Information Security Officer #00114
Q - Z, Richmond (City), Virginia
Full Time USD 113K - 133K
Virginia.gov
Title: Information Security Officer #00114
State Role Title: Info Technology Specialist III
Hiring Range: $113,000 to $133,600 annually. $5,000 Sign-On Bonus for those new to state service is being offered to the selected candidates. A one-year tenure agreement will be required for sign-on bonus.
Pay Band: 6
Agency: Virginia Department of Agriculture
Location: VDACS CENTRAL HEADQUARTERS
Agency Website: www.vdacs.virginia.gov
Recruitment Type: General Public - G
Job Duties
The Virginia Department of Agriculture and Consumer Services is seeking an experienced Information Security Officer (ISO) to continue to develop and maintain the Agency’s Security Program. The successful candidate will be responsible for ensuring the VDACS Security Program meets or exceeds the requirements of the Commonwealth of Virginia Information Technology Security Policies and Standards to ensure the security of Commonwealth and citizen data stewarded by the agency. The position will serve as a liaison between the agency and Commonwealth Security and Risk Management. The position must effectively communicate risk, security issues, incidents, and vulnerabilities to both technology and agency leadership. This position is responsible for assessment of the sensitivity of all VDACS systems and is responsible for ensuring appropriate policies are in place and reviewed periodically for compliance. The successful candidate will be responsible for managing the agency’s annual and on-boarding security awareness training programs. The position is responsible for ensuring risks, vulnerabilities, and security related issues are mitigated in accordance with risk and system criticality. The position will maintain the system inventory, risk assessments, and system security plans for the agency. This position will be responsible for assisting with the audit process for both internal and external audits. The position will also participate on the Technology Management Team and provide support for all technology projects to ensure systems follow security best practices and maintain compliance with Commonwealth standards. Once onboarded, this position may be eligible for telework opportunities; availability, hours, and duration of telework shall be approved as outlined in the Commonwealth’s telework policy.
Minimum Qualifications
Demonstrated ability to manage the agency's Information Security Program based on the Commonwealth's security standard. Extensive knowledge of the Commonwealth security standards including but not limited to Commonwealth of Virginia SEC530. Comprehensive knowledge of security principles, policies, procedures, risk management and internal controls in a technology environment. Ability to serve as a liaison between the agency, VITA, and outside technical experts as required. Ability to translate and understand federal, state and agency laws, regulations, standards and policies and their effects on information security. Knowledge of security in government and experience with the NIST standards for security. Ability to assess and document risk to agency IT systems and data. Ability to create and manage the disaster recovery preparedness program. Ability to provide technical direction, training and assistance to technology staff related to security features and requirements for development and the infrastructure Ability to analyze, evaluate and recommend security solutions for business and technical requirements. Extensive knowledge of Internet, intranet, networking security requirements and security vulnerabilities. Ability to communicate effectively both verbally and in writing. Demonstrated ability to organize and prioritize work in a team environment and individually while providing exceptional customer service. Experience developing and maintaining a security program compliant with the standards of the Commonwealth of Virginia. Experience developing and maintaining Business Impact Analysis, Risk Assessments, system Security Plans, and Disaster Recovery Plans. Experience developing and maintaining agency policies related to security and technology. Experience managing a Security Awareness Training Program. Experience identifying technical security vulnerabilities and risk and ability to solve technical and security problems. Considerable experience in information technology, information security, and the development process. Experience with firewall technologies, authentication, and authorization methods, and deploying, securing, and managing certificate authorities.
Additional Considerations
A combination of related education, training and experience indicating possession of the preceding knowledge, skills, and abilities to include knowledge of vulnerability remediation, technology forensic investigation, and hardware/software security compliance review. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred. Security Certifications are preferred. Hiring Salary Range: $113,000 to $133,600 annually. $5,000 Sign-On Bonus for those new to state service is being offered to the selected candidates. A one-year tenure agreement will be required for sign-on bonus.
Special Instructions
You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to “Your Application” in your account to check the status of your application for this position.
Final candidate must successfully complete a fingerprint-based criminal background check.
If you have been affected by DHRM Policy 1.30 Layoff, and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment.
Contact Information
Name: Human Resources
Phone: 804-371-8066
Email: hr.vdacs@vdacs.virginia.gov
In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Tags: Audits CISM CISSP Compliance Firewalls NIST Risk assessment Risk management System Security Plan Vulnerabilities
Perks/benefits: Career development Salary bonus Signing bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.