Skip Navigation
Illinois Attorney General Kwame Raoul
Home | Careers | Press Room | Opinions | Español | Other Languages | Contact Us



POSTING #22-E-18

POSITION CLASSIFICATION: Deputy Chief Information Security Officer (DCISO)

BUREAU SERVED: Information Security

LOCATION: Chicago or Springfield

SALARY RANGE: Commensurate with experience


Under the direction of the Chief Information Security Officer (CISO), the Deputy Chief Information Security Officer (DCISO) will be responsible for examining internal IT controls, evaluating the design and operational effectiveness of deployed systems and capabilities, formally documenting risk exposure, and working collaboratively across the organization to prioritize, draw focus, and track risk remediation commitments.

The Deputy Chief Information Security Officer will lead the development and maintenance of the IT Risk Register, providing regular updates to leadership on the overall aggregated risk profile, remediation plans and priorities, progress made, and open/closure performance. They will also be responsible for leading the development and publishing the monthly Information Security Key Performance Indicators (KPI) and performance metrics.

The Deputy Chief Information Security Officer will oversee the development, implementation, monitoring, and enhancement of the information security framework of policies, procedures, and standards. They will also develop strategies to address awareness and training for all stakeholders and oversee cybersecurity training for all employees, vendors, and other third parties. They will also provide guidance on identified security risks and will facilitate the updates and communication of changes to the organizations Information Security policies, practices, and standards.

The Deputy Chief Information Security Officer will directly participate in the IT Change Management process and will be required to review and approve all Network Firewall rules and configuration changes prior to implementation.


This position requires a minimum of a bachelor’s degree in Computer Science, Information Systems, Information/Cybersecurity or related field. A minimum of 5 years of work experience managing cyber-security and/or information technology security functions is required. Experience as an Information Security Analyst / Engineer or IT Auditor is preferred. A current Certified Information Systems Security Professional (CISSP) certification is required along with at least one additional information security certification such as Security+, GCIA, CCNA, OSCP, CISM, or CISA. Demonstrated experience and knowledge in applying Information Security, Data Classification and Privacy concepts is also required.

This position requires familiarity with information security governance frameworks and experience in performing information security audits or risk assessments. Also, a working knowledge and understanding of computer networking, firewalls, routing and switching, network protocols, VPN, DLP, IDS/IPS, Web-Proxy, Endpoint Security, Office O365 Security, client / server implementation patterns, and cloud computing / “as-a-service” implementations. Ability to effectively coordinate, prioritize and collaborate along with outstanding written verbal communication skills. Attendance and the ability to maintain satisfactory working relationships with OAG employees and the general public is required.

Application Procedure: Send cover letter and resume to:

Office of the Attorney General
Attn: Human Resources
500 South Second Street
Springfield, Illinois 62701

An Equal Opportunity Employer

The Illinois Attorney General's Office is an equal opportunity employer. The Office considers applicants without regard to race, color, religion, sex, national origin, sexual orientation, age, marital or veteran status, or the presence of a non-job-related medical condition or disability.

Back To Job Opportunities Main Page

go to top of page

Return to About Us main page
© 2020 Illinois Attorney General HomePrivacy Policy Contact Us