Information Security Manager (OLITS)

Do not click the Apply button. Applications are available Here.

The Florida Legislature
Office of Legislative Information Technology Services

Job Title

Information Systems Chief

Working Title

Information Security Manager

General Summary

The Florida Legislature, Office of Legislative Information Technology Services (OLITS), is seeking an Information Security Manager (ISM). This position will report to the Chief Information Officer (CIO) and will focus on protecting and securing the network, data, servers, technology components, and applications supported by the OLITS. This position requires a strong technical background in application and/or network services and technologies; experience in the creation and enforcement of technology standards or policies; and experience with monitoring for and responding to security events.

The Office of Legislative Information Technology Services (OLITS) supports a variety of technology needs and services for the legislative units that report jointly to the Senate and House of Representatives and are housed administratively under the legislative branch.

OLITS encompasses the Legislature’s Data Center, Applications, Project Management, Network, Systems Administration and Customer Support units.  Application Development provides analysis and design, code development, quality assurance, delivery and ongoing support responsibilities serving the joint units and the public. The Project Management team provides project management and support to the OLITS units. The Network, Systems Administration and Customer Support unit supports approximately 300 legislative customers with email, phone services, hardware and software support, wireless network, scalable and secure IT infrastructure services.

The joint units of the Florida Legislature include the: Office of Legislative Services, Florida Commission on Ethics, Office of Economic & Demographic Research, Florida Historic Capitol Museum, Office of Program Policy Analysis and Government Accountability, Office of Public Counsel, and several committees and councils.

Essential Duties/Responsibilities

• Develop and maintain an information security plan, with emphasis on resiliency, recovery, and restoration of services, in support of the continuity of operations.
• Lead security incident response activities and participate in the full incident response lifecycle plan.
• Lead and/or participate in efforts to upgrade existing systems to meet evolving needs, including direction for the specification, purchase, and deployment of new security components, systems, and/or infrastructure.
• Monitor, manage, and evaluate emerging threats and establish guidelines for response; including recommendations on remediation strategies/solutions for vulnerabilities.
• Continuous review, monitoring, and reporting on the current technology landscape and services, with an eye on potential gaps or weaknesses, and create remediation plans as needed.
• Review new security technologies, tools, and services, and make recommendations to the CIO for use based on security, financial, and operational metrics.
• Create and maintain policies and standards that support business and technology goals and objectives, to protect the confidentiality, integrity, and availability of all information and data created, received, stored, and/or processed.
• Assess security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements.
• Create and promote a strong security culture through training, outreach, and technical security consulting.
• Ensure contracts, solicitations, new systems, services, technology components, and implementations include appropriate security requirements.
• Maintain a Criminal Justice Information Services (CJIS) Certification.
• Perform other related duties as required.

Knowledge, Skills and Abilities

• Knowledge of the principles and practices of supervision and management.
• Knowledge of security best practices for data, network, applications, and other components.
• Knowledge of the National Institute of Standards and Technology (NIST) framework.
• Knowledge of information technology security State and Federal requirements.
• Knowledge of application development and web services.
• Knowledge of data and databases.
• Knowledge of Windows authentication.
• Knowledge of network components and protocols.
• Skill in troubleshooting and solving complex issues.
• Skill in analysis, interpretation, and reporting of data.
• Skill in clearly communicating technical information, both verbal and written.
• Skill in formulating policies and procedures.
• Ability to work on-site during normal business hours.
• Ability to conduct meetings and make presentations.
• Ability to lead people and direct program activities.
• Ability to plan, prepare, and prioritize workload and program activities.
• Ability to do short- and long-range program and project planning.
• Ability to establish and maintain effective working relationships with others.

Minimum Qualifications

A bachelor’s degree from an accredited college or university in computer science, management information systems, mathematics, or engineering and six years of progressively responsible information systems experience, two years of which must have been in a managerial or supervisory capacity.

Progressively responsible information systems experience can substitute on a year-for-year basis for the required college education. Any combination of progressively responsible information systems experience and post-secondary training in disciplines as described above totaling ten years.

Preferred Qualifications

Preference will be given to applicants with extensive knowledge and work experience with the following:

• Application programming across multiple languages.
• Database administration and/or programming, across multiple platforms.
• Configuration of servers, systems, and/or network.
• Standards and policy creation, review, and enforcement.
• Incident response, security monitoring and analysis, vulnerability management and risk assessment, threat hunting, penetration testing, cyber threat intelligence, and/or other cyber security roles.

Salary

Hiring salary commensurate with experience with an anticipated salary of $85,000 to $115,000.  The Legislature offers a competitive benefits package.

Employment Description

Location: The position will be located on-site in the Claude Pepper Building.

Application Deadline

Open until filled.

Submission of Application

Qualified applicants should send a completed legislative application and resume to:

Office of Legislative Services
Human Resources Office
Re: OLITS – Information Security Manager
111 W. Madison Street
Room 701, Claude Pepper Building
Tallahassee, FL 32399-1400

Applications are available through the Florida Legislature's web site Online Sunshine and in Room 701 of the Claude Pepper Building.

Accommodation for Disability

If an accommodation is needed for a disability, please notify Human Resources at (850) 488-6803.

Do not click the Apply button. Applications are available Here.