Chief Information Security Officer

42.82 - $68.52 Hourly

89,075 - $142,520 Annually

This position is a Pay Band IG

Posting Details

THIS POSTING WILL BE USED FOR ONGOING RECRUITMENT AND MAY CLOSE AT ANY TIME. APPLICANT LISTS MAY BE SCREENED MORE THAN ONCE.

Why does the job exist?

This position is a critical subject matter expert that contributes directly to the strategy and implementation of certain technological security controls and architecture for the New Mexico Taxation and Revenue Department in accordance with best security practices, risk management and various regulatory compliance requirements.

This position ensures Information Assets and Technologies are adequately protected. This position will be responsible for tactical security incident response activities to include overseeing and / or management of remediation efforts for security incidents / audit findings and digital forensics and e-Discovery investigatory activities. This position must be experienced in the usage of Arctic Wolf MDR, MS Defender, and Securin 3rd party tools for these activities.

This position participates in day-to-day operations to improve the security posture and reduce response times and downtime associated with incident response efforts and to reduce overall risk to the department from threat actors. The CISO will coordinate with the IT Division and others to ensure appropriate enterprise-wide security policies and systems. The position is responsible for ensuring IT compliance with the appropriate security related regulations, statutes, rules and policies.

How does it get done?

The Chief Information Security Officer position is responsible for Agency IT Security, which includes :

• Lead and maintain a defensive posture against the continuous cybersecurity threats.
• Manage and contain information security incidents and events to protect agency IT assets, intellectual property, regulated data and the agency¿s reputation of excellence.
• Tactical information security incident response activities including remediation efforts for security incidents, digital forensics, and e-discovery investigatory activities.
• Provide leadership for all security incidents and serve as a control point during significant information security incidents.
• Be well versed in the usage of Arctic Wolf MDR, Windows Defender, and Securin security tools for incident response and remediation.
• Be well versed in IRS Pub1075, SSA, and PCI compliance.
• Monitor, investigate, manage and troubleshoot security notifications and suspicious activities utilizing Arctic Wolf, Defender, and other monitoring tools.
• Compliance with 3rd party IT General Controls audits, appropriate security related regulations, statutes, rules and policies.
• Develop, implement security strategy and oversee security standards, controls, processes and procedures.
• Lead the development and implementation of effective policies and practices to secure protected and sensitive data; ensure information security and compliance.
• Provide oversight and direction for network security including firewall and router rule review and changes, access restrictions, vulnerability assessment, network monitoring, review of network architecture and topology.
• Oversight of internal and external penetration tests and vulnerability scans including remediation.
• Ensure third party products meet the required level of functional and information security.
• Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; create maturity models and a roadmap for continual security program improvements.
• Facilitate and support the development of asset inventories.

Who are the customers?

Taxation and Revenue Department-internal and external customers for Tax and Motor Vehicles services.

Ideal Candidate

The Ideal Candidate will have :

Minimum Qualification

Bachelor's degree in Computer Science, Management Information Systems (MIS), Information Technology, Engineering, or similar technical degree and six (6) years of experience in IT security and compliance. Any combination of education from an accredited college or university in a related field and / or direct experience in this occupation totaling ten (10) years may substitute for the required education and experience. At least two (2) years of which must be leading / supervising a security team. A certificate in IT security / forensics (e.g. CISSP, CEH, CCFP, CCSP, HCISPP, SSCP) or regulated compliance (e.g. PCIP, ASV, ISA, QSA) can be used to substitute one (1) year of experience.

Employment Requirements

Must possess and maintain a valid Driver's License. Must possess and maintain a current Defensive Driving Course Certificate from the State of New Mexico or must pass and receive Defensive Driving Course Certification within six (6) months of date of hire as a condition of continued employment. Must be current with all tax reporting / payment. Employment is subject to post offer pre-employment criminal background check to include fingerprint checks and is conditional pending results.

Working Conditions

Work is performed in an office setting with exposure to Visual / Video Display Terminal (VDT) and extensive personal computer and phone usage with extended periods of sitting. Some standing, bending and reaching may be required. Must be able to lift 25 lbs.

Supplemental Information

Do you know what Total Compensation is? Click here

Agency Contact Information : Mike Baca, (505) 670-6535. Email

For information on Statutory Requirements for this position, click the Classification Description link on the job advertisement.

Bargaining Unit Position

This position is not covered by a collective bargaining agreement.

Salary : $89,075 - $142,520