Deputy Chief Information Security Officer

The Commonwealth of Pennsylvania is seeking a strategic and innovative leader to serve as the state's Deputy Chief Information Security Officer (Deputy CISO). This professional provides executive-level leadership and operational oversight of the Commonwealth's enterprise cybersecurity program, making critical decisions by overseeing operational performance across all Enterprise Information Security Office (EISO) service towers to ensure effective delivery of enterprise security services. Make your career aspirations a reality with this exciting opportunity.

Reporting directly to the Chief Information Security Officer (CISO), this position is responsible for advancing the Commonwealth's security strategy, ensuring alignment with statewide risk management objectives, and leading day-to-day operations across multiple cybersecurity service towers - including Network Security Operations, Security Operations Center, Vulnerability Management, Identity and Access Management, and Cloud Security Architecture and Engineering.

The Deputy CISO acts as the principal advisor to the CISO on all aspects of enterprise information security, policy enforcement, and incident response coordination. You will have the opportunity to partner with agency leadership, delivery center Security Business Partners, and executive stakeholders to mature the Commonwealth's cyber resilience posture and ensure consistent application of security frameworks, policies, and standards across all agencies.

Interested in learning more? Additional details regarding this position can be found in the position description.

Work Schedule and Additional Information:

• Full-time employment
• Work hours are 8:00 AM to 4:30 PM, Monday - Friday, with 60-minute lunch.
• Telework: You may have the opportunity to work from home (telework) part-time, three days in office, two days telework. In order to telework, you must have a securely configured high-speed internet connection and work from an approved location inside Pennsylvania. If you are unable to telework, you will have the option to report to the headquarters office in Harrisburg. The ability to telework is subject to change at any time. Additional details may be provided during the interview.
• Salary: In some cases, the starting salary may be non-negotiable.
• You will receive further communication regarding this position via email. Check your email, including spam/junk folders, for these notices.

QUALIFICATIONS

Minimum Experience and Training Requirements:

• Seven (7) years of progressively responsible experience in information security management, cybersecurity operations, or IT risk management.
• Three (3) years of supervisory or managerial experience leading security or technology teams.

Additional Requirements:

• You must have experience with cybersecurity frameworks such as NIST CSF, CIS Controls, ISO 27001, or CMMC.
• You must have experience with enterprise IT architecture, network defense, and incident management.
• You must have experience in leadership, effective communication, and strategic planning.
• You must be eligible for or able to obtain federal or state-level security clearances.
• You must be able to perform essential job functions.

Preferred Qualifications (not required):

• Industry certifications such as CISSP, CISM, CISA, CRISC, or GIAC leadership credentials
• Experience in government or regulated industry cybersecurity leadership roles
• Familiarity with Commonwealth IT governance, OA-OIT policies, and agency operations
• Demonstrated success leading cross-agency or enterprise-level cybersecurity initiatives

• You must pass a background investigation and meet Criminal Justice Information Services (CJIS) compliance requirements.

How to Apply:

• Resumes, cover letters, and similar documents will not be reviewed, and the information contained therein will not be considered for the purposes of determining your eligibility for the position. Information to support your eligibility for the position must be provided on the application (i.e., relevant, detailed experience/education).
• If you are claiming education in your answers to the supplemental application questions, you must attach a copy of your college transcripts for your claim to be accepted toward meeting the minimum requirements. Unofficial transcripts are acceptable.
• Your application must be submitted by the posting closing date. Late applications and other required materials will not be accepted.
• Failure to comply with the above application requirements may eliminate you from consideration for this position.

Veterans:

• Pennsylvania law (51 Pa. C.S. *7103) provides employment preference for qualified veterans for appointment to many state and local government jobs. To learn more about employment preferences for veterans, go to www.pa.gov/agencies/employment/how-to-apply.html and click on Veterans.

Telecommunications Relay Service (TRS):

• 711 (hearing and speech disabilities or other individuals).

If you are contacted for an interview and need accommodations due to a disability, please discuss your request for accommodations with the interviewer in advance of your interview date.

The Commonwealth is an equal employment opportunity employer and is committed to a diverse workforce. The Commonwealth values inclusion as we seek to recruit, develop, and retain the most qualified people to serve the citizens of Pennsylvania. The Commonwealth does not discriminate on the basis of race, color, religious creed, ancestry, union membership, age, gender, sexual orientation, gender identity or expression, national origin, AIDS or HIV status, disability, or any other categories protected by applicable federal or state law. All diverse candidates are encouraged to apply.