STATE CHIEF INFORMATION SECURITY OFFICER - 72004041

Requisition No: 853309 

Agency: Management Services

Working Title: STATE CHIEF INFORMATION SECURITY OFFICER - 72004041

 Pay Plan: SMS

Position Number: 72004041 

Salary:  $205,485.00 

Posting Closing Date: 05/31/2025 

Total Compensation Estimator Tool

State Chief Information Security Officer
Florida Digital Service
State of Florida Department of Management Services
This position is located in Tallahassee, FL 

Position Overview and Responsibilities:
The Chief Information Security Officer (CISO) for the State of Florida is responsible for leading the state's cybersecurity strategy, establishing standards, and maintaining compliance with state and federal regulations. This role involves collaboration with various stakeholders to mature agency cybersecurity programs, oversee cybersecurity operations, manage risks, and respond to cybersecurity incidents in accordance with Florida Statutes. The State CISO must be an effective leader with proven abilities to build and manage highly motivated teams with a commitment to accomplishing the mission.

Responsibilities:

1. Strategic Planning: Develop and annually update a comprehensive statewide cybersecurity strategic plan by February 1, detailing security objectives, risk mitigation strategies, and key initiatives over a three-year horizon.
2. Governance Framework: Develop and publish a cybersecurity governance framework for state agencies, including guidelines for asset management, risk assessment, threat detection, incident response, and recovery procedures.
3. Risk Assessments: Oversee the completion of comprehensive cybersecurity risk assessments for state agencies, ensuring they are conducted every three years and comply with standardized methodologies.
4. Incident Response: Establish and lead agency cybersecurity incident response teams, ensuring timely reporting and effective management of cybersecurity incidents, including breaches involving confidential or exempt data.
5. Cybersecurity Operations Center: Operate and maintain a Cybersecurity Operations Center providing comprehensive enterprise monitoring and detection services and acting as a clearinghouse for threat information while coordinating with the Department of Law Enforcement.
6. Business Continuity: Lead the Emergency Support Function (ESF 20) under the state comprehensive emergency management plan, coordinate cybersecurity efforts during emergencies and facilitate enterprise business continuity planning, testing, and training.
7. Training and Awareness: Develop and maintain cybersecurity training guidelines and framework for state agencies. Provide annual cybersecurity training for state agency information security managers and incident response team members, in collaboration with the Cybercrime Office of the Department of Law Enforcement.
8. Compliance Assistance: Assist state agencies in complying with cybersecurity requirements, including the development of strategic and operational cybersecurity plans
9. Procurement Oversight: Provide recommendations to update procurement processes for IT acquisitions to align with National Institute of Standards and Technology (NIST) Cybersecurity Framework standards.
10. Policy Development: Develop and periodically update policies and procedures for reporting cybersecurity incidents and breaches, ensuring consistency with Florda Statutes, industry standards, and best practices.
11. Performance Measures: Implement cybersecurity metrics and reporting systems to monitor the effectiveness of enterprise security initiatives and operations.

 Knowledge, Skills, and Abilities:

• Proficient in threat detection methodologies and incident response planning.
• Proficient in managing large-scale cybersecurity initiatives and operations.
• Proficient in leading cross-functional teams, fostering collaboration, accountability, and alignment with strategic objectives.
• Knowledge of cybersecurity fundamentals.
• Knowledge of network and infrastructure security fundamentals.
• Knowledge of operational technology security fundamentals.
• Knowledge of risk management processes/governance.
• Knowledge of relevant cybersecurity standards, frameworks, and certifications such as NIST CSF, NICE, and FedRAMP.
• Knowledge of Federal and State information security laws and statutes, such as HIPAA, IRS-1075, CJIS, FERPA.
• Ability to develop and maintain collaborative relationships with government agencies and external partners.
• Ability to develop and implement policies, procedures, goals, and objectives.
• Ability to strategically plan and implement change.
• Ability to convey complex security concepts to state leaders as well as diverse, large and/or public audiences.
• Ability to plan, organize and coordinate work assignments.
• Ability to establish and maintain effective working relationships with others.
• Accountability, Communication, Empowerment, Flexibility, Integrity, Respect, Teamwork
• Ability to make informed decisions based on data analysis and business requirements.
• Ability to think critically and challenge assumptions.
• Ability to create comprehensive reports and presentations for various audiences.

Certification/Educational Requirements and Preferences:

• A bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field; Graduate degree preferred.
• Minimum of 10 years of experience in information technology, including at least 5 years in a leadership role and 5 years in cybersecurity.
• Previous success leading cybersecurity functions at a large federal agency, local government, or similar private/public roles.
• Relevant industry certifications such as CISSP, CISM, ISSMP, and/or CCISO preferred.

Our Organization and Mission:
Under the direction of Governor Ron DeSantis, Secretary Pedro Allende and DMS’ Executive Leadership Team, the Florida Department of Management Services (DMS) is a customer-oriented agency with a broad portfolio that includes the efficient use and management of real estate, procurement, human resources, group insurance, retirement, telecommunications, fleet, and federal property assistance programs used throughout Florida’s state government. It is against this backdrop that DMS strives to demonstrate its motto, “We serve those who serve Florida.”
 

Special Notes:
DMS is committed to successfully recruiting and onboarding talented and skilled individuals into its workforce. We recognize the extensive training, experience and transferrable skills that veterans and individuals with disabilities bring to the workforce. Veterans and individuals with disabilities are encouraged to contact our recruiter for guidance and answers to questions through the following provided email addresses:
DMS.Ability@dms.myflorida.com
DMS.Veterans@dms.myflorida.com
An individual with a disability is qualified if he or she satisfies the skills, experience, and other job related requirements for a position and can perform the essential functions of the position with or without reasonable accommodation. Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must contact the DMS Human Resources (HR) Office at (850) 488-2707. DMS requests applicants notify HR in advance to allow sufficient time to provide the accommodation.
Criminal background investigation including fingerprinting and statewide and national criminal history records check per Section 110.1127 Florida Statutes, Chapter 435 Florida Statutes and the Federal Bureau of Investigation’s CJIS Security Policy CJISD-ITS-DOC-08140. Pursuant to F.S. 215.422 every officer or employee who is responsible for the approval or processing of vendors’ invoices or distribution of warrants to vendors are mandated to process, resolve and comply as section 215.422 requires

The State of Florida is an Equal Opportunity Employer/Affirmative Action Employer, and does not tolerate discrimination or violence in the workplace.

Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify the agency hiring authority and/or People First Service Center (1-866-663-4735). Notification to the hiring authority must be made in advance to allow sufficient time to provide the accommodation.

The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act.