Chief Information Security Officer 2024-01267

Interested in this role You can find all the relevant information in the description below.

Open Until Filled

GENERAL DESCRIPTION :

The Chief Information Security Officer will be responsible for supervising all technology matters related to the Wyoming Stable Token, in accordance with laws and best practices around cybersecurity and privacy.

The CISO will design, deploy, and oversee the WYST cybersecurity program to ensure all aspects are current and in adherence with regulatory requirements.

Such a program will include a cybersecurity risk assessment, identifying and remediating risks, performing an annual policy review and updating documentation as necessary, retaining all evidence of reviews performed, providing reports to the Commission, and any other duties or responsibilities as determined by the Commission or Executive Director.

The CISO will report to the Executive Director with a direct line to the Commission.

Human Resource Contact : Serenity Moffett / [email protected] / 307.777.6243

ESSENTIAL FUNCTIONS :

The listed functions are illustrative only and are not intended to describe every function which may be performed at the job level.

Cybersecurity Threat Assessment & Compliance : Design, deploy, and oversee all cybersecurity-related activities of the Commission, inclusive of maintaining compliance with applicable laws and best practices.

This is a continuous and dynamic process, requiring the CISO to stay informed of evolving threats and regulatory changes, including those that are specific to blockchain and digital assets.

Cybersecurity Risk Assessment : In partnership with the CRCO, conduct and oversee risk assessments to identify potential vulnerabilities within the Commission or with the Wyoming Stable Token.

This includes coordinating and managing red / blue team exercises for both physical and digital infrastructure, engaging white hat hackers, and creating / managing bug bounties open to the public.

• Risk Remediation : Develop and implement strategies to mitigate identified risks. This may involve deploying new security technologies or patches, updating policies, conducting training sessions, and engaging / coordinating with third parties (inclusive of forensic investigators).
• Blockchain Review & Selection : Develop and implement a process for the selection of blockchains on which WYST will be natively issued or bridged to using cross-chain transfer / interoperability protocols.
• Review and Update of Cybersecurity Policy : Perform an annual review of the cybersecurity policy and update it as necessary.

This ensures that the policy remains relevant and effective against current cyber threats.

Retention of Review Evidence : Document and retain evidence of all reviews performed to foster accountability and regulatory compliance.

This documentation is essential for audits and for demonstrating adherence to best practices.

Internal Reporting : Provide reports to the Commission, Executive Director, and other legislative bodies on cybersecurity matters on a recurring and as-needed basis, inclusive of monthly Commission meetings.

This includes updates on the cybersecurity landscape, the effectiveness of current security measures, and recommendations for improvements.

Industry Monitoring : Stay informed of emerging trends, advancements, and best practices in stable token technologies to inform the Commission's strategies and activities.

PREFERENCES / AGENCY REQUIREMENTS :

• Bachelor’s Degree from an accredited university.
• Certified Information Systems Security Professional (CISSP) or equivalent certification.
• 10+ years of management-level experience within the cybersecurity field.
• Robust hands-on experience with blockchain and digital assets.
• Remote role, Wyoming preferred.

KNOWLEDGE :

• Subject Matter Expertise : Expertise in the design, structure, and operations of digital assets and blockchain technology, and hands-on experience with cybersecurity in this industry.
• Digital Asset and Stablecoin Specifics : Comprehension of the unique security challenges and regulatory environment specific to digital assets, especially stablecoins.
• Networking and System Security : Knowledge of network architectures, including cloud security, firewalls, and intrusion detection / prevention systems.
• Regulatory Compliance : Familiarity with cybersecurity laws, financial regulations, data protection laws (e.g., GDPR), and industry-specific regulations.
• Incident Response and Management : Proficiency in handling security breaches and incidents, including response planning and investigation.
• Leadership : Strong leadership skills to lead and motivate cybersecurity professionals external to the agency.
• Strong Ethical Standards : Ability to identify and manage potential conflicts of interest in the digital assets and blockchain industry.

Full compliance with state ethics and disclosure laws, orders, and regulations.

MINIMUM QUALIFICATIONS :

See "Preferences"

PHYSICAL WORKING CONDITIONS :

• Typically, the employee may sit comfortably to perform the work; however, there may be some walking, standing, bending, carrying light items, driving an automobile, etc.
• Special physical demands are not required to perform the work.

NOTES :

• FLSA : Exempt
• This is an At-Will Employee Contract (AWEC) position.

The State of Wyoming is an Equal Opportunity Employer and actively supports the ADA and reasonably accommodates qualified applicants with disabilities.

Class Specifications are subject to change, please refer to the A & I HRD Website to ensure that you have the most recent version.

J-18808-Ljbffr