State of Massachusetts - Director, Cyber Security - Braintree, Massachusetts
JOB SUMMARY: As Director of Cyber Security at the Massachusetts State Lottery Commission, you will be responsible for crafting and executing our enterprise-wide cyber security strategy, overseeing a team of security professionals, and ensuring the ongoing resilience of our information security posture. You will be a trusted advisor to senior management, effectively communicating the evolving cyber threat landscape and collaborating across departments to integrate security best practices into all operations.
ESSENTIAL FUNCTIONS:
- Architect and Champion Security Strategy: Define and champion a comprehensive cyber security strategy aligned with corporate objectives, industry best practices, and regulatory requirements.
- Lead Security Program Execution: Oversee the implementation and continuous improvement of the security framework, technical guidelines, and information risk mitigation efforts across the entire organization.
- Executive Management Communication: Regularly communicate the status, effectiveness, and strategic roadmap of the cyber security program to executive management.
- Technical Expertise and Collaboration: Act as a subject matter expert on cyber security, collaborating and liaising with information technology departments to ensure alignment and integration.
- Threat Awareness and Translation: Synthesize and communicate the latest security trends and issues in a clear and actionable way, translating the impact to corporate relevance.
- Compliance and Regulatory Engagement: Confidently communicate with auditors and regulators on cyber security topics, ensuring compliance and demonstrating a proactive security posture.
- Resource Management and Advocacy: Proactively communicate resource constraints and capability gaps to the CTO, advocating necessary investments in cyber security solutions.
- Departmental Leadership: Establish departmental priorities, roadmaps, and provide daily operational tasks ensuring comprehensive coverage.
- Budget and Procurement Management: Manage new and recurring departmental procurements within an allocated budget.
- Third-Party Security: Represent and advocate for the Lottery's security interests when engaging with vendors and other third-party organizations.
- Vulnerability Management and Compliance: Administer vulnerability management processes, ensuring ongoing internal compliance and reporting.
- Incident Response Leadership: Lead the information security incident response process, managing all aspects of identification, containment, eradication, and remediation.
- Security Awareness and Training: Develop and administer information security and privacy training programs for all employees across the organization.
- Security Control Monitoring: Continuously monitor security controls to optimize effectiveness and maturity.
REQUIREMENTS:
- The events of certain circumstances (i.e., State of Emergency, Lottery need, etc.) may determine this position as “essential”.
- Must be able to travel to Lottery offices statewide and/or other locations, as required.
PREFERRED QUALIFICATIONS:
- Minimum 10 years of experience in information security leadership roles, with a proven track record of building and leading successful security programs for large organizations.
- Strong understanding of cyber security frameworks, methodologies, and best practices (e.g., NIST Cyber security Framework, CIS Controls, COBIT).
- In-depth knowledge of security architecture, network security, application security, cloud security, and information security risk management.
- Experience managing and leading a team of cyber security professionals.
- Excellent communication, collaboration, interpersonal, and negotiation skills.
- Strong analytical, problem-solving, and decision-making skills.
- Ability to think strategically, translate security risks into business context for senior management, and advocate for security investments.
- A passion for cyber security and a commitment to continuous learning.
- Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree a plus).
- CISSP, CISA, CISM, or other relevant cyber security certifications highly preferred.
Job: Information Systems and Technology
Organization: State Lottery Commission
Title: Director, Cyber Security
Location: Massachusetts-Braintree - 1515 Washington St
Requisition ID: 24000814
#J-18808-Ljbffr