OAG - Enterprise Information Security | Chief Information Security Officer | 26-0234

GENERAL DESCRIPTION

The CISO leads the Office of the Attorney General’s (OAG) information security program, setting vision and strategy to protect information assets, systems, and infrastructure. This role partners with internal divisions, state and federal agencies, and vendors to implement best-in-class security practices aligned with policies and standards.

Key responsibilities include:
• Developing, maturing, and executing OAG’s cybersecurity strategy and program.
• Advising the Office of the CIO on security risks and acceptable risk levels.
• Overseeing cybersecurity operations, risk management, and incident response.
• Embedding security into digital transformation initiatives, including cloud expansion and modernization.
• Driving adoption and enforcement of security policies and procedures.
• Leading a high-performing team of security professionals.

The ideal candidate demonstrates servant leadership, fosters collaboration, and proactively addresses emerging threats. This position reports to the CIO and supports OAG’s mission to deliver secure, high-quality technology services for Texans.

The OAG is a dynamic state agency with over 4,000 employees throughout the State of Texas, and is committed to providing innovative, modern, and value-driven IT services to the agency. We believe that having talented people in the right place while effectively utilizing new tools and technologies enables us to empower the agency to best serve the people of Texas. OAG employees enjoy excellent benefits ( along with tremendous opportunities to do important work at a large, dynamic state agency making a positive difference in the lives of Texans.

ESSENTIAL POSITION FUNCTIONS

• Leads the agency’s information security function to ensure consistent, high-quality security management aligned with agency goals and the protection of information assets, technologies, applications, systems, infrastructure, and processes.
• Establishes and enforces cybersecurity standards, policies, and procedures to maintain service continuity during changes, security incidents, or disaster recovery events.
• Develops and oversees a strategic, comprehensive information security program ensuring confidentiality, integrity, availability, privacy and recovery of organizational information assets.
• Operates and manages the Security Operations Center (SOC) to monitor infrastructure for cyber threats, including external attacks and insider risks.
• Builds and leads a skilled team of security professionals responsible for risk reduction, incident response, and collaboration with business and technical stakeholders during cyber events.
• Directs threat intelligence collection, analysis, and dissemination to internal teams and partner organizations to strengthen cybersecurity posture.
• Conducts security assessments, risk analyses, and audits; defines and maintains security standards and compliance requirements.
• Represents the agency in internal and external forums on information security strategy and represents information security in IT and executive governance committee.
• Oversees security awareness, communication, and training programs to promote a strong security culture across the organization.
• Performs related work as assigned
• Maintains relevant knowledge necessary to perform essential job functions
• Attends work regularly in compliance with agreed-upon work schedule. Telework schedules are permitted for employees based on the agency’s approved Telework Plan (if schedule does not adversely affect operations and service levels, and standard hours of operation are maintained). Telework schedules are set by the Departments based on business needs.
• Ensures security and confidentiality of sensitive and/or protected information
• Complies with all agency policies and procedures, including those pertaining to ethics and integrity

Qualifications

MINIMUM QUALIFICATIONS

• Education: Graduation from high school or equivalent
• Education: Graduation from an accredited four-year college or university with major coursework in cybersecurity, information technology, computer engineering, computer information systems, computer science, management information systems, or a related field is generally preferred; experience in the following (or closely related) fields may be substituted for the required education on a year-for-year basis: information security, information technology, or risk management
• Experience: 10 years of full-time experience working in the following (or closely related) fields: information security, information technology, or risk management
• Experience and technical mastery in cybersecurity analysis work, with emphasis on security operations, incident management, intrusion detection, information protection, security systems deployment, and security event analysis
• Experience in building and/or maturing a Security Operations Center, including the integration of monitoring, threat intelligence, forensic analysis, and incident response
• Knowledge of local, state, and federal laws and regulations relevant to information security, privacy, and computer crime; of the principles and practices of public administration and management; of the limitations and capabilities of computer systems; of technology across all network layers and computer platforms; of operational support of networks, operating systems, Internet technologies, databases, and security applications; of cybersecurity controls, procedures, and regulations; and of incident response program practices and procedures
• Skill in the use of a computer and applicable software; and in configuring, deploying, and monitoring security infrastructure
• Ability to manage and oversee the development, monitoring, and maintenance of security processes and controls; to identify problems, evaluate alternatives, and implement effective solutions; to develop and evaluate policies and procedures; to prepare reports; to implement security best practices and awareness; to communicate effectively; and to supervise the work of others
• Ability to provide excellent customer service
• Ability to arrange for personal transportation for business-related travel
• Ability to work more than 40 hours as needed and in compliance with the FLSA
• Ability to lift and relocate 10 lbs.
• Ability to travel (including overnight travel) up to 10%

PREFERRED QUALIFICATIONS

• Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC)