IT Security & Compliance Manager II

$51.60 - $82.56 Hourly

$107,324 - $171,718 Annually

This position is a Pay Band II

Posting Details

The New Mexico Department of Public Safety (DPS) is looking for a proven leader and cybersecurity expert to serve as Chief Information Security Officer (CISO) and lead our Cybersecurity and Compliance Bureau (CCB). The CCB is a key strategic bureau within DPS and the Information Technology Division (ITD). DPS houses the New Mexico State Police (NMSP) and provides many services to the entire law enforcement community throughout New Mexico. DPS is the FBI designated Criminal Justice Information Services (CJIS) Systems Agency (CSA) for the State of New Mexico. As such, DPS is the exclusive entity in New Mexico that provides access to CJIS for all federal, state, local and tribal law enforcement agencies. The DPS CISO also serves as the FBI designated CSA Information Security Officer (ISO) for the State of New Mexico.

The DPS ITD provides a portfolio of services to the entire law enforcement community in New Mexico in addition to being the key technology partner of NMSP and the other statewide law enforcement support divisions of DPS. The ITD Leadership Team is committed to helping everyone on our team grow professionally and personally through training, mentorship, and challenging work assignments.

DPS has one of the most complex networks in the State of New Mexico consisting of over 50 physical offices including the DPS headquarters, the NM Law Enforcement Academy, three forensic labs, three 911 communications / dispatch centers, 12 NMSP district offices, and a significant number of permanent and transitory sub-stations in key locations throughout the state including the Governor's Mansion. In addition to these physical locations, the network consists of 650 NMSP patrol units, the NMSP helicopter and several mobile command centers. The network is accessed 24 hours per day, 7 days per week with no tolerance for downtime by DPS civilian staff, NMSP, and all federal, state, local and tribal law enforcement agencies (LEAs) to receive mission-critical CJIS and to access many other systems. These systems are essential to law enforcement statewide.

DPS ITD provides the time, resources and encouragement for its staff to participate in ongoing training and mentorship. We are looking for employees who want to grow their skills, develop as individuals, be reliable teammates and enjoy challenging work assignments. The significant number of our employees who have been promoted into higher positions is evidence of our success. ITD enjoys a close working relationship with the NMSP, law enforcement agencies across New Mexico and our federal partners such as the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). ITD and its employees are valued by the leadership of DPS as an essential part of the public safety services in New Mexico. If you become a member of the DPS ITD family, you will quickly become integrated into the law enforcement community statewide.

Why does the job exist?

The DPS CISO (IT Security & Compliance Manager II) leads the Cybersecurity and Compliance Bureau (CCB) at DPS. The CCB is responsible for various cybersecurity efforts including strategic planning, policy development and implementation, network scans, log consolidation, alert monitoring, threat hunting, implementing security tools, and expanding adoption of technologies and best practices such as Multi Factor Authentication (MFA). The CCB also is responsible for various oversite and compliance efforts at DPS such as Payment Card Industry Data Security Standard (PCI DSS) and CJIS including audits, surveys, training, documentation, etc. The CCB works closely with the other teams in ITD including networking, servers, applications, end user support, and project management to ensure that all solutions delivered and maintained by DPS meet the highest security standards possible.

DPS is looking for a CISO with strong leadership and interpersonal skills, who is organized, mission-oriented and will passionately support the mission of DPS. The DPS CISO must possess a strong technical understanding of cybersecurity and a wide array of IT such as networking, datacenters, applications, end-user devices and cloud. The CISO will need to quickly learn about the mission and operations at DPS, State Police and law enforcement statewide. As the CSA ISO, this position will be one of the key experts in New Mexico on the FBI CJIS Security Policy. CSA ISO duties include reviewing and approval of network / system changes for all CJIS agencies in the State including law enforcement, courts, corrections and non-criminal agencies that perform FBI background checks on individuals. As the CSA ISO, strong relationship building and the ability to ensure policy and compliance is adhered to by the law enforcement community and vendors while being flexible enough to maintain critical access to systems and support services for public safety is necessary. Some travel to training and conferences is required.

The CCB was created three years ago. The accomplishments of the CCB over that period are substantial, including thwarting ongoing cybersecurity threats and significantly enhancing the cybersecurity posture of the agency. The incoming CISO will have the opportunity to further build out the capabilities and staff of the CCB, forging a truly best of class cybersecurity and compliance team.

The CISO reports directly to the DPS Chief Information Officer (CIO) at the DPS Headquarters complex in Santa Fe and leads a four-person team that is expected to grow. The CISO is a member of the ITD Leadership Team. As such, the CISO provides leadership to ITD as well as the entire DPS. The CISO works closely with the Department of Information Technology (DoIT) and the New Mexico Office of Cybersecurity on state government cybersecurity efforts.

One of the key duties of the CISO is being a partner and advisor to the CIO. The CISO works closely with the DPS CIO and other members of the ITD Leadership Team on strategic initiatives and budgets for the agency. The CISO is expected to build strong relationships with key stakeholders within and outside DPS. This includes the DPS Executive Team, State Police Command Staff, Directors and Bureau Chiefs throughout DPS and key partner agencies of DPS. DPS leadership understands the value and importance of cybersecurity which will allow the incoming CISO to quickly earn the trust of the entire department through outreach, networking, hard work, integrity and results.

How does it get done?

The CISO oversees the day-to-day operations of the DPS Cybersecurity and Compliance Bureau (CCB). The CISO works closely with the DPS CIO and other members of the ITD Leadership Team in providing direction to a growing staff of dedicated professionals who are dedicated to the mission of DPS. The CISO also serves as the FBI designated New Mexico CSA ISO. The following are the primary duties of the CISO:

Oversee the recruitment and development of employees and contractors under direct supervision of the CISO. Provide mentorship to these employees and perform performance evaluations.

Develop metrics to ensure that all DPS cybersecurity projects remain on schedule, on budget, and within scope. Develop systems to capture, track and report on metrics about cybersecurity projects in a manner that enables process improvement.

Build strong relationships with DPS Leadership, NMSP commissioned officers, DPS non-commissioned personnel, and key stakeholders outside of DPS. Leverage these relationships to learn about the needs of ITD's customers and ensure that the services offered by ITD remain aligned with these needs.

Ensure that ITD personnel remain customer-centric and aligned with the mission of keeping the public and officers throughout New Mexico safe.

Rotate week-long on-call management duties for nights and weekends with the rest of the 7-person ITD Leadership team (CIO, Deputy CIO and 5 bureau chiefs.) Most weeks involve responding to a few calls and coordinating responses to occasional incidents.

Working closely with the CIO and other members of the ITD Leadership Team, develop strategic initiatives and direction for ITD.

Take personal responsibility for the success of ITD and DPS as a whole.

Provide strategic leadership of the CJIS information security programs.

Provide guidance and counsel to the state CJIS Systems Office (CSO) and executive management at DPS to define objectives for information security.

Work with Law Enforcement Agency (LEA) agency Local Agency Security Officers (LASOs) and LEA leaders (Chiefs, Sheriffs, etc.) to oversee the formation and operations of an integrated statewide CJIS security infrastructure that is organized toward a common goal and standards in information security.

Coordinate information security efforts with the FBI CJIS Division ISO, Cybersecurity and Infrastructure Security Agency (CISA), the New Mexico Office of Cybersecurity and the New Mexico CSO.

Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire state criminal justice community in support of all agencies and services.

Establish annual and long-range security and compliance standards and goals, define security strategies, metrics, reporting mechanisms and program services; create maturity models and a roadmap for continual program improvements.

Lead the development and implementation of effective policies and practices to secure protected and sensitive data; ensure information security and compliance with relevant legislation and legal interpretation click apply for full job details