What are the responsibilities and job description for the Senior Information Security Manager position at State of Colorado?
Colorado Legislative Council Staff (LCS), is the nonpartisan research agency of the Colorado General Assembly, the legislative branch of the State of Colorado. Legislative Information Services (LIS), the technology team within Legislative Council Staff, is responsible for developing, maintaining and securing all information and technology systems for legislators and legislative staff.
Legislative Council Staff is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We are committed to increasing the diversity of our staff; therefore, we encourage responses from people of diverse backgrounds and abilities.
When you join LCS, you can expect:
http://leg.colorado.gov/agencies/legislative-council-staff. We’re seeking a Senior Information Security Manager to lead and oversee the information security program for the Colorado General Assembly. This position’s role is to provide vision and leadership for developing and supporting security initiatives; and overseeing the information security posture for the Colorado legislature. You will need to have multi-faceted experience in information access management, security incidence response, secure data governance, vulnerability testing, risk analyses and security assessments. It will be your responsibility to ensure compliance with cybersecurity standards, policy, regulations and legislation and to collaborate with others. You will make a direct impact on keeping the Colorado legislature’s digital infrastructure, information and systems secure while promoting an information security awareness culture in the organization. Within this unique organization you will experience challenging work while directly contributing to the betterment of Colorado.
Primary Responsibilities. In this position, you will be required to:
Your educational background is a Bachelor’s degree from an accredited university or equivalent relevant technical and management work experience in the area of information security. You should have at least 5 years of experience leading an IT information security operation.
Traits. You shall demonstrate the following traits:
Technical knowledge, skills, and abilities. You should have:
Legislative Council Staff is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We are committed to increasing the diversity of our staff; therefore, we encourage responses from people of diverse backgrounds and abilities.
When you join LCS, you can expect:
- to fill a vital role in supporting Colorado’s lawmakers to serve our state and uphold the democratic process;
- to join a supportive and collegial culture that is driven by our shared mission, vision, and values;
- to work for an organization committed to balancing our important work for the state legislature with employees’ lives outside of work;
- to be supported in your continual professional development and growth; and
- to work for an organization that recognizes the unique talents, backgrounds, and contributions of our individual employees.
http://leg.colorado.gov/agencies/legislative-council-staff. We’re seeking a Senior Information Security Manager to lead and oversee the information security program for the Colorado General Assembly. This position’s role is to provide vision and leadership for developing and supporting security initiatives; and overseeing the information security posture for the Colorado legislature. You will need to have multi-faceted experience in information access management, security incidence response, secure data governance, vulnerability testing, risk analyses and security assessments. It will be your responsibility to ensure compliance with cybersecurity standards, policy, regulations and legislation and to collaborate with others. You will make a direct impact on keeping the Colorado legislature’s digital infrastructure, information and systems secure while promoting an information security awareness culture in the organization. Within this unique organization you will experience challenging work while directly contributing to the betterment of Colorado.
Primary Responsibilities. In this position, you will be required to:
- Align cybersecurity and business objectives
- Reduce organizational cyber risk
- Plan and execute on information security program roadmap
- Report on cybersecurity program, initiatives, planning and issues
- Promote a strong information security culture
- Manage security compliance and incident response
- Manage vendors
- Oversee a cybersecurity team
- Other information security related responsibilities, as required
To fulfill these responsibilities, you will need to:- Develop and maintain information security plans for data, systems, infrastructure and business processes
- Manage the cyber risk assessment program
- Continually create, evaluate, and update security policies, processes and control procedures
- Manage internal information security audits and remediation of findings
- Oversee vulnerability scans; evaluate security posture of the organization
- Work with other IT teams to implement security controls
- Oversee the data governance and data handling program
- Manage the security awareness training program
- Monitor incident response activities and provide leadership in managing security breaches
- Promote application security development best practices
- Partner in disaster recovery and business continuity planning
- Coordinate with inter-agency information security groups
Your educational background is a Bachelor’s degree from an accredited university or equivalent relevant technical and management work experience in the area of information security. You should have at least 5 years of experience leading an IT information security operation.
Traits. You shall demonstrate the following traits:
- Security thought leadership
- Think strategically while being hands on
- Empathetic listening with excellent interpersonal skills
- Attention to detail
- Effective time management and ability to prioritize across multiple projects simultaneously
- Strong collaboration skills and flexibility to work with stakeholders with varying perspectives
- Take ownership of and be accountable for the security program, issues, and plan execution
- Demonstrated technical and business problem solving skills
- Maintain confidentiality
Technical knowledge, skills, and abilities. You should have:
- Demonstrable experience with ISO/IEC 27001, NIST CSF, NIST SP 800-53 or CIS Controls
- Certifications such as ISC2 CISSP, ISACA CISM, etc.
- Experience in (Linux/Windows) server administration, SAN, firewall, networking, etc.
- Excellent knowledge of technology environments related to information security
- Excellent understanding of project management principles
- Experience with information security related change management
- Knowledge of applicable laws and regulations as they relate to security
- Extensive experience in enterprise security architecture design and documentation
- Experience in designing and delivering employee security awareness training
- Experience in developing Business Continuity Plans and Disaster Recovery Plans
- Experience in Intrusion Prevention Systems and Event Correlation systems
Information Systems Security Manager (ISSM)
Cymertek -
Aurora, CO
Senior Technology Information Security Officer (Sr. BISO)
Bank of America -
Denver, CO
Threat Hunter - Senior Information Security SME
Edgewater Federal Solutions, Inc. -
Denver, CO
