Agency Enterprise Risk and Security Director

Job Code: 32002427
Salary Grade: DT13

Class Concept

This level of IT executive management directs the planning and implementation of enterprise IT system, business operation, and facility defenses against security breaches and vulnerability issues. This level of agency enterprise IT security role is responsible for the development and enforcement of security policy and strategy for the agency. Oversees the selection, development, deployment, monitoring, maintenance, and enhancement of the agency security technology. Provides strategic leadership and administers security and risk determination programs and procedures for the agency by providing direction to all units. This position supports agencies with wide scope and complexity, and which include multiple statewide systems which directly interface with the public. Typically, this role supervises several IT Security & Compliance Managers.

Recruitment Requirements

Knowledge, Skills, and Abilities

• Thorough knowledge of risk management in the areas of operations, technology, security, data strategy, people, exogenous factors, and disaster recovery.
• Thorough knowledge in IT security disciplines and extensive experience with strategic planning to create integrated risk strategies.
• Ability to apply and enforce laws, regulations, and policies across all areas of risk.
• Solid teamwork and interpersonal skills and the ability to communicate with customers, employees and senior management.
• Excellent oral/written communication and ability to present and discuss technical information in a way that establishes rapport, persuades others and gains understanding.
• Experience with creating policies and/or programs across multiple units within the agency.
• Ability to exercise independent judgment and creative problem-solving techniques in a highly complex environment using leading edge technology and/or diverse user systems.
• Strong business planning, analytical and conceptual skills.
• Ability to develop new system approaches, solve problems and seize opportunities for sustaining business success.
• Considerable project management skills, including the ability to effectively deploy resources and manage multiple projects of various diverse scope in cross-functional environment.

Minimum Education and Experience

Bachelor's degree in computer science or an IT related field from an appropriately accredited institution and six years of progressive experience in the field of information technology including at least three years of supervisory or management experience related to IT security; or Associate degree in computer science or an IT related field from an appropriately accredited institution and eight years of progressive experience in the field of information technology including at least three years of supervisory experience related to IT security; or an equivalent combination of education and experience.