*JOB SUMMARY* As Director of Cyber Security at the Massachusetts State Lottery Commission, you will be responsible for crafting and executing our enterprise-wide cyber security strategy, overseeing a team of security professionals, and ensuring the ongoing resilience of our information security posture. You will be a trusted advisor to senior management, effectively communicating the evolving cyber threat landscape and collaborating across departments to integrate security best practices into all operations. *ESSENTIAL FUNCTIONS* * *Architect and Champion Security Strategy:* Define and champion a comprehensive cyber security strategy aligned with corporate objectives, industry best practices, and regulatory requirements. * *Lead Security Program Execution:* Oversee the implementation and continuous improvement of the security framework, technical guidelines, and information risk mitigation efforts across the entire organization. * *Executive Management Communication:* Regularly communicate the status, effectiveness, and strategic roadmap of the cyber security program to executive management. * *Technical Expertise and Collaboration:* Act as a subject matter expert on cyber security, collaborating and liaising with information technology departments to ensure alignment and integration. * *Threat Awareness and Translation:* Synthesize and communicate the latest security trends and issues in a clear and actionable way, translating the impact to corporate relevance. * *Compliance and Regulatory Engagement:* Confidently communicate with auditors and regulators on cyber security topics, ensuring compliance and demonstrating a proactive security posture. * *Resource Management and Advocacy:* Proactively communicate resource constraints and capability gaps to the CTO, advocating necessary investments in cyber security solutions. * *Departmental Leadership:* Establish departmental priorities, roadmaps, and provide daily operational tasks ensuring comprehensive coverage. * *Budget and Procurement Management:* Manage new and recurring departmental procurements within an allocated budget. * *Third-Party Security:* Represent and advocate for the Lottery's security interests when engaging with vendors and other third-party organizations. * *Vulnerability Management and Compliance:* Administer vulnerability management processes, ensuring ongoing internal compliance and reporting. * *Incident Response Leadership:* Lead the information security incident response process, managing all aspects of identification, containment, eradication, and remediation. * *Security Awareness and Training:* Develop and administer information security and privacy training programs for all employees across the organization. * *Security Control Monitoring:* Continuously monitor security controls to optimize effectiveness and maturity. *REQUIREMENTS*** * The events of certain circumstances (i.e., State of Emergency, Lottery need, etc.) may determine this position as “essential”. * Must be able to travel to Lottery offices statewide and/or other locations, as required. *PREFERRED QUALIFICATIONS* * Minimum 10 years of experience in information security leadership roles, with a proven track record of building and leading successful security programs for large organizations. * Strong understanding of cyber security frameworks, methodologies, and best practices (e.g., NIST Cyber security Framework, CIS Controls, COBIT). * In-depth knowledge of security architecture, network security, application security, cloud security, and information security risk management. * Experience managing and leading a team of cyber security professionals. * Excellent communication, collaboration, interpersonal, and negotiation skills. * Strong analytical, problem-solving, and decision-making skills. * Ability to think strategically, translate security risks into business context for senior management, and advocate for security investments. * A passion for cyber security and a commitment to continuous learning. * Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree a plus). * CISSP, CISA, CISM, or other relevant cyber security certifications highly preferred. **Job:** **Information Systems and Technology* **Organization:** **State Lottery Commission* **Title:** *Director, Cyber Security* **Location:** *Massachusetts-Braintree - 1515 Washington St* **Requisition ID:** *24000814*