State of Texas seeks new CISO

tedjames

Listing is here: Chief Information Security Officer, 86

Pay is way up there for a state job. Having worked under a number of state CISOs at that particular agency, I can tell you that this is a high pressure position.

Raystafarian

110 to 150K doesn't seem that far up there for government, a level below CISO in a City is around 120K. It is pretty high for a starting government salary though, if you plan on sticking it out for pension.

tedjames

Raystafarian wrote: »

110 to 150K doesn't seem that far up there for government, a level below CISO in a City is around 120K. It is pretty high for a starting government salary though, if you plan on sticking it out for pension.

The pay scale is $9316.08 to $12,500 monthly. It tops out at $150k. I don't know what other states pay, but this is high for Texas government in this position. Executive Director and General Counsel positions pay higher. The outgoing CISO was making about $140k.

markulous

Is it weird I envisioned this role requiring you to carry a big six shooter on your hip?

dmoore44

@tedjames - do you know how often the CISO position comes available?

Kalabaster

dmoore44 wrote: »

@tedjames - do you know how often the CISO position comes available?

Probably once per major breach

tedjames

dmoore44 wrote: »

@tedjames - do you know how often the CISO position comes available?

I've worked security in the state for 10.5 years now. One CISO was there for five or so years, but then I remember one leaving after only a year. The current outgoing CISO was in that position for 1.5 years after serving as Deputy CISO for a few years before that. His predecessor was there for a little over two years. This job carries a lot of pressure, especially when the legislature is in session.

jeremywatts2005

I live in Dallas and make 125K with 20% bonus on top. So I am already in that range and can only go up. I am a senior infosec manager for a large company. Surprised a CISO makes that little. Civilian side they make mid 200's in most cases unless it is a tiny little company

tedjames

jeremywatts2005 wrote: »

I live in Dallas and make 125K with 20% bonus on top. So I am already in that range and can only go up. I am a senior infosec manager for a large company. Surprised a CISO makes that little. Civilian side they make mid 200's in most cases unless it is a tiny little company

Gubment jobs, at least state, city, county, university, etc., (don't know about fed) in Texas typically pay less than private sector.

EnderWiggin

markulous wrote: »

Is it weird I envisioned this role requiring you to carry a big six shooter on your hip?

'MURKA!

Kalabaster wrote: »

Probably once per major breach

dmoore44

tedjames wrote: »

Gubment jobs, at least state, city, county, university, etc., (don't know about fed) in Texas typically pay less than private sector.

Exactly. Even the federal CISO gets paid a comparatively paltry salary: Forbes Welcome

The state-level (or federal-level, for that matter) aren't jobs you take to get rich. They're jobs you take as a stepping stone, as a way to make a name for yourself, and to network with the political establishment. You make your money afterwords, by either taking a private sector CISO position, or by moving over in to consulting.

TheFORCE

Few months back Facebook was looking for a new CISO. Which one do you think would be more stressful? Facebook CISO or Texas CISO?

636-555-3226

$150k for a large state CISO job? I don't have to know what the going salary is in that region to know that's a dumpy salary. No wonder the last guy left.... You can't even get a mid-to-large-sized company infosec manager job in my area for that much, let alone an infosec director or CISO. for a CISO of Texas I wouldn't bat an eye at $250+. The problem with a low salary like $150k is you're basically only going to get guys who do it for a few years to bump up their resume before they leave for the $500k+ Fortune 100 positions. You're basically setting yourself up for failure and a constantly changing long-term security strategy

EnderWiggin

TheFORCE wrote: »

Few months back Facebook was looking for a new CISO. Which one do you think would be more stressful? Facebook CISO or Texas CISO?

I'd probably go with Texas being more stressful. Facebook has the budget to have a ton of people that report to you, and to hire high-level tech people.

tedjames

dmoore44 wrote: »

Exactly. Even the federal CISO gets paid a comparatively paltry salary: Forbes Welcome

The state-level (or federal-level, for that matter) aren't jobs you take to get rich. They're jobs you take as a stepping stone, as a way to make a name for yourself, and to network with the political establishment. You make your money afterwords, by either taking a private sector CISO position, or by moving over in to consulting.

Dang! That's much lower than I would expect a federal-level CISO job to pay, especially when you consider the DC cost of living.

After many years in the corporate world with layoffs and such, I moved over to the public sector. Sure, the money's not as good, but I feel I'm making more of a difference in people's lives with the work I do. I'm not just working to make the big guy richer while living in fear of layoffs and outsourcing and all that stuff. However, I have known others who used gubment work as a stepping stone, and that worked well for them. That's part of the problem in the state. They can't compete with corporate world salaries, so it's difficult to keep people longterm.

By the way, a couple of Information Security Officer (ISO) jobs will be coming open in the state soon. Those salaries are lower depending on the agency. A friend at a 600+ person agency is making about $72k as their ISO. Another friend at a larger agency is making about $100k. Yet another at a smaller agency is making about $55k.

dmoore44

tedjames wrote: »

Dang! That's much lower than I would expect a federal-level CISO job to pay, especially when you consider the DC cost of living.

I've been told more than once that there's law/policy that caps federal pay (i.e. executive branch career employees, political appointees, and high ranking military officers) at the level of a junior senator. I've never been able to find it in writing, but I've also never spent an appreciable amount of time looking. Given that, it doesn't surprise me that a state CISO (of any state, not just Texas) is getting paid less than the federal CISO.

I went the reverse route - I started off in the federal government and eventually worked my way over to the private sector. I'm not opposed to re-joining government at some point in my career, but I'm very happy where I am now.

I was kind of wondering what was meant by "senior level experience". I'm under no illusion that I qualify for the position now, but I may by the next time the position opens up.

RHEL

That's pretty low, but probably because it's a state job.

I live in one of the lowest CoL areas in the country and we have ~15 or so IT directors (who report to a VP level person, which is lower than CISO). Most of them are making 150-200K + bonus. I work for a non-profit.

Remedymp

They're looking for an Entry level CISO.

TheFORCE

Remedymp wrote: »

They're looking for an Entry level CISO.

Lol that reminds me of the before and after pictures of the various Presidents. Get in the Office with dark hair and when they are out they are all grey. If someone was looking at this position as entry level, when they would get out they would have not only experience but grey hair too

Kalabaster

RHEL wrote: »

That's pretty low, but probably because it's a state job.

I live in one of the lowest CoL areas in the country and we have ~15 or so IT directors (who report to a VP level person, which is lower than CISO). Most of them are making 150-200K + bonus. I work for a non-profit.

They looking for any more IT directors? Hehehe

Raystafarian

TheFORCE wrote: »

Lol that reminds me of the before and after pictures of the various Presidents. Get in the Office with dark hair and when they are out they are all grey. If someone was looking at this position as entry level, when they would get out they would have not only experience but grey hair too

Seriously, it's ridiculous to look at US presidents before/after two terms. I mean I know it's 8 years, but it seems like 20

Remedymp

TheFORCE wrote: »

Lol that reminds me of the before and after pictures of the various Presidents. Get in the Office with dark hair and when they are out they are all grey. If someone was looking at this position as entry level, when they would get out they would have not only experience but grey hair too

They could always get their CISO certification or put it on their resume as "in progress"...

LeBroke

Raystafarian wrote: »

Seriously, it's ridiculous to look at US presidents before/after two terms. I mean I know it's 8 years, but it seems like 20

Honestly, I think the main reason we see presidents like Bush, Clinton and Obama go grey and visibly age is because they came into term during their late adulthood in mid 40s, and by the time we see them leave office they're well into their 50s.

It's not a matter of Obama going from a young stud to a stressed, wrinkled, greying borderline grandpa. It's a matter of Obama coming into office at 46 or 47 and going to 55 as of today.