Apply on Employer Site

NEOGOV · 1 day ago

Deputy Chief Information Security Officer | Compliance and Attestation

Multiple Locations Statewide, WA

Full-time

Hybrid

Senior Level

$102K/yr - $138K/yr

5+ years exp

NEOGOV is seeking a strategic, tech-savvy leader to join the Department of Corrections as the Deputy Chief Information Security Officer | Compliance and Attestation. This influential role involves setting the direction for security architecture, IT compliance, and technology risk management, ensuring security is integrated into all operations while leading the Cybersecurity Assessment and Compliance team.

GovTechHuman ResourcesInformation TechnologySoftware

H1B Sponsor Likely

Responsibilities

Analyzing and assessing vulnerability risks identified during scans to support system changes and leading IT architecture or design changes required to address IT architecture, functionality and configuration which could include: Developing Minimum Security Baseline configurations for new technologies, Developing and maintaining infrastructure architecture diagrams to facilitate engineering material builds, Leading and facilitating architecture presentations to project teams, working groups, design authorities, and leadership, Developing and enhancing target architectures as well as target operate models for new/existing architectures and services, Developing Minimum Security Baseline configurations for new technologies

Maintaining a coordinated enterprise-level vulnerability management program that effectively reviews, analyzes, communicates, and guides remediation of IT vulnerabilities which could look like: Validating and confirming accuracy and scope of scanning infrastructure with IT teams through both manual and automated processes, Detecting and remediating vulnerabilities within established timelines, Ensuring regular security scans are scheduled and completed to reduce exposure time, Determining and maintaining the scope of systems to include in the vulnerability scanning, Ensuring IT Architectural Standards are consistent across the enterprise

Analyzing and assessing the criticality from internal and external vulnerability scans to understand the impact, potential mitigation and delivers and implements remediation plans

Identifying and executing attack surface reduction opportunities via vulnerability data analysis, trends, and log reviews

Responding to cyber security incidents and assists with threat hunting and data analysis to protect and maintaining the overall IT security of DOC

Other tasks

Qualification

Enterprise architecture servicesInformation Security conceptsVulnerability managementCloud systems AWSCloud systems AzurePowerShellAzure Advanced Threat ProtectionVulnerability scanning technologyRisk managementProject managementCommunication skills

Required

A Bachelor's degree in business administration, computer science, or related field

Five (5) years of information technology experience providing enterprise architecture services

High school diploma

Four years of a combination of IT related training and experience

Five (5) years of information technology experience providing enterprise architecture services

Five (5) years' experience in working in a complex/enterprise IT environment across multiple disciplines (IT Security, network engineering, application security, database, risk management, project management, etc.)

Two (2) years' experience using PowerShell

Two (2) years utilizing either Azure Advanced Threat Protection (ATP), Microsoft Defender for Endpoint (Microsoft Defender ATP) or Office 365 ATP

Two (2) years' experience articulate business risks of technical issues to non-technical personnel

Knowledge of core Information Security concepts related to Threat and Vulnerability Management

Experience with performing complex network vulnerability scans in both on-prem and cloud environments using common vulnerability assessment tools

Understanding of governing security principals (PCI, ISO 27000 series, FFIEC, NYSDFS, NIST)

Prior experience with vulnerability scanning technology (Risk Sense, Nessus, Tenable, etc.)

Experience in analyzing, identifying, and developing remediation plans for vulnerabilities

Preferred

Training, experience, or certification in Information security certifications: (SANS, CISSP, CompTIA, ISC2, etc)

Two years (2) of hands-on experience with production Cloud systems (AWS, Azure)

Benefits

Remote/telework/flexible schedules (depending on position)

Up to 25 paid vacations days a year

8 hours of paid sick leave per month

12 paid holidays a year

Generous retirement plan

Flex Spending Accounts

Dependent Care Assistance

Deferred Compensation and so much more!

Company

NEOGOV

Glassdoor3.5

NEOGOV is the leading provider of workforce management software uniquely designed for the public sector, education, and public safety.

Founded in 1999

El Segundo, California, USA

501-1000 employees

http://www.neogov.com

H1B Sponsorship

NEOGOV has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (13)

2024 (10)

2023 (10)

2022 (18)

2021 (14)

2020 (16)

Funding

Current Stage

Late Stage

Total Funding

$700M

Key Investors

Warburg Pincus

2025-07-28Secondary Market· $700M

2025-07-28Acquired

2021-06-02Private Equity

Leadership Team

Shane Evangelist

CEO

Brandon McDonald

Head Of Marketing

Recent News

Canada NewsWire

CPP Investments Net Assets Total $777.5 Billion at Second Quarter Fiscal 2026 Français

2025-11-14

Financial Post

CPP fund grew by more than $45 billion in fiscal second quarter on surging equities

2025-11-14

Government Technology US

Gov Tech Biz Quarterly Roundup: Q3 2025 With Jeff Cook

2025-10-31

Company data provided by crunchbase