DoIT Cyber Policy and Strategy Planner Manager
Director of Governance, Risk, and Compliance
Recruitment #23-004730-0001
Department | DoIT State Chief of Information Technology |
---|---|
Date Opened | 2/7/2023 1:00:00 PM |
Filing Deadline | 2/21/2023 11:59:00 PM |
Salary | $65.01/hour |
Employment Type |
Full-Time
|
HR Analyst | Cindy Mann |
Work Location |
Anne Arundel
|
Telework Eligible | Yes |
Introduction
The
Office of Security Management within the Department of Information Technology
(DoIT) provides State agencies and Local government entities with a common
statewide strategy for secure, effective, and technically sound use of
information technology resources.
This
team is responsible for the establishment of Security Policies, Security
Guidance, Security Awareness, and provides assistance to help improve cybersecurity
preparedness.
GRADE
LOCATION OF POSITION
Main Purpose of Job
MINIMUM QUALIFICATIONS
Education: A high school diploma or equivalent.
Experience:
A minimum 5 years of
experience in each of the following areas:
●
Managing
cybersecurity governance, risk and compliance (GRC) programs and large, complex
GRC projects with a clear understanding of related tools and processes.
●
Direct
experience with cybersecurity policy development, including writing and
managing updates to policies, procedures, and standards documentation.
●
Experience
managing and/or executing on internal and external cybersecurity assessments
and audits.
Additional three (3)
years required experience:
●
GRC platform experience for managing
assessments, risks, issues, and plan of action and milestone documents (POAMs),
including development of GRC processes, workflows, and requirements.
●
Directly
working with or managing Authorization to Operate (ATO) processes and
documentation development.
●
Hands-on experience with governance
and risk frameworks including the National Institute of Standards and
Technology (NIST) Cybersecurity Framework (CSF) and NIST 800-53 controls.
●
Excellent
communication and demonstrated skills in presenting information effectively to
various audiences.
●
Working
with and advising executive-level stakeholders on program status, policy
recommendations and strategic roadmaps.
●
Managing
and directing a team of cybersecurity personnel.
DESIRED OR PREFERRED QUALIFICATIONS
●
A Certified Information Systems
Security Professional (CISSP), Certified Information Systems Auditor (CISA),
and/or Information Technology Infrastructure Library (ITIL) certification is
strongly preferred.
●
A Project Management Professional
(PMP) certification is strongly preferred.
●
Governance of Enterprise Information
Technology (GEIT) or GRC Professional (GRCP) certifications is preferred.
●
Experience using or developing
ServiceNow’s Integrated Risk Management (IRM) Pro platform, which includes
Continuous Authorization and Monitoring (CAM).
●
Working with Project Management
software/solutions.
●
Experience with regulatory and
security requirements regarding specific data types including Federal Tax
Information (FTI), Personally Identifiable Information (PII), Protected Health
Information (PHI), Payment Card Industry (PCI), and Criminal Justice
Information Systems (CJIS).
●
Experience managing cybersecurity
governance, risk, and compliance programs in Federal, State, or Local Government
organizations.
SELECTION PROCESS
Please make sure that you provide sufficient information on your application to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be ranked as Best Qualified, Better Qualified, or Qualified and placed on the eligible (employment) list for at least one year.
EXAMINATION PROCESS
The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.
BENEFITS
Contractual employees who work for
an agency and have a current employment contract of 30 or more hours a week (or
on average 130 hours per month) will be eligible for subsidized health benefits
coverage for themselves and their dependents. As a contractual employee, you
will be responsible for paying 25% of the premiums for your medical and
prescription coverage, including any eligible dependents you have enrolled. The
State of Maryland will subsidize the remaining 75% of the cost for these
benefits. You can also elect to enroll in dental coverage, accidental death and
dismemberment insurance, and life insurance, but will be responsible to pay the
full premium for these benefits.
Paid leave will accrue at a rate of one hour for every 30 hours worked.
FURTHER INSTRUCTIONS
Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.
For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at Application.Help@maryland.gov or 410-767-4850, MD TTY Relay Service 1-800-735-2258.
We thank our Veterans for their service to our country.
People with disabilities and bilingual candidates are encouraged to apply.
As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.