Assistant Chief Information Security Officer
- Summary
King County Department of Information Technology (KCIT) is seeking an Assistant Chief Information Security Officer to join our team. King County’s cybersecurity program is comprised of governance, strategy and risk and compliance management as well as architecture, engineering and operations. The Assistant Chief Information Security Officer (Assistant CISO) primarily focuses on the architecture, engineering and operations elements of King County’s cybersecurity program.
King County Department of Information Technology (KCIT)
KCIT is providing the building blocks for many of the region's most critical services. As the business solutions partner, we collaborate with the 18 County departments to develop products and services that better serve the needs of our customers and our community. To learn more about KCIT, please visit: http://kingcounty.gov/depts/it.aspx
As the first place recipient of the 15th annual National Association of Counties (NACo) Digital Counties Survey, KCIT was recognized for its vision, strategy, innovation, and collaboration. Previously earning top 10 digital county honors in the last eleven years from the Center for Digital Government, KCIT has a focus of delivering smart technology solutions that support customers, building stronger communities through innovative information technology.
Teleworking Requirement
The work associated with this position will be performed through a combination of teleworking complemented with onsite work and meetings as needed. Employees will have access to shared workspaces at various King County facilities. Employees must reside in Washington state and within a reasonable distance to their King County worksite to respond to workplace reporting requirements.
Employees will be provided with a County issued laptop and must maintain a workspace with an internet connection (access may be supplemented in some situations) where they can reliably perform work and remain available and responsive during scheduled work hours. Please note that when an employee conducts work that is likely to bring them in contact with another individual, safety precautions are required, including the wearing of masks in some situations. King County is doing its part to reduce the spread of COVID-19 and remains committed to reducing our carbon footprint.
King County has a robust collection of tools and resources to support working remotely. The individual selected for this opportunity will be joining an innovative and progressive team that is redefining how we work as we transition to the department's hybrid environment.
Benefits
King County offers a robust benefits package to support you and your family in a variety of ways. To learn more about the benefits offered here, please click on the Benefits tab or click here: http://www.kingcounty.gov/employees/.
Work Schedule
The normal workweek for this position is Monday through Friday, 8:00 a.m. to 5:00 p.m. Alternative work schedules may be considered. This position is not eligible for overtime pay.
Questions
If you have questions regarding this recruitment, please contact Shannon Hoeper, shoeper@kingcounty.gov or 206-263-6957.- Job Duties
This position reports to the Chief Information Security and Privacy Officer and is responsible for managing security and identity architects, engineers and the security operations manager. This role will:
- Support the development and implementation of of King County’s cybersecurity strategy
- Ensure that clear security and identity architecture strategy, standards and reference documents are in place and regularly reviewed
- Ensure that King County has a robust information security incident response plan that includes training and exercises.
- Oversee the selection, testing, deployment, and maintenance of security hardware and software products as well as operating and maintenance relationships with vendors and outsourced services
- Ensure security and identity platforms, tools, and workflows are well managed, healthy and fully operationalized to maximize investments
- Chair the cross agency Security Program Advisory Team, develop agendas, facilitate meetings, ensure visibility and collaboration with security architecture, engineering, and standards
- Develop and manage security operations metrics relevant to stakeholders in King County, the cybersecurity program and its governance, and KCIT leadership.
- Lead the vulnerability management program at King County which includes strategy, evangelism, platforms and tools, remediation implementation and communications, gap assessments with policies and standards, and escalations
- Support the Chief Information Security and Privacy Officer in budget, strategy, and governance activities
- Maintain strong relationships and collaboration with technology operations management in KCIT and departments/agencies with a technology operations function
- Develop, track, and control the annual operating budget and expenditures for security and identity architecture and operations
- Maintain expert level knowledge on security and identity trends, industry standards, and associated implications for King County
- Experience, Qualifications, Knowledge, Skills
- Experience with security teams, operational areas of responsibility, workflows, and procedures desired
- Experience in development, implementation, and/or support of enterprise security, identity and access management platforms and tools
- 10+ years experience with supervising/leading technical operations staff, setting performance expectations, developing performance measures, conducting performance evaluation, providing coaching and feedback, giving performance appraisals and administering discipline
- 10+ years of progressive experience managing or supporting security programs, technologies and teams
- Skilled in problem and conflict analysis and resolution
- Skilled at handling multiple competing priorities and resource management
- Skilled at aligning operational objectives and tasks with leadership and governance strategy and objectives
- Excellent customer service and collaboration skills
- Excellent written and verbal communication skills
- Ability to communicate complex technical and policy issues with executive management, technical staff, security professionals and non-technical audiences
- Expert knowledge of security technologies such as network and web application firewalls, intrusion detection and prevention solutions, endpoint detection and response solutions, anti-malware solutions, encryption solutions, cloud and on premise application and data security tools and configurations, audit logging/monitoring/alerting solutions
- Expert knowledge of identity, authentication and access management technologies and platforms, integrations and workflows, single sign-on and advanced or multi-factor authentication solutions, and access management, audit and monitoring solutions
- Experience with regulatory compliance (HIPAA, CJIS Security Policy, PCI DSS, PII, etc.)
- Bachelor’s degree in information technology, business administration, computer science or related field and 5+ years of relevant technical or business work experience.
- Any combination of relevant experience, education, or training that provides the required knowledge, skills and abilities to perform the work will be considered.
- Technical certifications related to information security, risk or compliance, information technology such as network, server, database, cloud infrastructure or engineering, project management methodologies, leadership or other relevant certifications are desired (CISSP, CISA, CISM, CIMP, SABSA, GIAC certifications, OSCP, MCSE or equivalent, Cisco CyberOps, CCNP/CCIE Sec, etc.)
- Incident handling training or certifications are desired (GCIH, NIMS ICS, Kepner Tregoe, etc.)
- Supplemental Information
Forbes recently named King County as one of Washington State's best employers.
Together, with leadership and our employees, we're changing the way government delivers service and winning national recognition as a model of excellence. Are you ready to make a difference? Come join the team dedicated to serving one of the nation's best places to live, work and play.
Guided by our "True North", we are making King County a welcoming community where every person can thrive. We value diversity, inclusion and belonging in our workplace and workforce. To reach this goal we are committed to workforce equity. Equitable recruiting, support, and retention is how we will obtain the highest quality workforce in our region; a workforce that shares and will help advance our guiding principles--we are one team; we solve problems; we focus on the customer; we drive for results; we are racially just; we respect all people; we lead the way; and we are responsible stewards. We encourage people of all backgrounds and identities to apply, including Native American and people of color, immigrants, refugees, women, LGBTQ+, people living with disabilities, and veterans.
COVID-19 Vaccination Requirement
King County Executive Branch employees are required to be fully vaccinated against COVID-19. If you are the successful candidate for the position you applied for, the County will send you a conditional offer letter.
As a condition of employment, prior to a final offer of employment, you will be required to:- submit proof of vaccination, or
- have an approved request for medical or religious exemption and an approved accommodation. Philosophical, political, scientific, or sociological objections to vaccination will not be considered for an exemption or accommodation.
People are considered fully vaccinated against COVID-19 two weeks after receiving the final dose of a vaccination approved by the Center for Disease Control and Prevention (CDC).
The Executive Branch includes employees in the Executive branch, the Assessor's Office, Elections, the King County Sheriff's Office, and the Executive Office.
King County is an Equal Employment Opportunity (EEO) Employer
No person is unlawfully excluded from employment opportunities based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status, or other protected class. Our EEO policy applies to all employment actions, including but not limited to recruitment, hiring, selection for training, promotion, transfer, demotion, layoff, termination, rates of pay or other forms of compensation.
To Apply
If you are interested in pursuing this position, please follow the application instructions carefully. If you need this announcement in an alternate language or format, would like to request accommodation or assistance in the application or assessment process or if you have questions please contact the recruiter listed on this job announcement.
Application Requirements
A completed King County Application and Resume are required for consideration. Applications submitted without all material will not be considered.
The recruitment for this position is open to all qualified candidates. This recruitment may be used to fill future vacancies.
Union Status: This position is represented by L117: IT Managers and Supervisors
(For internal use only: Classification: IT Enterprise Manager III - 1230300)
King County offers a highly-competitive compensation and benefits package designed to meet the diverse needs of our employees and support our employees' health and well-being. Eligible positions receive the following benefits and have access to the following programs:
- Medical, dental, and vision coverage: King County pays 100% of the premiums for eligible employees and family members
- Life and disability insurance: employees are provided basic coverage and given the opportunity to purchase additional insurance for both the employee and eligible dependents
- Retirement: King County employees are eligible to participate in a pension plan through the Washington State Department of Retirement Systems and a 457(b) deferred-compensation plan
- Transportation program and ORCA transit pass
- 10 paid holidays each year (plus 2 personal holidays)
- Generous vacation and paid sick leave
- Paid parental leave, family and medical leaves, and volunteer leave
- Flexible Spending Account
- Wellness programs
- Onsite gyms and activity centers
- Employee giving program
- Employee assistance programs
- Flexible schedules and telecommuting options, depending on position
- Training and career development programs
This is a general description of the benefits offered to eligible King County employees, and every effort has been made to ensure its accuracy. If any information on this document conflicts with the provisions of a collective bargaining agreement (CBA), the CBA prevails. Also, in the event of any incorrect information in this document, applicable laws, policies, rules, CBAs, or official plan documents will prevail.
NOTE: Benefits for Term Limited Temporary (TLT) or Short Term Temporary (STT) positions, including leave eligibility and/or participation in the pension plan through the Washington State Department of Retirement Systems, will vary based upon the terms and details of the position. Short Term Temporary positions are not eligible for an ORCA transit pass.
For inquiries about the specifics of this position, please contact the recruiter identified on this job posting.
-
01Are you authorized to work in the United States?
- Yes
- No
02Does your authorization require sponsorship now or in the future from an employer or other source? (This does not preclude you from being considered for this position.)- Yes
- No
03The person hired for this position must successfully pass a background investigation. Are you willing to undergo a thorough background investigation prior to an offer of employment? This will include reference checks with previous employers, a criminal background check and fingerprinting.- Yes
- No
04Are you applying to this position as an eligible Current or Previous King County Employee Priority Placement Program Participant AND Is this position the same or lower percentage of full-time when compared to the position held at the point of the notification of layoff AND Do you possess the skills and abilities to qualify for this position?- Yes, I was given a layoff notice from my role at King County AND I am within two years of the effective date of my layoff. AND The position I was laid off from was the same or a higher percentage of FT status when compared to this one.
- No.
05If you answered yes to the question above and you are applying for this position as a Priority Placement Participant, to be considered, you must provide the following three pieces of information in the space provided: 1. The title you held when you received your layoff notice 2. The department you worked in 3. The effective date of your layoffRequired Question