Cybersecurity Program Manager

Title

Cybersecurity Program Manager

Location

Boise ID (Hybrid Locals Only)

Duration

6 Months

Job Type

C2CW2

Job Description

The Cybersecurity Program Manager is responsible for ensuring the CISOs strategy for protecting the Idaho Judiciarys networks systems and applications are effectively implemented.

General Position Summary :

• The Cybersecurity Program Manager is responsible for ensuring the CISOs strategy for protecting the Idaho Judiciarys networks systems and applications are effectively implemented.
• This position will assist with determining analyzing and proposing security requirements policies and technical solutions.
• This position will work as the liaison for the Information Division to other functional business units representing security concerns and initiatives.
• This position works under the direction of the CISO.

How We Work :

• The Administrative Office of the Courts is committed to supporting the mission of the Idaho Courts through the use of an agile approach that aligns strategy work and capacity.
• This approach empowers our employees to respond quickly and efficiently to meet the needs of our customers : citizens courts judges employees and other stakeholders.
• We believe in continual improvement of our services and products to better serve and support our customers and the evolving environment.
• Employees are futurefocused take initiative and are personally responsible for work delivery and professional growth.
• Our leaders are committed to professional development and growth of employees by empowering and supporting motivated individuals;

providing clarity and focus for projects; giving those individuals the environment and support they need; and fostering a culture of collaboration transparency learning trust and shared accountability.

Major Duties and Responsibilities : (The examples provided do not cover all the duties which the incumbent in this position may be required to perform.)

• Assists with obtaining approval of security systems for the Idaho Courts;
• Tracks and monitors the implementation of security policies and procedures;
• Ensures tracking of personnel compliance with cybersecurity policies;
• Works with AOC functional business units to track outstanding security compliance questions;
• Ensures cybersecurity strategy initiative and solutions are effectively implemented;
• Tracks proposed solutions and coordinates actions to mitigate system security threats and risks;
• Assists with security product evaluation and recommendations to improve the Courts security posture;
• Assist with leading and tracking the status of the development of security incident response plans and organizes incident response exercises and testing;
• Assists with review and identification of root causes of security incidents identifies and tracks corrective actions risks and future proactive / preventive actions;
• Ensures vulnerability / risk management processes are being documented in order to improve vulnerability assessments penetration testing vulnerability remediation and compliance testing;
• Ensures reporting and tracks vulnerability and threat trends including metrics for tracking and analyzing vulnerability remediation efforts.

Minimum Qualifications :

The Judicial Branch reserves the right to consider an equivalent combination of education training and / or experience in determining whether an applicant is capable of performing the assigned duties and fulfilling the assigned responsibilities of this position.

Education and Experience

• Five (5) years of experience in cybersecurity
• Two (2) years of experience in a program management or leadership role;
• Cybersecurity certifications such as CISSP CISM CISA or equivalent preferred;
• Project Management Professional (PMP) or equivalent project management certification preferred;
• Experience with risk management incident response and threat assessment;
• Familiarity with security tools and technologies (e.g. firewalls intrusion detection systems).

Knowledge Skills and Abilities

• Knowledge of enterprise security architecture and compliance principles;
• Knowledge of cybersecurity frameworks (e.g. NIST ISO 27001);
• Knowledge of infrastructure and application security design;
• Knowledge of operating systems such as Windows Windows Server and VMware as well as Linux and Unix;
• Knowledge of security compliance and risk management;
• Knowledge of security awareness education and training programs;
• Knowledge of application and operating systems security configuration and best practices;
• Skill in communicating complex information in an understandable manner;
• Skill in identifying complex issues and proposing feasible costeffective solutions;
• Skill in project management including planning execution and monitoring of cybersecurity initiatives;
• Ability to work independently;
• Ability to provide leadership to staff;
• Ability to communicate effectively verbally and in writing including developing reports and using metrics for illustration;
• Ability to match system solutions to specific user requirements and functions;
• Ability to develop and interpret complex policies and procedures;
• Ability to display an attitude of cooperation and work harmoniously with all levels of court employees the general public and other organizations.

Skill

Required / Desired

Amount

of Experience

Experience as an IT Project Manager

Required

Years

Experience in Cybersecurity

Required

Years

Experience in a program management or leadership role

Required

Years

Experience planning projects tracking tasks and reporting on status using a project management methodology.

Required

Years

Developing and creating reports using metrics and graphs.

Required

Years

Use of cybersecurity frameworks (e.g. NIST ISO 27001) to identify define and track risks in an organization.

Required

Years

Experience with developing a security incident response plan and organizing tabletop exercises.

Highly desired

Years

Experience developing cybersecurity policies standards and procedures.

Nice to have

Years

Cybersecurity certifications such as CISSP CISM CISA or equivalent

Nice to have

Exceptional communication skills required

Required