Deputy Director 4 (Information Security Officer)

Deputy Director 4 (Information Security Officer) (24000BLH) 

Organization

: Department of Children and YouthAgency Contact Name and Information: Sydney Flora

Unposting Date

: Nov 30, 2024, 4:59:00 AM

Work Location

: Children&Youth N. High Complex 246 North High Street  Columbus 43215

Primary Location

: United States of America-OHIO-Franklin County-Columbus Compensation: Dependent on Qualifications and Experience

Schedule

: Full-timeWork Hours: 8:00am - 5:00pmClassified Indicator: UnclassifiedUnion: Exempt from Union 

Primary Job Skill

: Executive LeadershipTechnical Skills: Information TechnologyProfessional Skills: Leading Others Agency Overview

About us:  

Our mission is to promote positive, lifelong outcomes for Ohio youth through early intervention, quality education, and family support programs. 

At DCY, we offer our employees a rewarding work experience in public service helping Ohioans achieve a sustainable lifestyle that includes generous benefit options and a flexible work life balance making our agency a great place to work! 
To learn more about DCY, please visit our website at Department of Children and Youth | Ohio.gov. 

Hybrid Work Details:

Subject to DCYs teleworking policy and an approved teleworking agreement, this position is eligible to work from a remote location on a hybrid basis. The selected applicant may be required to complete initial trainings prior to being eligible to telework. All requests to telework are reviewed on a case-by-case basis and must be approved by DCY’s Deputy Director of Human Resources and management, subject to the conditions outlined in the agency policy and teleworking agreement.  

Drug-Free Workplace:

The State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Job Description

Under administrative direction, assists Chief Information Officer (CIO) in the Division of Information Technology (IT) with responsibility to direct, manage, and oversee governance, risk, and compliance; in coordination with Department of Administrative Services (DAS):  

• Partners with members of the leadership team in governance, strategy, and processes to support the advancement of the agency using secured technology solutions.  

• Develop and communicate information security strategies, goals, objectives and plans to leadership team, staff, suppliers, customers, and stakeholders. 

• Oversee the establishment and enforcement of policies, procedures, and associated plans based on industry-standard best practices to reduce security risk; including providing definition and standards for acquiring and implementing secured information, software, hardware, network, and operating systems. 

• Develop, track, and control the annual operating and capital budgets for purchasing, staffing, and operations respective to area of oversight. 

• Conducts risk assessments to identify and modify overall security posture; identifies and prioritizes areas of greatest impact to the business. 

• Participates in the architecture review board and ensures changes to the environment include security controls. 

• As required, interfaces with Department of Administrative Services (DAS) and other external entities to execute on strategy, goals, and objectives.  

• Remain informed on trends and issues in the technology industry, including current and emerging technologies and cost.

• • Advise, counsel, and educate executive and management teams on their relative importance and financial impact. 
  • Oversees regulatory compliance (e.g., Internal Revenue Service [IRS] 1075; Federal Bureau of Investigation Criminal Justice Information Services [FBI CJIS]: Health Insurance Portability and Accountability Act of 1996 [HIPAA]) and ensures adherence to regulatory controls and protocols.

  Performs operational management (e.g., tracks and measures the enterprise's risk posture; reviews day-to-day management of IT security operations; oversees automation of internal controls and centralizes logging and reporting; manages the securing of all platforms and centralizes security event management; plans and oversees risk mitigation and remediation projects; develops and delivers risk awareness training for key staff and stakeholders; oversees disaster recovery planning, testing, and governance; oversees business continuity planning, testing, and governance; oversees IT audit activities; oversees vulnerability management; oversees access management). 

  Supervises assigned staff (e.g., assigns work and provides direction; makes recommendations for hire; reviews work and provides feedback; establishes employee goals; conducts performance evaluations; monitors and evaluates staff performance; approves/disapproves requests for leave; recommends disciplinary action; conducts staff meetings; encourages staff development). 

  Performs other related duties as assigned (e.g., participates in and conducts meetings; travels to attend trainings, conferences, and workshops; updates knowledge of technology products and solutions; participates in industry and other professional networks to ensure awareness of industry standards, trends, innovations, and best practices; prepares required administrative reports and correspondences; operates personal computer to produce correspondence, reports, and other documents; maintains logs, records, and files). 

Why Work for the State of Ohio

At the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes:

• Medical Coverage
• Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period
• Paid time off, including vacation, personal, sick leave and 11 paid holidays per year
• Childbirth, Adoption, and Foster Care leave
• Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more)
• Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation)

*Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.

Qualifications

Education:

• Bachelor's degree or equivalent in Computer Information Systems, Management Information Systems or Computer Science

Experience:

• 8 years work experience in information security roles and 5 years supervisory experience.

Technical Skills:

• Understanding of security concepts, network security, data protection, risk management, incident response, and vulnerability assessment

Compliance Knowledge:

• Familiarity with relevant industry regulations like HIPAA, Knowledge of relevant security regulations and compliance frameworks 

Certifications:

• Industry certifications such as CISSP, CISM (Certified Information Security Manager), CompTIA Security+, or CISA (Certified Information Systems Auditor) are preferred

Job Skills: Executive Leadership

Supplemental Information

Supplemental Information:

The compensation determined for this position will be dependent on qualifications commensurate with experience. 

All answers to the supplemental questions must be supported by the work experience/education provided on your civil service application. Attachments will not be considered as part of your application.

Travel required, as needed. Must provide own transportation or, in order to operate a state vehicle, you must have a valid driver’s license.

Background Check Information:

The final candidate selected for the position will be required to undergo a criminal background check. Criminal convictions do not necessarily preclude an applicant from consideration for a position. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration. 

Status of posted positions: 

You can check the status of your application online be signing into your profile and clicking the “My Jobpage” tab to view completed submissions and submission details. If you have questions other than your applications status, please direct them to DCY.HumanResources@childrenandyouth.ohio.gov.  

ADA Statement

Ohio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.

Drug-Free Workplace

The State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.