Salary: $99,030.00 - $183,219.00 Annually
Location : Richland County, SC
Job Type: FTE - Full-Time
Job Number: 165856
Agency: Department of Administration
Opening Date: 06/17/2024
Closing Date: 6/30/2024 11:59 PM Eastern
Agency Specific Application Procedures:: All applicants must apply online.
Class Code:: AF50
Position Number:: 60006729
Normal Work Schedule:: Monday - Friday (8:30 - 5:00)
Pay Band: Band 10
Hiring Range - Min.: $99,030.00
Hiring Range - Max.: $155,000.00
Opening Date: 06/17/2024
EEO Statement: Equal Opportunity Employer
Veteran Preference Statement: South Carolina is making our Veterans a priority for employment in state agencies and institutions.
Job Responsibilities
Virtual Chief Information Security Officer
The Department of Administration, Division of Information Security (DIS) seeks an experienced Virtual Chief Information Security Officer (V-CISO) that specializes in IT risk management. This position will be onsite in Columbia SC, serving as a liaison between DIS and SC Department of Juvenile Justice (SCDJJ). Most of your time will be spent with SCDJJ, and you will participate in a regular cadence with DIS. Your expertise will be leaned on for advisement of executive leadership and IT management on information security and privacy program requirements. You will impact and direct the implementation of information security policies, processes, and procedures. A key portion of this role is dedicated to communicating security both at the executive leadership level and throughout agency operations to facilitate adoption of security best practices.
Responsibilities of the Virtual Chief Information Security Officer:

• Manage regular intrusion detection and vulnerability reporting, audit group reviews, and coordination of all required completions.
• Develop business metrics to measure the effectiveness of the security management program and increase maturity.
• Monitor external threat environment for emerging threats and advise relevant stakeholders on appropriate course of action.
• Determine acceptable levels of risk and manage risk and incident response system to include monitoring, evaluations, tests, audits, and mitigation strategies to reduce or eliminate identified vulnerabilities.
• Develop, coordinate and deliver security awareness and privacy training for agency employees.
• Ensure all information owned, collected, or controlled by the agency is processed and stored in accordance with applicable laws and requirements.
• Oversee evaluation, selection, and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
• Control access to agency systems and data.
• Develop and implement a strategic long-term information security strategy and road map to ensure protection of assets.
• Ensure security management program complies with applicable laws, regulations, and contractual requirements.
• Lead the development of up-to-date information security policies, procedures, standards, and guidelines and oversee their approval, dissemination, and maintenance.

Minimum and Additional Requirements

• A bachelor's degree in computer science or relate field and at least eight (8) years of experience in information security, four (4) of which are in a leadership role.
• Relevant experience may be substituted for the bachelor's degree on a year-for-year basis.
• Candidate must be eligible to obtain and retain a Secret or higher security clearance from appropriate federal authorities.

Additional Requirements:

• Expert level knowledge of security administration for various operating systems and software.
• Knowledge of security, privacy, risk, and control frameworks and standards such as NIST, CIS, CJIS, HIPAA, FERPA, PCI, and the SC DIS-200.
• Expert analytical problem-solving skills and ability to develop project plans for information security systems.
• Expert knowledge and understanding of information risk concepts and principles, and ability to relate business needs and security controls.
• Expert ability to document and present security findings clearly and logically.
• Ability to explain information security concepts to audiences outside the field and to executive-level staff.
• Knowledge of South Carolina state government procedures and processes.
• Knowledge of South Carolina state procurement and contracting principles.
• Experience with contract and vendor negotiations.
• Professional certifications such as CISSP, CISM, GIAC, CIPM, CIPP.

Applicants indicating college credit or degree(s) on the application will be required to bring a copy of college transcript to the interview. A copy of the transcript may also be uploaded as an attachment to the application, if required by the hiring department or if desired by the applicant. Please note that some areas of the Department may require an official, certified copy of the transcript prior to hiring or within a specific timeframe required by that area, after hiring. Failure to produce an official, certified transcript may result in not being hired or termination.
Additional Comments
The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.
Supplemental questions are considered part of your official application. Any misrepresentation will result in your disqualification from employment. Please complete the state application to include all current and previous work history and education. A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.
The South Carolina Department of Administration offers an exceptional benefits package for full time (FTE) employees:

• Health, dental, vision, long-term disability, and life insurance for employees, spouse, and children. Click here for additional information.
• 15 days annual (vacation) leave per year
• 15 days sick leave per year
• 13 paid holidays
• Paid parental leave
• S.C. Deferred Compensation Program available S.C. Deferred Compensation)
• Retirement benefit choices *
  • State Retirement Plan SCRS
  • State Optional Retirement Program (State ORP)

*Enrollment in one of the listed plans is required for all FTE employees; please refer to the contribution section of hyperlinked retirement sites for the current contribution rate of gross pay.
Benefits for State Employees
The state of South Carolina offers eligible employees generous benefits, including health and dental insurance; retirement and savings plan options; and paid vacation and sick leave. Plus, work-life balance programs such as telecommuting and flexible work schedules are available to employees of some state agencies.

Insurance Benefits
Eligible employees may enroll in health insurance, which includes prescription coverage and wellness benefits. Other available insurance benefits include dental, vision, term life insurance, long term disability and flexible spending accounts for health and child care expenses.

Retirement Benefits
State employees are also offered retirement plan options, including defined benefit and defined contribution plans. Additionally, eligible employees may elect to participate in the South Carolina Deferred Compensation Program, which is a voluntary, supplemental retirement savings plan offering 401(k) and 457 plan options.

Workplace Benefits
State employees may also be eligible for other benefits, including tuition assistance; holiday, annual and sick leave; and discounts on purchases, travel and more.

Note: The benefits above are available to most state employees, with the exception of those in temporary positions. Employees in temporary grant and time-limited positions may be eligible for all, some or none of these benefits as benefits are associated with each position type. For these positions, contact the hiring agency to determine what benefits may be available.
01

Supplemental questions are considered part of your official application. Any misrepresentation will result in your disqualification from employment. Please complete the state application to include all current and previous work history and education. A resume will not be accepted or reviewed to determine if an applicant has met the qualifications for the position. I have read and acknowledge the above statement.

• Yes
• No

02

Which of the following best describes your educational experience?

• At least a bachelor's degree in computer science or relate field and at least eight (8) years of experience in information security.
• At least an associate's degree and at least ten (10) years of experience in information security.
• A high school diploma and at least twelve (12) years of experience in information security.
• None of the above.

03

Do you have at least four (4) years of information security experience in a leadership role?

• Yes
• No

04

Are you able to obtain a secret or higher security clearance?

• Yes
• No

Required Question