Insight Global is looking for a Deputy CISO, Finance lead to support a local state agency on a long-term contract opportunity. The Deputy CISO, Finance Lead is responsible for establishing, directing and maintaining the vision, strategy, and program for information security of the Finance Executive Agencies to protect critical information assets and technologies. The Deputy Finance CISO will be matrixed to the Secretary of Finance in order to coordinate efforts across the Finance Executive Agencies with input from Finance Independent Agencies and other Commonwealth Agencies.
Key Responsibilities:
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
- Provide leadership to the enterprise's information security organization.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Chairs Finance Cyber Executive Oversight Committee.
- Accountable for ensuring new initiatives are executed and oversee execution.
- Approves master project plans, execution plans, change management strategy and operations (including security program solutioning and budget estimation) relative to Finance Agencies.
- Conducts stage gate reviews of key project milestones.
- Maintains Finance Agencies risk register, communicates risks to Secretary of Finance, and facilitates risk treatment and mitigation decisions.
- Works closely with Finance Agency ISOs in addressing risks for which agencies are accountable for mitigating
Minimum Qualifications
- Background coming from a regulatory space with experience managing regulations in financial security environments.
- Extensive IT and business/banking/audit industry work experience, with leadership experience in managing multiple, large, cross-functional teams or projects, and influencing senior-level management and key stakeholders.
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
- Experience working with and applying NIST-based security standards including NIST 800.53.
- Good working knowledge of current IT risks and experience implementing security solutions.
- Experience in planning, organizing, and developing IT security and facility security system technologies.
- Experience with contract and vendor negotiations and management including managed services.
- Excellent written and verbal communication skills, interpersonal and collaborative skills.
- Ability to communicate security and risk-related concepts to technical and nontechnical audiences
