About the role:
This position serves as the Deputy Chief Information Security Officer and is accountable to the Chief Information Security Officer. This position performs highly advanced managerial work such as leading the development of enterprise-wide cybersecurity architectures and solutions as well as research, develops and recommends cybersecurity architectural policies and practices for cybersecurity initiatives from the definition phase through implementation.
This position formulates strategic plans and goals and the future state of security policies, practices, and requirements for HHSC. It requires critical thinking and analysis of best practices and solutions for the cybersecurity of the agency. Therefore, exposure to, and thorough knowledge of, emerging cybersecurity threats, vulnerabilities, and risks are fundamental to the role. Additionally, this position ensures adequate security solutions are in place throughout all HHSC IT systems and platforms to mitigate risks sufficiently while also meeting business objectives and regulatory requirements.
This position is also responsible for developing and coordinating the department’s budget processes and provide analysis services for executive management. This position facilitates ongoing business processes by enhancing communication and coordination between various functional areas. Performs professional-level budget preparation, analysis, coordination, and administrative work, including professional fiscal analysis and research duties in support of the preparation and administration of capital and operating budgets.
Supervises the work of others. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment.
This position is also responsible for developing policies, procedures, and guidelines in areas of architecting, engineering, implementing, integrating, and operationalizing advanced security technologies for cybersecurity initiatives that support the HHS enterprise. This position enhances and matures cybersecurity architecture and processes in line with business needs. This is accomplished by leveraging industry standards and best practices for the purposes of assessing the current “as-is” architecture and proposing the desired “to-be” architecture based on solid risk assessment and evaluation of available technology and controls.
Additionally, this position must ensure that HHSC's cybersecurity architecture and processes comply with all statutory and regulatory requirements for information access, security, and privacy. This is a lead position of the cybersecurity department whose responsibilities also include monitoring intrusion prevention systems and acting as an Incident Responder should an event occur. Vulnerability management practices and procedures are used to assess new cyber threats and mitigate risk. The cyber threat landscape is monitored for potential issues with HHSC systems and infrastructure. This position shapes an effective technical IT cybersecurity risk program both near and long term.
Demonstrated expertise in cybersecurity strategy, cloud security (AWS, Azure, GCC, Salesforce), and infrastructure-as-code security practices. Proficient in implementing security controls within SASE architecture, Zero Trust frameworks, and DevSecOps methodologies. Experienced in leveraging AI and emerging cybersecurity technologies to enhance security posture, automate threat detection and response, improve risk management, and support predictive analytics for proactive cybersecurity measures. Skilled in assessing AI-driven security solutions, ensuring compliance with ethical AI practices, and integrating machine learning models for anomaly detection and behavioral analytics.
Learn more when you click Apply!