Chief Information Security Officer (CISO) - Operations and Administrative Services Division - Chicago
OFFICE OF ATTORNEY GENERAL
POSITION CLASSIFICATION: Chief Information Security Officer (CISO)
PERMANENT ASSIGNMENT: Deputy Chief of Staff, Administration
BUREAU SERVED: Operations and Administrative Services Division
SALARY: Commensurate with experience
SUMMARY OF DUTIES AND RESPONSIBILITIES:
The Chief Information Security Officer (CISO) is responsible for the data and cyber security of the Office of the Attorney General (OAG). They shall conduct real-time analysis of immediate threats and triage data breach and/or security incidents. Efficiently manage all security incidents, keep abreast of developing security threats, communicate and advise the Administration on potential threats, and determine what occurred in a breach. They are responsible for information security strategy, policy development, standards, architecture, and processes and assessments to ensure information assets and critical processes are adequately protected with acceptable levels of controls, particularly focusing on cyber threat intelligence and incident response within the administration of the Operation and Administrative Services Division. The CISO may work with outside law enforcement agencies, consulting firms, government agencies and/or conduct their own conduct forensics.
The CISO will protect the OAG from internal threats by ensuring that staff do not misuse or steal data. The CISO will monitor the flow of information to identify large amounts of data that may leaving the office and ensure that only authorized staff have access to restricted data and systems. They will maintain access to the distribution of e-mail addresses and ensure that credentials are rapidly taken away upon separation of an employee.
Other duties of the CISO include keeping ahead of security needs by implementing programs or projects that mitigate risks, for instance, regular system patches; planning, buying and rolling out security hardware and software and making sure IT (Information Technology) and network infrastructure is designed with best security practices in mind; deciding where, how and why firewalls are used; may make decisions on how to separate or segment certain networks; and may also rely on penetration testers or ethical hackers to test the defense created for the office.
This position requires a minimum of a bachelor’s degree in computer science or related IT or business field, or a technical degree with a security focus with an equivalent combination of training, education and experience. Ideally suited for IT professionals with 7 to 12 years of work experience. Experience using DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies; coding practices, ethical hacking and threat modeling; firewall and intrusion detection/prevention protocols. Ability to effectively coordinate, prioritize and collaborate along with outstanding written verbal communication skills. Attendance and the ability to maintain satisfactory working relationship with OAG employees and the general public is required.
HOURS OF WORK: 9:00 a.m. – 5:00 p.m. (Monday - Friday)
Application Procedure: Send resume with cover letter to:
Office of the Illinois Attorney General
An Equal Opportunity Employer
The Illinois Attorney General's Office is an equal opportunity employer. The Office considers applicants without regard to race, color, religion, sex, national origin, sexual orientation, age, marital or veteran status, or the presence of a non-job-related medical condition or disability.