Enable job alerts via email!
JC-482535 – Senior Information Security Officer California State Lottery Come win with Us
Lafleurs
Sacramento (CA)
Remote
USD 100,000 - 150,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
The California State Lottery is seeking a Senior Information Security Officer to lead the development and management of their Information Security and Privacy Protection Program. The ideal candidate will possess expertise in compliance auditing and incident response while ensuring the security of critical information assets within a dynamic and supportive work environment. Join a mission-driven team dedicated to preserving California's communities while emphasizing professional development and innovation.
Benefits
Qualifications
- Expertise in development and management of Information Security & Privacy programs.
- Expert-level understanding of ISO 27001 and NIST 800-53 compliance.
- Experience in vulnerability assessments and risk management practices.
Responsibilities
- Develop and implement information security policies and procedures.
- Conduct risk assessments and manage vulnerability and patch management programs.
- Provide expert security guidance related to AI and cloud architecture.
Skills
Education
Job description
The California State Lottery is looking to fill the exciting role of a Senior Information Security Officer!
If this opportunity would be a good fit for you, we encourage you to apply today and join our winning team!
People are drawn to the California State Lottery because we:
- We have a worthy mission that we’re sure you’ll take pride in too.
- Are an energetic, creative, and talented team
- Value diversity and inclusion in the workplace
- Empower team members to bring their knowledge, expertise, and innovation
- Recognize individual and team contributions
Support the importance of work-life balance - Invest in the professional development of our team members
- Are dedicated to preserving our environment by lowering our carbon footprint
The California Lottery is a multi-billion-dollar enterprise headquartered in Sacramento. It is one of the few state agencies that is a revenue generator, not accepting taxpayer dollars from the state’s general fund. Our mission is to provide supplemental funding to California schools while simultaneously supporting local communities. Ninety-five cents of every dollar spent by players goes back to local communities in the form of contributions to public schools and colleges, prizes and retailer compensation.
In fiscal year 2022-23, the California Lottery generated sales of approximately $9.2 billion with over $2.2 billion earned for California public schools. Lottery products are sold at more than 23,000 retail locations throughout the state. Product offerings include an average of 52 fun and entertaining Scratchers games and several draw games such as Powerball, Mega Millions, and SuperLotto Plus and daily games such as Fantasy 5 and Hot Spot.
Job Description and Duties:
The California State Lottery (Lottery) is looking for a talented Information Technology Specialist II (ITS II) to execute the role of Senior Information Security Officer. Under the general direction of the Information Security & Privacy Manager (ITM I), within the Executive Division of the Lottery, the ITS II is designated to perform the following duties, which include, but are not limited to:
•Develop, implement, manage, and maintain all necessary information security and privacy policies, standards, and procedures required for a comprehensive Information Security and Privacy Protection Program.
•Manage the design, development, implementation, and operation of the information security and privacy program for the collection, use, storage, and destruction of Lottery’s information assets, including information security and privacy awareness training program with attention to relevant policies and practices.
•Manage the implementation and compliance of Technical Independent Security Assessments and Compliance Security Audits, which align with NIST-800-53 and ISO27001 Security Frameworks.
•Manage and report the implementation and compliance of the information security and privacy policies and assist Lottery’s Internal Audit (IA) Unit with compliance audits as needed.
•Manage and conduct ongoing risk assessments to identify potential vulnerabilities that could threaten the security, confidentiality, and integrity of Lottery’s information assets.
•Manage Lottery’s Patch and Vulnerability Management Program by analyzing security advisories and coordinating patch management activities.
•Perform continuous assessment of information security and privacy operations to identify and implement operational improvements and efficiencies.
•Manage, monitor, and respond to incidents involving intentional, unintentional or unauthorized access, disclosure, use, modification, or destruction of Lottery assets.
•Provide expert-level security guidance in planning, implementing, and deploying technical solutions for using Artificial Intelligence (AI) and/or Cloud-based architecture.
•Review AI or cloud acquisition contracts, provide security contract language terms, and develop risk assessments where needed.
This position is headquartered at the Sacramento HQ and is eligible for either a remote-based or office-based telework schedule. Employees must be able to report to their assigned headquarters office as needed. Travel expenses to and from the assigned headquarters are the responsibility of the employee. Eligibility for telework requires employee residence in California per California Government Code Section 14200 which states: “telecommuting means the partial or total substitution of computers or telecommunication technologies, or both, for the commute to work by employees residing in California.
Working Conditions:
- Schedule: 8:00 AM to 5:00 PM PST (After hours may be needed to ensure the Information Security and Data Privacy duties for the California State Lottery)
- Minimal: On demand travel may be required to facilitate/participate in information security and privacy related audits.
- Other: The incumbent must maintain an expert-level understanding of best practices related to Information Security and Privacy. The incumbent will work in a fast-paced environment with competing priorities and mission-critical deliverables.
Desirable Qualifications:
- Expertise in the development, management, and maintenance of an information security & privacy program.
- Expert-level understanding of compliance auditing of ISO 27001 and NIST 800-53 standards.
Expertise in information security operations, including incident response and system monitoring. - Expertise in conducting vulnerability and risk assessments to identify security and privacy risks and completing a gap analysis.
- Knowledge of cloud security, web application security, and governance of generative artificial intelligence.
- Expertise in the development, management, and maintenance of information security and privacy policy, process, and procedure documentation.
- Experience in process improvement, strategic planning, information security governance, and risk management practices.
- Experience in managing vulnerability and patch management programs.
- Excellent interpersonal and customer service skills with the ability to adjust to changing priorities and quickly respond to urgent matters while keeping an
- Enterprise perspective and demonstrating initiative, ownership, accountability, and independence.
- Excellent written and verbal communication skills and conducting presentations before audiences of all levels and sizes.
*Important Note: A resume and Statement of Qualifications are required to submit with your application package in order to be considered.
For more information about this opportunity, benefits, and instructions on how to apply — click theApplybutton.
job faster
Follow us
