OAG - Enterprise Information Security | Chief Information Security Officer | 26-0234 jobs in United States
cer-icon
Apply on Employer Site
company-logo

The Office of the Utah Attorney General · 11 hours ago

OAG - Enterprise Information Security | Chief Information Security Officer | 26-0234

positionAustin, TX
timeFull-time
remoteOnsite
seniorityDirector/Executive
money$14,583.33/mo - $17,083.34/mo
date10+ years exp

The Office of the Attorney General (OAG) is a dynamic state agency committed to providing innovative IT services. They are seeking a Chief Information Security Officer to lead the agency’s information security program, develop cybersecurity strategies, and oversee operations to protect information assets and infrastructure.

ConsultingGovernmentLaw EnforcementLegal
check
H1B Sponsor Likelynote

Responsibilities

Developing, maturing, and executing OAG’s cybersecurity strategy and program
Advising the Office of the CIO on security risks and acceptable risk levels
Overseeing cybersecurity operations, risk management, and incident response
Embedding security into digital transformation initiatives, including cloud expansion and modernization
Driving adoption and enforcement of security policies and procedures
Leading a high-performing team of security professionals
Leads the agency’s information security function to ensure consistent, high-quality security management aligned with agency goals and the protection of information assets, technologies, applications, systems, infrastructure, and processes
Establishes and enforces cybersecurity standards, policies, and procedures to maintain service continuity during changes, security incidents, or disaster recovery events
Develops and oversees a strategic, comprehensive information security program ensuring confidentiality, integrity, availability, privacy and recovery of organizational information assets
Operates and manages the Security Operations Center (SOC) to monitor infrastructure for cyber threats, including external attacks and insider risks
Builds and leads a skilled team of security professionals responsible for risk reduction, incident response, and collaboration with business and technical stakeholders during cyber events
Directs threat intelligence collection, analysis, and dissemination to internal teams and partner organizations to strengthen cybersecurity posture
Conducts security assessments, risk analyses, and audits; defines and maintains security standards and compliance requirements
Represents the agency in internal and external forums on information security strategy and represents information security in IT and executive governance committee
Oversees security awareness, communication, and training programs to promote a strong security culture across the organization
Performs related work as assigned
Maintains relevant knowledge necessary to perform essential job functions
Attends work regularly in compliance with agreed-upon work schedule. Telework schedules are permitted for employees based on the agency’s approved Telework Plan (if schedule does not adversely affect operations and service levels, and standard hours of operation are maintained). Telework schedules are set by the Departments based on business needs
Ensures security and confidentiality of sensitive and/or protected information
Complies with all agency policies and procedures, including those pertaining to ethics and integrity

Qualification

Cybersecurity strategySecurity Operations CenterIncident managementRisk managementCybersecurity analysisSecurity policiesThreat intelligenceSecurity assessmentsSecurity certificationsCustomer serviceCommunication skillsTeam leadership

Required

Graduation from high school or equivalent
Graduation from an accredited four-year college or university with major coursework in cybersecurity, information technology, computer engineering, computer information systems, computer science, management information systems, or a related field is generally preferred; experience in the following (or closely related) fields may be substituted for the required education on a year-for-year basis: information security, information technology, or risk management
10 years of full-time experience working in the following (or closely related) fields: information security, information technology, or risk management
Experience and technical mastery in cybersecurity analysis work, with emphasis on security operations, incident management, intrusion detection, information protection, security systems deployment, and security event analysis
Experience in building and/or maturing a Security Operations Center, including the integration of monitoring, threat intelligence, forensic analysis, and incident response
Knowledge of local, state, and federal laws and regulations relevant to information security, privacy, and computer crime; of the principles and practices of public administration and management; of the limitations and capabilities of computer systems; of technology across all network layers and computer platforms; of operational support of networks, operating systems, Internet technologies, databases, and security applications; of cybersecurity controls, procedures, and regulations; and of incident response program practices and procedures
Skill in the use of a computer and applicable software; and in configuring, deploying, and monitoring security infrastructure
Ability to manage and oversee the development, monitoring, and maintenance of security processes and controls; to identify problems, evaluate alternatives, and implement effective solutions; to develop and evaluate policies and procedures; to prepare reports; to implement security best practices and awareness; to communicate effectively; and to supervise the work of others
Ability to provide excellent customer service
Ability to arrange for personal transportation for business-related travel
Ability to work more than 40 hours as needed and in compliance with the FLSA
Ability to lift and relocate 10 lbs
Ability to travel (including overnight travel) up to 10%

Preferred

Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC)

Benefits

Excellent benefits

Company

The Office of the Utah Attorney General

twittertwittertwitter
company-logo
The mission of the Office of the Utah Attorney General is to uphold the constitutions of the United States and of Utah, enforce the law, and protect the people, environment and resources of the State of Utah.
dateFounded in 1850
location
Salt Lake City, Utah, USA
people-size501-1000 employees
web-link
https://attorneygeneral.utah.gov/

H1B Sponsorship

The Office of the Utah Attorney General has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)

Funding

Current Stage
Late Stage

Recent News

AllAfrica.com
Kenya: State Faulted for Listing Non-Existent Firm in Marsabit Power Projects
2025-10-24
Bangkok Post
Twist in Nong Cartoon crash saga
2025-05-07
valorinternational
Government struggles to quantify refunds owed to defrauded retirees
2025-05-03
Company data provided by crunchbase