Skip to content

Chief Information Security Officer (CISO)

Recruitment #181101-UNCB-105


Submit a letter of interest and resume to:


Alan Freeman, Assistant Executive Director
Oklahoma Turnpike Authority
3500 Martin Luther King Ave.
Oklahoma City, OK  73111


Chief Information Security Officer (CISO)

Job Summary:
The CISO will be accountable for ensuring the protection of all the business assets from intentional or unintentional loss, disclosure, alteration, destruction and unavailability. These independent functions report outside of the IT management structure, but work in close collaboration with IT and business administration.

Key Duties:
•Executive level reporting and collaboration on cyber risk, information security risk, program risk and current control effectiveness to reduce risk.
•Information Security Governance and strategy for IT and Business operations and practices.
•Coordinates the identification and remediation of all security issues; collaborates with IT management and technical resources as needed to remediate security vulnerabilities identified during risk assessments, penetration tests, and application review.
•Manages the cyber security program and appropriate incident response; coordinates and executes IT security projects, including implementation of new technologies and efforts to improve general security posture.
•Provides technical expertise and support for security-related issues throughout the organization.
•Monitors information security issues related to systems and workflow to ensure the internal security controls are appropriate and operating as intended.
•Develops Business Continuity and Disaster Recovery Programs, services, and capabilities, including operating exercise and testing.
•Oversees supply chain management security and continuity of vendors and purchasing decisions that impact the security posture of OTA.
•Develops and delivers internal OTA Information Security, Compliance and Awareness training programs.
•Coordinates with Qualified Security Assessors in Payment Card Industry Data Security Standard (PCI DSS) audits; works closely with IT Management, Toll, Technical personnel, and third party vendors to ensure the Authority is following PCI DSS security standards.  

Knowledge, Skills, and Abilities:
•Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e.g., PCI) and desktop, server, application, database, network security principles for risk identification and analysis; of process improvement to include researching, assessing risk, and developing mitigation strategies for security threats; of firewall administration, active directory, operating systems, networking routers/switches, and security tools such as antivirus software, web and e-mail filtering, and encryption technology.
•Strong analytical and problem solving skills; excellent written and verbal communication skills to interact effectively with staff.
•Ability to communicate clearly and concisely with others, including the presentation of reports and recommendations to executive management team; to make sound decisions quickly in a fluid work environment.

Minimum Qualifications:
Bachelor’s degree in computer science, management information systems, or a related field and six years of security experience in computing and information security, including experience with internet technology and security issues or an equivalent combination of education and experience. CISSP, C-CISO, CISM, CBCP or related certifications preferred




Veteran’s preference points apply only for initial appointment in the classified service. Policies | About | Accessibility
© 2019 • The State of Oklahoma

Powered by JobAps