TODAY !

Job Details

Position:	Information Security Officer (Ref: 17306)
Location:	Augusta, ME 04333 USA
Duration:	1 Years 2 Months 16 Days - Contract
Openings:	1
Deadline:	04/18/2025
Pay Rate:	Login

Description:

***Hybrid

We are seeking an Information Security Officer who will provide consultative, professional advice and expertise about security issues for executive management; is the subject matter expert on information security matters. The position will work with staff to identify, assess, prevent, protect, and mitigate information security risks, threats, and vulnerabilities to safeguard business operations. This individual will serve as a central point of contact on security related matters to assist in their strategic planning, operational needs, incident response operations, and regulatory compliance efforts.

• Collaborate with staff to strengthen the security posture through continuous assessment, proactive security measures, and alignment of security initiatives with business goals.
• Exercise independent judgment on critical security matters, including risk assessments, resource allocation, and policy implementation, ensuring the operations and relationships are secure and compliant with state and federal regulations.
• Work closely with sections of the Information Security Office to implement and support the State of Maine Information Security Program Plan, fostering cross-functional collaboration to address emerging threats and vulnerabilities.
• Engage with stakeholders to integrate security strategies into business objectives, ensuring that security operations and initiatives directly support the missions, goals, and regulatory compliance needs.
• Serve as the primary point of contact for the escalation of cybersecurity issues, ensuring that concerns are promptly addressed and resolved in a timely, coordinated, and efficient manner to minimize risk and maintain business continuity.
• Advise on Security Policies & Standards – Develop, review, and enforce security policies, standards, and best practices to ensure compliance with state and federal regulations.
• Risk Assessment & Management – Conduct security risk assessments, analyze findings, and recommend remediation strategies to mitigate threats and vulnerabilities.
• Incident Management & Response – Assist with security incident investigations, coordinate response efforts, and provide guidance on incident containment, remediation, and reporting.
• Third-Party Risk Management – Evaluate vendor and third-party security controls to ensure compliance with state security requirements and industry standards.
• Audit & Compliance Support – Support internal and external security audits by providing necessary documentation and guidance to ensure adherence to regulatory requirements.
• Emerging Threat & Technology Assessment – Stay informed on evolving cybersecurity threats, technologies, and best practices, and provide recommendations for improving defenses.
• Business Continuity & Disaster Recovery – Collaborate to develop and test business continuity and disaster recovery plans to ensure resilience in the event of a security incident or disruption.
· Make a Difference: The scope of this position impacts the trajectory of application security in the State of Maine, ensuring the integrity and confidentiality of critical systems.
· Show Your Strength: A chance to apply your expertise in application security and demonstrate your capabilities.
· Experience in State Government: Opportunity to work within a large IT enterprise supporting critical State applications.
· Selfless Service: Play a pivotal role in safeguarding the State’s critical systems, contributing to the public good by protecting citizens' data and ensuring the secure operation of essential government services.
· Proactive: Uses time effectively and makes sound decisions independently.
· Collaborative: Builds coalitions for efficient information security program management.
· Expertise: Subject matter expertise or the capacity to become an expert in the role's essential functions; and
· Versatility: Dynamic individual capable of balancing information security, business functions, and statewide risk.
• Immersion in rapidly evolving issues of state government and a fast-moving organization full of opportunity.
• Collaboration with talented peers and exposure to creative problem-solving approaches.
• Opportunities to tackle unique and complex projects in application security.

Required / Desired Skills

• Experience in a leadership role, information security, relationship management, and cross-functional goal achievement; (Required 5 Years)
  
• Bachelor’s degree in information technology or related field. Four years of direct experience with information security consultancy may be used in lieu of a degree (Required 4 Years)
  
• Expertise working with Security and Privacy Controls for Information Systems and Organizations as established by the National Institute of Standards and Technology (Required 4 Years)
  
• Experience with support functions—such as consolidated data centers, shared print facilities, and disaster recovery sites—as they relate to the regulatory compliance requirements for federally protected data types (Highly Desired 1 Years)