Director of Cyber Resilience
DoIT Technology Chief
|DoIT Networks Division
|12/1/2023 11:59:00 PM
|12/15/2023 11:59:00 PM
|$111,278.00 - $186,486.00/year
The Office of Security Management within
the Department of Information Technology (DoIT) provides State agencies with a
common statewide strategy for secure, effective, and technically sound use of
the State's information technology resources. The Office is responsible for the
establishment of Security Policies, Security Guidance, Security Awareness, and
management of the Statewide Security Operations
Center (SOC); providing, detection, cyber threat, and incident response
capabilities; and is a source of IT security
information for State agencies.
LOCATION OF POSITION
Establish and define the services
provided by the state’s incident response team.
Review incident investigation,
triage, and escalation processes and tickets
Develop and maintain incident
response policies, guidelines, plans, and playbooks, including communications
templates and escalation workflows.
Review and integrate cyber threat
information into State cybersecurity operations and the MD-SOC
Develop and oversee the
implementation of cyber threat information sharing procedures.
Ensure proper staffing and
training for MD-SOC, MD-ISAC, AEP, and Threat Hunting teams.
Develop key performance indicators
to measure MD-SOC, MD-ISAC, and incident response performance efficacy.
execute an attack emulation program that integrates purple teaming tools and
Develop and execute a threat
hunting program to execute periodic and continuous threat hunts.
Develop a centralization strategy
for adversary emulation.
Support a cyber resiliency center
of excellence that provides Incident response, disaster recovery, and business
continuity planning tools, resources, templates, and exercises to state units of
Lead Cyber Resilience Services for the State.
execution of tabletop exercises and establish communication lines between
internal and external groups.
the CSIRT Incident Commander during cybersecurity incident response.
the cyber continuity manager role and mass communications service.
technical conversations regarding cyber insurance and state-wide DFIR.
State Cyber Resilience Program.
Evaluate and implement cyber
resilience service capabilities such as a Security Information and Event
Management (SIEM) service.
Propose alignment of Maryland,
DoIT, and OSM functions and services to achieve a fusion center capability.
Coordinate staffing relationships
between MDEM, MSP, National Guard, Maryland Universities, and the MD-SOC.
Provide reporting and
investigation on complex incidents and issues to the State CISO and Secretary
Represent the State of Maryland
and DoIT in events and conferences relating to cyber resilience.
Seek out and promote training and
development opportunities in the areas of cyber resilience.
Education: A bachelor's degree in
cybersecurity, information technology, business administration, or a related
discipline is required for this position.
Five (5) years’ experience managing highly technical security,
information technology, or incident response teams in a complex hybrid cloud
environment supporting multiple sites.
Three of the five years’ experience must be in leading and managing threat
responses and continuity programs.
DESIRED OR PREFERRED QUALIFICATIONS
Preference will be given to
candidates who have one or more of the following:
cybersecurity certification, such as a CISSP, CISM, CCISO or OSCP.
certification, such as a CIPP/US or CDPSE
management certification, such as a Project+, PMP, or CSM.
security operation centers and multiple security teams.
cybersecurity policy, legislation, and regulatory practices.
using one or more of the following platforms or tools ServiceNow,
Everbridge, Archer, Fusion, Onspring, Splunk Anomali, Palo Alto, CrowdStrike,
Please make sure that you provide sufficient information on your application/resume to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be placed on the eligible (employment) list for at least one year.
The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.
Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.
For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at Application.Help@maryland.gov or 410-767-4850, MD TTY Relay Service 1-800-735-2258.
We thank our Veterans for their service to our country.
People with disabilities and bilingual candidates are encouraged to apply.
As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.
For education obtained outside the U.S., a copy of the equivalent American education as determined by a foreign credential evaluation service must be provided prior to hire.