Director Information Technology Security

The Office of the Chief Financial Officer (OCFO) is the steward of the Government of the District of Columbia's (District's) finances. Since its creation in 1996, OCFO's mission is to ensure the financial integrity and long-term fiscal health of the District. OCFO accomplishes this mission by ensuring balanced budgets, unqualified or "clean" audit opinions, and access to quality credit markets with high and improving bond ratings.

OCFO's operational responsibilities include forecasting the District's revenues and financial condition, developing and managing the District's budget, administering the District's taxes, and executing and recording the District's financial transactions. In addition, OCFO administers the District's lottery and gaming programs, and oversees the finances of the University of the District of Columbia and the Washington Convention and Sports Authority (Events DC).

We are searching for a Director of Information Technology Security. This position is in the Office of the Chief Financial Officer (OCFO), Office of the Chief Information Officer (OCIO). The incumbent is responsible for establishing and managing the OCFO's security strategy and programs to ensure the protection of both physical and informational assets.

Duties include, but are not limited to:

• Develop and lead the enterprise-wide security strategy
• Direct the development, implementation, and enforcement of security policies, standards, and procedures, overseeing cybersecurity operations, including threat detection, incident response, vulnerability management, and data protection.
• Oversee cloud and vendor-hosted platforms security initiatives; executing disaster recovery and business continuity planning and testing; defining security requirements in contracts.
• Provide strategic guidance on security requirements for new systems; developing and delivering security awareness and training programs; and supervising and mentoring security staff.
• Performs other related duties as assigned

Eight (8) years of progressive experience managing and directing enterprise information security programs in a government or complex organization; leading, developing, and implementing security policies, standards, and enterprise security strategies; developing and managing cybersecurity programs; overseeing vendor security requirements and contract compliance; and providing technical advisory support for risk management and disaster recovery. Experience must also include leading security awareness or training programs, conducting and overseeing security audits, coordinating with senior leadership and external stakeholders, and at least two (2) years of supervisory experience over technical and managerial staff., * Are you legally authorized to work in the United States without sponsorship now or in the future? (Yes or No)

• How many years of experience do you have with leading a response to a significant security incident?
• How many years of experience do you have managing third-party, vendor security risks and assessing, monitor, and mitigate risks from external partners?
• How many years of experience do you have managing containment, communication, recovery, and post-incident improvements?
• • How many years of experience do you have with strategies that foster security awareness and accountability across IT teams and the broader organization beyond mandatory training?
• • This is a hybrid position that would require you to work at least 3 days per week onsite out of Washington, DC office. Are you open to commuting or relocating for this role?

Work Location: Hybrid remote in United States, DC 20024

The OCFO offers a competitive salary and benefits package including medical, dental, retirement, and educational assistance.

The Office of the Chief Financial Officer is an EQUAL OPPORTUNITY EMPLOYER

Pay: $176,948.00 - $214,712.00 per year