IT Senior Information Security Policy Programs Officer

Description Information Technology Services is a team of dedicated professionals providing core technology and cybersecurity services to agencies statewide, enabling state employees to serve Idaho''s citizens. We sincerely hope you will consider being part of o ur success. Information Technology Services (ITS), currently has an opening for an IT Information Security Engineer Level III position in o ur Chinden office in Boise . This position will provide essential services on the state''s Cybersecurity Operations team to test, implement, deploy, maintain, review, and administer the infrastructure hardware and software that are required to effectively manage the computer network defenses and resources, monitor network to actively remediate unauthorized activities and perform related work. The selected individual must possess an in-depth knowledge of a wide-range of cybersecurity technologies, and operating principles in order to contribute to effective 24/7/365 cybersecurity operations. This position will research opportunities to improve information security standards and identifies best practices; ensure the safety and security of all information systems assets based on significant breadth and depth of expertise; design and implement procedures and controls necessary to protect information system assets and data; provide guidance and direction both within information security and among users for the physical protection of information system assets, organizational information, and customer data. Performs organizational and system level risk assessments in accordance to the risk management plan. Performs e-discovery and information forensics services. This job announcement will remain open until the position has been filled. Applications will be reviewed periodically as they are received. Applicants are encouraged to apply and submit their applications as soon as possible. The ideal candidate w ill have the following interpersonal and skills and qualifications: Able to exercise diplomacy, negotiation, and conflict resolution skills; Excellent time management skills and the ability to manage multiple conflicting priorities; Possess one of more of the following cybersecurity accreditations (CISSP, Security+, CEH, CISM); Maintains a high-level of integrity and honesty; Able to lead and manage complex projects; Able to influence organizational change and compliance; Public speaking to large groups of people may be required; Ability to work as part of a team is essential ; On-time and consistent attendance at the nominated workplace is essential; Face-to-face interaction with customers, staff and management is required; Able to interact in a non-partisan manner when working in political environments or when involved in political activities is required; Excellent writing and grammar skills are essential; Ability to work long hours, holidays and weekends; Able to work under stressful conditions and work to tight timelines. BENEFITS:Excellent low-cost Health, Dental, Vision Insurance Participation in one of the nation''s best state retirement systems PERSI Retirement Generous vacation and sick leave accrual beginning as soon as you startEleven paid holidays a yearMultiple savings plans, including optional 401k & Deferred Compensation plans Group Life Insurance/Disability Insurance/Supplemental Life Insurance Employee Assistance Program Wellness Program Benefits Summary (Download PDF reader) Please note: The successful candidate will be required to pass a fingerprint-based background check. Example of DutiesDevelop security policies and standards, risk assessments, third party risk programs, risk management, risk registries, regulatory compliance, security awareness training and testing, security metrics, privacy, and other relevant areas.Research opportunities to improve information security standards and identifies best practices. E valuates changes to information security laws, regulations, and updates policies as needed. Apply security and risk frameworks, regulations and privacy such as NIST CSF/800-53, CIS, PCI, CMMC, CJIS, IRS PUB 1075, SSA etc. Design and implement Incident Response (IR) processes, procedures, guidelines, and solutions. Provides technical and executive level reports on IR issues. Plans, coordinates and conducts cybersecurity exercises. Assists in designing, developing and implementing compliance with information security programs. Identifies and evaluates information security practices requiring compliance . Monitors and tracks organizational compliance to information security corrective action reports, POA&Ms, compliance training, and background checks.Performs organizational and system level risk assessments in accordance with the risk management plan and conducts reviews , and audits of various organizational IT processes, including performing penetration/vulnerability tests. Ensures the safety and security of all information systems assets based on significant breadth and depth of expertise; designs and implements procedures and controls necessary to protect information system assets and data. Develops and implements cybersecurity awareness and information security compliance training material as necessary. Develops and conducts cyber hygiene programs to enhance the overall resilience and maturity of cybersecurity. Minimum QualificationsConsiderable knowledge of computer networking concepts and protocols, and network security methodologies; internal tactics to anticipate and mitigate cyber security threat capabilities and actions; risk management processes (e.g., methods for assessing, documenting, and mitigating risk). Good knowledge of cyber intelligence/information collection capabilities and conducting cyber incident investigations; assessing cyber security regulatory compliance and policy & procedure writing; supervisory practices Supplemental InformationPlease enter your responses to the supplemental questions in the space provided. You must have the minimum level of experience or education described in the typically gained by statements for each question to qualify for this position. Scoring will be based on the information you provide. A higher rating may be obtained based on the extent of youreducation and experience, so take your time to provide a detailed and complete answer to each question. Please do not cite, Refer to Resume or See Resume as a response.Hiring is done without regard to race, color, religion, national origin, sex, age, or disability. If you need special accommodations to satisfy testing requirements, please contact the Division of Human Resources at (208) 334-2263. Preference may be given to veterans who qualify under state and federal laws and regulations.

Created: 2025-09-06