IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Real Estate Department, State Lottery Recruiting for IT Leaders

The Department of Real Estate is seeking a chief information security officer, and the CA Lottery is seeking a chief, enterprise risk officer.

State agencies are recruiting for two key leadership roles in technology, dealing with risk and information security.

The California Department of Real Estate is “seeking a motivated and talented individual” to serve as its first chief information security officer (IT manager I). The incumbent will work under the department’s chief information officer to “build up the department’s existing information security program and manage its staff,” the job posting says.

The CISO will “provide vision and leadership for developing and supporting security initiatives such as development and implementation of the strategies, processes, tools, and policies necessary to prevent, detect, document, and counter threats to digital and non-digital information,” the duty statement says. “The CISO supports the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues. This individual is also responsible for auditing existing systems.”

Key responsibilities of the position include:
  • Strategy and planning: “Develop and implement a long-term information security strategy and framework to ensure the department’s information assets are adequately protected.”
  • Policy and compliance management: “Develop, implement, maintain, and oversee enforcement of policies, procedures, guidelines, and associated plans for system security administration and user system access based on departmental strategy, the State Administrative Manual, the State Office of Information Security policies and guidance and other applicable state and federal regulations.”
  • Risk management: “Develop and maintain the department’s information security risk management program components including but not limited to risk assessment, mitigation, and evaluation.”
  • Training and communications: “Educate staff on information security and privacy protection responsibilities. Manage and ensure security training is provided to all staff at the appropriate frequency. Collect security awareness training metrics.”
The position has a monthly salary range of $8,381 to $11,231, and the recruitment will continue until the role is filled.

The CA State Lottery is recruiting for a “chief, enterprise risk officer” (chief, ERO) to serve as “a key adviser with responsibility for providing an independent, cross-functional assessment of compliance, legal, security, operational, reputational, political, strategic, and other risks.”

“The incumbent acts independently with broad authority for reviewing and establishing enterprise policies, processes, methodology and frameworks to ensure improved productivity, decision-making and effectiveness of the Lottery,” the job posting says. The chief “is responsible for ensuring that management’s approach to risk is in alignment with the Lottery strategic goals and objectives, and as necessary, escalating issues or concerns to the Lottery Commission. Responsible for oversight through subordinate managers of the Enterprise Risk and Optimization Section and Information Security and Privacy Office.”

The desirable qualifications, according to the job posting and duty statement, include:
  • Demonstrated integrity, initiative, dependability, tact, flexibility, sound judgement and the ability to advise the Directorate and/or executive staff on a wide range of information technology, compliance, legal, information security, operational and strategic matters.
  • Broad and extensive knowledge and experience in leadership principles necessary to contribute to the attainment of the Lottery’s established mission, goals, and objectives.
  • Broad and extensive experience formulating and implementing policies, procedures, processes, and programs to ensure improved productivity, decision-making and enterprise effectiveness.
  • Experience in analyzing complex problems and prescribing and initiating an effective course of action in an environment that is both highly visible and political.
  • Experience determining, assessing, managing and coordinating enterprise-wide initiatives to mitigate risks.
  • Experience setting acceptable risk levels and standards at the organizational level.
  • Experience managing or performing information security office functions.

Applicants must also complete and file an appointment application online with the Office of the Governor. The position has a monthly salary range of $11,073 to $12,940, and the recruitment will continue until the position is filled.
Dennis Noone is Executive Editor of Industry Insider. He is a career journalist, having worked at small-town newspapers and major metropolitan dailies including USA Today in Washington, D.C.