Chief Information Security Officer

at State of Washington
Published September 8, 2023
Location Olympia, WA
Category Default  
Job Type Full-time  


Salary : $101,196.00 - $136,092.00 Annually

Location : Thurston County - Olympia, WA

Job Type: Full Time - Permanent

Remote Employment: Flexible/Hybrid

Job Number: 2023-10420

Department: Dept. of Agriculture

Division: Administrative Services

Opening Date: 08/15/2023

Closing Date: Continuous


This posting will remain open until filled.

The first review of applications is scheduled the week of August 28th.

AGRICULTURE - A Cornerstone of Washington's Economy

The Washington State Department of Agriculture has been serving the state for more than 100 years. Through service, regulation, and advocacy, we keep agriculture viable and vital in Washington State, while protecting consumers, public health, and the environment. We work extensively with farmers and ranchers, but our responsibilities - from ensuring food safety to environmental protection - touch the lives of millions of people locally, nationally, and abroad.

The agency includes 780 employees approximately and grows close to 1,000 employees at the peak of seasonal work. To learn more and view additional openings, please visit our Employment Page.

The Information Technology Program mission is to continually enhance our services to agency divisions, WSDA employees and ultimately the stakeholders of Washington while providing core IT services, network connectivity and software solutions in the most efficient and effective manner possible. We achieve our mission by identifying and resolving business challenges through the deployment of efficient software solutions, a secure and reliable network, and a Centralized Service Desk focusing on always delivering excellent customer service.

The Chief Information Security Officer (CISO) oversees the Agency's Information Technology security and risk management functions for new, existing, and enhanced services critical to the agency. Using an in-depth understanding of industry trends and available technologies, the CISO partners with peers, internal and external stakeholders to recommend and develop solutions to support the agency mission. The role will provide leadership, direction, and oversight to implement and maintain a comprehensive agency-wide IT plan that aligns with business strategy.

Position and Salary Information
WSDA is recruiting for a full-time permanent Chief Information Security Officer position within the Administrative Services Division. This position is eligible for a flexible/hybrid schedule and will need to report to the WSDA Headquarter Office located in Olympia, Washington. This position is non-represented.

The base pay offered will take into account internal equity and may vary depending on the preferred candidate's job-related knowledge, skills, and experience. The typical starting salary range for this position is: $101,196.00 - $132,768.00 annually.

In addition to the salary listed above, incumbents assigned to our Seattle office location receive an additional 5% King County Location Pay stipend. If a position is designated as requiring dual language skills, incumbents will also receive a 5% Dual Language Requirement Pay stipend.

Employee Benefits

  • A healthy work/life balance, which may include flexible work schedules, and teleworking.
  • WSDA provides an excellent benefits package beyond traditional benefits. State employment offers Dependent Care Assistance, Flexible Spending Accounts, Public Service Loan Forgiveness, Tuition Waiver, Deferred Compensation, Employee Recognition Leave; click here for more information.
  • 12 paid Holidays & Vacation and Leave Accruals.
  • All Personal Protective Equipment (PPE) required will be provided by the agency.
  • Commute Trip Reduction Program.

For more information about the Washington State Department of Agriculture, visit us at

Some of what you'll do includes:
Security Risk and Prevention

  • Develops and implements an ongoing risk management program targeting information security and privacy matters.
  • Leads the information technology security assessments to identify agency risk due to changes or modifications to the WSDA computing environment.
  • Directs the agency security assessments/audits to identify vulnerabilities in security program and policies.
  • Controls testing of security procedures, mechanisms, and measures.
  • Collaborates with Federal and State auditors, Agency managers, and subject matter experts for satisfactory completion of compliance and program audits of the WSDA information security program.

Security lncident and Authoritative Contact

  • Acts as the lncident Commander as defined by the National lncident Management Framework.
  • Responsible for all aspects of cybersecurity emergency response.
  • Agency designated manager of security incident reporting and official responses to security incidents (breaches), responds to potential policy violations, or complaints from external parties.
  • Works with Federal and State incident responders in relation to cybersecurity issues.
  • Agency designated manager of security incident reporting and official responses to security incidents (breaches), responds to potential policy violations, or complaints from external parties.
  • lnitiates, facilitates. and promotes activities to create information security awareness and training throughout the organization.

Supervision and Mentoring

  • Supervises and mentors technical level staff.
  • Sets strategic goals and objectives, develops strategies to implement and develop performance measurements and standards for the purpose of ensuring individual and program performance objectives are met.
  • Develops the Performance Development Plan (PDP) for each assigned direct report; Creates or updates position descriptions, monitors and documents employee performance, provides on-going feedback regarding levels of performance, and conducts timely and meaningful employee performance evaluations.

Who should apply?
Professionals with:

  • Bachelor's Degree in computer science OR Five (5) years related experience and/or training OR Equivalent combination of education and experience.
  • Six (6) or more years of recent experience (within the last Six (6) years) with cybersecurity risk assessment methodologies (NlST, HITECH, RMF).
  • Six (6) or more years of recent lT experience (within the last Five (5) years) including vulnerability scanning, risk assessments, and incident response.
  • Working knowledge of prevailing industry security standards and Common Body of Knowledge gained via a CISSP, SANS, and/or CISA Certification(s).
  • Demonstrated experience with the National lnstitute of Standards and Technology (NIST) Risk Management Framework (RMF), or other NIST standards.
  • CISSP (Certified lnformation Systems Security Professional).

Desired Qualifications:

  • Experience working in cloud-based environments such as AWS and Azure.
  • Experience operating and analyzing logging and monitoring systems, antivirus solutions, and security configurations.
  • Working knowledge of Washington State Security Standards and Office of the Chief lnformation Office policies.

Supplemental Information

How to apply:

You must complete your profile and answer the supplemental questions. In addition to completing the online application, and supplemental questions applicants must attach the following documents to their profile to be considered for this position:
• Current resume detailing experience and education
• A cover letter describing how you meet the specific qualifications for this position
• Three professional references

By submitting these materials, you are indicating that all information is true and correct. The state may verify information. Any untruthful or misleading information is cause for removal from the applicant pool or dismissal if employed.

Applications with comments "see attachments" will be considered incomplete.

If you are having technical difficulties creating, accessing, or completing your application, please call NEOGOV toll-free at (855) 524-5627 or email .

The initial screening will be solely based on the contents and completeness of your application and the materials submitted. All information may be verified, and documentation may be required. Applications received via e-mail will not be accepted in lieu of applying through the state's on-line recruitment system.

Diversity, Equity, and Inclusion

The Department of Agriculture celebrates our differences. We strive to hire great people from a wide variety of backgrounds. We are committed to a workplace that supports equal opportunity employment and inclusion regardless of race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, status as a protected veteran, genetics, status as an individual with a disability, or other applicable legally protected characteristics. We will also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws.

We believe in the importance of recognizing the value each of us contribute to the success of the agency mission. Having a diverse workforce is this agency's greatest resource of strength and knowledge. It is through the combination of talents and abilities that we can pursue finding effective measures to provide the best customer service. We are committed to building a diverse and inclusive workplace for everyone and we strongly mean everyone.

Contact Us

Should you have any questions regarding this position or the online application, contact the Human Resource Office at

Prior to a new appointment into the Department of Agriculture, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.

The Human Resources Division may use referrals from this recruitment to help fill future similar vacancies for up to six months.

Veteran's Preference: Applicants who meet the minimum qualifications and wish to claim Veteran's Preference MUST attach a copy of their DD214, or other verification of military service. Please blackout any personally identifiable data such as social security numbers. For additional information on Veteran's Preference and guidance on how to determine if you are eligible,

Persons with a disability, who need assistance with their application or need this announcement in an alternative format, may call 664-1960 or toll free (877) 664-1960. TTY users should first call 711 to access the Washington Relay Service.

More than Just a Paycheck!
Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.

We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. That's why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.

Read about our benefits:
The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.

Note: If the position offers benefits which differ from the following, the job posting should include the specific benefits.

Insurance Benefits
Employees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.

Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.

To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.

Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.

Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.

The Washington State Employee Assistance Program promotes the health and well-being of employees.

Retirement and Deferred Compensation
State Employees are members of the Washington Public Employees' Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems' web site.

Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.

Social Security
All state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.

Public Service Loan Forgiveness
If you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.

Full-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.

Note: Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.

Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.

Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.

Sick Leave
Full-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.

Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.

Vacation (Annual Leave)
Full-time employees accrue vacation leave at the rates specified in (1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.

Part-time employees accrue vacation leave hours in accordance with (1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.

Pay status includes hours worked, time on paid leave and paid holiday.

As provided in , an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.

Note: Most agencies follow the civil service rules covering leave and holidays for exempt employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.

Military Leave
Washington State supports members of the armed forces with 21 days paid military leave per year.

Bereavement Leave
Most employees whose family member or household member dies, are entitled to three (3) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.

Additional Leave
Leave Sharing

Family and Medical Leave Act (FMLA)
Leave Without Pay

Please visit the State HR Website for more detailed information regarding benefits.

Updated 12-31-2022


To be considered for this position you must attach a resume, cover letter, and three professional references. Have you attached or included these documents to your application?

  • Yes
  • No


Which of the following best describes your level of education and/or experience?

  • Bachelor's Degree in Computer Science
  • Five (5) years of related experience and/or training
  • Equivalent combination or education and experience
  • None of the above


Do you have six (6) or more years of recent experience (within the last Six (6) years) with cybersecurity risk assessment methodologies (NlST, HITECH, RMF)?

  • Yes
  • No


Do you have six (6) or more years of recent lT experience (within the last five (5 ) years) including vulnerability scanning, risk assessments, and incident response?

  • Yes
  • No


Do you have working knowledge of prevailing industry security standards and Common Body of Knowledge gained via a CISSP, SANS, and/or CISA Certification(s)?

  • Yes
  • No


Do you have demonstrated experience with the National lnstitute of Standards and Technology (NIST) Risk Management Framework (RMF) or other NIST standards?

  • Yes
  • No


Do you possess a CISSP (Certified Information Systems Security Professional) certification?

  • Yes
  • No

Required Question

Drop files here browse files ...