Deputy Chief Information Security Officer (Hybrid Work Schedule)
Deputy Chief Information Security Officer (Hybrid Work Schedule)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Title: Deputy Chief Information Security Officer (Hybrid Work Schedule)
State Role Title: Technology
Hiring Range: $174447 $190000
Pay Band: UG
Agency: Virginia Retirement System
Location:Virginia Retirement System
Agency Website: Type: General Public G
Job Duties
The Virginia Retirement System (VRS) is seeking a Deputy Chief Information Security Officer to direct and oversee the technology security operations program for the Investments organization within VRS focusing on efforts to assure their security program allows their team to function with specific policies procedures and controls matched to their requirements.
Under the direction of the Chief Information Security Officer (CISO) this position will serve as a key advisor across the enterprise including identifying key corporate security initiatives and standards. This position provides subject matter expertise to the VRS security staff developing and implementing technology that will protect the confidentiality integrity and availability of VRS IT systems and data from unauthorized access and intrusion attempts. In concert with the CISO this position ensures Technology Security Services staff act as expert resources for the agency and analyzes business needs for the purpose of providing enhanced security solutions and to support agency goals. Additionally this position will develop and direct all counterintelligence operations in coordination with Satte and Federal authorities and collaborates with the agency Information Security Officer (ISO) to ensure timely reports to VITA and reconciliation of identified compliance gaps.
Essential functions include but are not limited to:
Assists CISO with overseeing the Enterprise information technology security program and operations.
Possesses and applies a broad range of advanced expertise of technology and security principles best practices policies and procedures to direct other technology staff in the completion of difficult and complex assignments crossing multiple functional areas.
Coordinates and provides senior level technical guidance to security staff.
Assists CISO and CTSO and other technology managers in project selection and scoping project management change management technology evaluations and planning procurements and integration of various technologies for VRS.
Mentors and directs other technical staff with project selection and scoping project management change management technology evaluations and planning procurements best practices and approaches for secure analysis/design and integration of various technologies for VRS as required.
Ensures that all components of the program work collaboratively to protect VRS data and systems and evolve as necessary to address emerging threats.
Verifies all sensitive systems have documented/approved system security plans.
Establishes the CRS counterintelligence program in concert with Local State and Federal Authorities
Coordinates with the CISO and the ISO to ensure all VITA standards and expectations are operationalized.
Manages all outsourced contracts in collaboration with the CISO and ensures that procurement policies are updated and followed.
With the CISO verifies VRS policies align with Commonwealth of Virginias security policies and standards.
Collaborates with the CISO and engages with the agencys cyber fraud analytics program to ensure fraud prevention and detection.
Actively assists the CISO and the CTSO in leading the office and ensuring that technology and security is proactively applied to solve business problems and achieve business goals.
Ensures that staff are focused on all aspects of security especially protection of sensitive customer information.
Oversees physical and logical building security.
Stays abreast of security vulnerabilities risk assessments and investigates suspicious activity. Monitors advancements in hacking/antihacking and other security technologies.
Oversees coordinates and performs penetration testing and vulnerability risk assessments internally externally and with third party business partners.
Maintains 24x7x365 Security Operations Center functionality monitoring reporting and responding to incidents.
Collaborates with various auditors to remediate respond and coordinate responses to potential findings or observations.
Directs and oversees business continuity planning disaster recovery; exercising each plan updating and modifying with each business partner to ensure positive outcomes.
Works collaboratively with technology management peers to ensure security is appropriately included in all development and maintenance activities.
Provides input and review of material for security awareness program and training; reviews training material to ensure consistency with agency operations and serves as a subject matter expert to deliver components of in person activities.
Implements and maintains a program of preventative detective and corrective controls; collaborates with agency ISO to ensure timely reconciliation of identified compliance gaps.
Minimum Qualifications
Bachelors degree in Computer Science or a closely related field.
Ten (10) years of experience in information technology security including 2 years of supervisory or lead experience or an equivalent combination of education and experience.
Extensive specialized knowledge and expertise in IS tools technologies and techniques that can be applied to lead other staff to accomplish agency goals in a timely manner with outstanding quality.
Commercial software development environment servicing B2B and B2C.
Technology experience with firewalls intrusion detection endpoint protection data networking end user computing virtualization Microsoft technologies and private/public cloud computing.
Additional Considerations
Proven ability in building highly productive teams. Proven ability to effectively build and sustain positive customer relationships and lead technical staff through substantial change.
Demonstrated ability to:
Direct a highly complex security operation
Ascertain and meet customer expectations
Work effectively and independently in a fast paced team environment where priorities can rapidly change
Solve the most complex problems through discovery and analysis with minimal guidance
Prioritize own work activities with minimal guidance and coaching
Complete complex projects independently with minimal oversight and direction
Manage competing priorities to meet goals
Learn new technologies and assist others in learning new technologies
Prioritize own work activities with minimal guidance and coaching
Communicate effectively orally and in writing
Develop and execute detailed and accurate work plans and appropriately communicate work plan risks and impacts to management
Provide maintain and follow technical documentation
Special Instructions
Currently VRS security team operates on a hybrid work schedule. The DCISO is expected to be onsite with the security team on designated days and at the discretion of the CISO when required.
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to Your Application in your account to check the status of your application for this position.
Contact Information
Name: Human Resources
Email:
In support of the Commonwealths commitment to inclusion we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS) or the Department for the Blind & Vision Impaired (DBVI). ServiceConnected Veterans are encouraged to answer Veteran status questions and submit their disability documentation if applicable to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at.
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1 2022 February 29 2024 can still use that COD as applicable documentation for the Alternative Hiring Process.
Required Experience:
Chief
Employment Type
Full-Time
