Sr. Business SME - Agency Information Security Officer

Job Title: Agency Information Security Officer
Location: Augusta, ME
Employment Type: Contract (C2C)

About Us:

DMV IT Service LLC is a trusted IT consulting firm, established in 2020. We specialize in optimizing IT infrastructure, providing expert guidance, and supporting workforce needs with top-tier staffing services. Our expertise spans system administration, cybersecurity, networking, and IT operations. We empower our clients to achieve their technology goals with a client-focused approach that includes online training and job placements, fostering long-term IT success.

Job Purpose:

The Agency Information Security Officer (AISO) will act as the lead advisor on information security matters for state agencies and executive leadership. This role is responsible for identifying and addressing security risks, coordinating incident responses, and ensuring agencies comply with security policies. The AISO will serve as the main liaison for cybersecurity issues, helping agencies integrate security best practices into their business processes and regulatory requirements.

Requirements

Key Responsibilities

• Work collaboratively with MaineIT and state agencies to enhance the overall security posture by conducting ongoing security assessments and aligning security efforts with business objectives.
• Make independent decisions on critical security issues, including resource distribution, risk management, and policy enforcement to protect agency operations and ensure regulatory compliance.
• Partner with the Information Security Office to execute the State of Maine Information Security Program Plan and address new and evolving security threats.
• Communicate and coordinate with agency stakeholders to embed security strategies that support their missions and meet compliance standards.
• Act as the primary contact for escalating cybersecurity incidents, managing response efforts to minimize impact and maintain operational continuity.
• Develop and maintain security policies, standards, and procedures to ensure agency adherence to applicable laws and regulations.
• Conduct thorough risk assessments, interpret findings, and propose effective remediation plans to reduce vulnerabilities.
• Support investigations and coordinate responses to security incidents, offering guidance on containment and reporting.
• Assess and monitor security controls of third-party vendors and contractors to ensure compliance with state security requirements.
• Provide documentation and assistance for internal and external audits to demonstrate regulatory compliance.
• Stay updated on the latest cybersecurity trends, threats, and tools to recommend improvements for agency security defenses.
• Collaborate on business continuity and disaster recovery planning to ensure agencies can maintain critical functions during disruptions.

Required Skills & Experience

• Proven leadership experience (5 to 7 years) in information security and managing cross-functional teams to achieve shared security goals.
• Bachelor’s degree in information technology or a related discipline; alternatively, four years of direct information security consulting experience may substitute for the degree requirement.
• Strong expertise with NIST Security and Privacy Controls for Information Systems and Organizations.
• Ability to successfully complete required background checks.
• Experience with compliance support functions such as data centers, print facilities, and disaster recovery is a plus.
• Excellent communication skills to effectively collaborate with stakeholders at all levels.