Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

State of Massachusetts Chief Information Security Officer in Quincy, Massachusetts

_About the Organization:_ The Executive Office of Health and Human Services (EOHHS) is the largest secretariat in MA state government and is comprised of 12 agencies, in addition to 2 soldiers’ homes and the MassHealth program. HHS services directly touch the lives of slightly more than 1 in 4 residents in the Commonwealth — some of our most vulnerable children, youth, adults, and elders. HHS provides access to medical and behavioral health care, substance misuse treatment, long term services and support, and nutritional and financial benefits to those with low incomes. We connect elders, individuals with disabilities, and veterans with employment opportunities, housing, and supportive services. We steer troubled youth towards a more successful path and do everything possible to keep children in our child welfare system safe. We support individuals who are developmentally disabled, mentally ill, blind, deaf or hard of hearing. _About the Role:_ As the Commonwealth of Massachusetts advances its mission to enhance information technology (IT) efficiencies and effectiveness, EOHHS is seeking a strategic, innovative, and experienced individual to lead the EOHHS Security Office as the Chief Information Security Officer (CISO). The CISO will indirectly report to the Commonwealth CISO at the Executive Office of Technology Services and Security (EOTSS). Following EOTSS guidance, the CISO will execute security standards, policies, and procedures within EOHHS. Ultimately, the CISO will collaborate with EOTSS in their mission to drive a more secure environment through the enterprise security program. The Chief Information Security Officer (CISO) collaborates and reports to the Secretariat Chief Information Officer (SCIO) and manages a staff of approximately 13-17 professional staff. The Security Office encompasses a variety of operations to secure and protect all the data EOHHS uses, processes, and maintains in furtherance of the work it and its state agencies perform. The selected candidate must be a results-oriented professional with a passion for developing team members through a cultural shift to newer technology systems and service provision models. The Chief Information Security Officer must have a demonstrated track record of success developing and implementing a comprehensive technology strategy that is both aligned with and supports the current and future business goals of a large matrixed organization. Working for the EOHHS SCIO and in partnership with the EOTSS CISO, responsibilities may include the following _Responsibilities:_ •Implement EOTSS security framework and ensure compliance •Participate in the change management process with the EOTSS CISO •Respond to Executive order changes regarding security and confidentiality of citizen information • Direct and exercise an efficient system of control for a comprehensive information resource security control framework across EOHHS agencies including a continuous monitoring program. • Develop, maintain, and implement a comprehensive data flow and network use continuous monitoring program coupled with an information resource investigation, forensics, and tools management program. • Collaborate and work in partnership on both strategic initiatives and security operations with the Executive Office of Technology Services and Security. Develop proactive communication strategies and build professional relationships with security peers across the Commonwealth. • Ensure operational and strategic initiatives for IT services are aligned with agencies mission, vision, and strategic plan; Provide leadership for all phases of strategic technology initiatives. • Create and execute an effective incident management and monitoring program; Monitor and report results of compliance/ethics efforts. • Develop, initiate, maintain, and revise policies and procedures for the general operation of the compliance program; Provide leadership/guidance for senior management. • Monitor emerging technologies for potential impacts to agency operations and long-term strategy. • Collaborate with and coordinate risk management and internal audit to direct compliance issues to appropriate reviewing bodies. • Respond to alleged violations of rules, regulations, policies, and procedures; Develop and oversee a system for uniform handling of such violations. • Identify potential areas of compliance vulnerability and risk; direct the development and implementation of corrective action plans for resolution of identified issues. • Ensure adherence to legal standards with respect to information security compliance including directives for appropriate application and system patching; implementing and following industry standards and best practices for security compliance; and reliable, efficient and effective project development processes. • Manage and allocate budget forecasting for contracts, staff, goods and services; ensure Deputy SCIO is apprised of all major financial needs. • Participate in departmental meetings at agencies as a senior executive and IT advisor to the Deputy SCIO; contribute to other projects and activities as assigned by the Deputy SCIO. _Required Knowledge, Skills & Abilities:_ • 10 years of experience within information technology • 5 years of experience in information security or cyber security; with at least 2 years of exposure to various security frameworks, preferably NIST • 5 years of managerial, team leadership or supervisory experience in large, matrixed organizations; with basic principles budgeting and cost-allocation • Extensive experience with policies/procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis and disaster recovery • Proven experience working in a covered entity environment utilizing HIPAA and Patient Safety and Quality Improvement Act (PSQIA) Standards • Ability to supervise staff including performance appraisal, employee coaching, training, development, and performance management. • Demonstrated skills in the identification of business process improvements and the application of technology to optimize business practices • Proven experience conducting/ managing case intake, documentation, investigation and resolutions process for security and risk management issues • Exceptional written and verbal communication skills, with a proven ability to translate security and risk to all levels of the business in technical and non technical terms • Ability to develop and maintain effective working relationships with a variety of stakeholders _Preferred Knowledge, Skills & Abilities:_ • CISSP, CISM, or CISA certification, etc. • Government, public sector or healthcare experience /_Total Compensation_/ As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve - but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including:// * 75% state paid medical insurance premium * Reasonable Dental and Vision Plans * Flexible Spending Account and Dependent Care Assistance programs * Low cost basic and optional life insurance * Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan * 12 paid holidays per year and competitive Sick, Vacation and Personal Time * Tuition Benefit for employee and spouse at state colleges and universities * Short-Term Disability and Extended Illness program participation options * Incentive-based Wellness Programs * Professional Development and Continuing Education opportunities * Qualified Employer for Public Service Student Loan Forgiveness Program /_Pre-Hire Process:_/ A criminal and tax history background check will be completed on the recommended candidate as required by the regulations set forth by the Executive Office of Health and Human Services prior to the candidate being hired. For more information, please visit Education, licensure and certifications will be verified in accordance with the Human Resources Division’s Hiring Guidelines. Education and license/certification information provided by the selected candidate(s) is subject to the Massachusetts Public Records Law and may be published on the Commonwealth’s website. For questions, please the contact the Office of Human Resources at 1-800-510-4122 and select option #2. MINIMUM ENTRANCE REQUIREMENTS: Applicants must have at least (A) seven (7) years of full-time or, equivalent part-time, professional, administrative, supervisory, or managerial experience in business administration, business management, public administration, public management, clinical administration or clinical management of which (B) at least four (4) years must have been in a managerial capacity. Executive Order #595:As a condition of employment, successful applicants will be required to have received COVID-19 vaccination or an approved exemption as of their start date. Details relating to demonstrating compliance with this requirement will be provided to applicants selected for employment. Applicants who receive an offer of employment who can provide documentation that the vaccine is medically contraindicated or who object to vaccination due to a sincerely held religious belief may make a request for exemption. An Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply. Job: Information Systems and Technology* *Organization: Exec Office Of Health and Human Services *Title: *Chief Information Security Officer Location: Massachusetts-Quincy - 100 Hancock Street Requisition ID: 2100084G