Job/Position DescriptionThe Chief Information Security Officer (CISO) is selected by and reports to the Chief Information Officer, working under minimal supervision, with extensive latitude for the use of initiative and independent judgment.The CISO is responsible for coordinating information technology security activities and creating and communicating a broad-based IT security conscious culture across the organization. The CISO performs highly advanced managerial work providing direction and guidance in strategic IT operations and planning. The CISO oversees the development of enterprise level security policies, coordinates and leads information technology physical and logical security activities, is responsible for performing IT risk management activities, IT security awareness, IT security architecture, and IT security incident management.The CISO plans, assigns and supervises the work of others in functional areas of the delivery of the enterprise security program. Essential Job FunctionsOversees the development and monitoring of information technology security practices to ensure HHS information and technology infrastructure is appropriately available and secure from unauthorized access, inappropriate alteration or destruction. Oversees internal and external resources that safeguard HHS IT assets and systems. Ensures systems/application comply with IT security policies, industry and state regulations, and best practices. Oversees investigations into security violations and breaches and reports such violations when needed. Responsible for the development and maintenance of IT risk assessment, system security planning, contingency planning and support for the various audits and examinations. Evaluates information security controls and suggests improvements include modification of existing controls and the addition of new, more effective controls. (30%)Oversees the management of the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security and compliance with Chapter 202 of Title 1 of the Texas Administrative Code (1 TAC 202), Information Security Standards, and Internal Revenue Code, Title 26 of the U.S. Code (26 USC) 6103(l)(7). Continually refines the IT Security and Risk Strategy, ensuring critical data, assets and infrastructure are secure by working to keep cyber defenses, operations and the overall organization prepared for current and ongoing threats. (30%)Defines the HHS Information Security Roadmap and manages the budget associated with the delivery of security functions across the HHS Enterprise. Identifies and implements information security goals, objectives and metrics consistent with HHS risk tolerance, organizational mission and IT strategic plans. (15%)Oversees the coordination of collaboration of information security across the HHS enterprise. Oversees the development and delivery of security services to agencies within the HHS enterprise. Works closely with other executives to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology. Collaborates with other information systems team members, staff and vendors to design, implement, maintain and monitor secure systems and processes supporting a high level of confidentiality, integrity and availability. Educates users about Information Security Requirements, Policies, and Procedures and consults on security issues as it relates to strategic initiatives for the organization. Partn https://jobshrportal.hhsc.state.tx.us/ENG/CareerPortal/job_profile.cfm?szOrderID=622022 Copy the URL in the preceding sentence to an Internet Explorer browser to apply to the job directly through the Texas Health and Human Services Career Portal.