiable data such as social security numbers. For additional information on Veteran's Preference and guidance on how to determine if you are eligible, click here.

Persons with a disability, who need assistance with their application or need this announcement in an alternative format, may call 664-1960 or toll free (877) 664-1960. TTY users should first call 711 to access the Washington Relay Service.

For more information about the Washington State Department of Agriculture, visit us at www.agr.wa.gov.