IT Security & Compliance Specialist II (Chief Information Security Officer)

~RECRUITMENT RANGE: $84,353 – $108,286/DT10~

The North Carolina Department of the Secretary of State (NC SOS) is the heartbeat of the business community promoting economic growth and protecting the public from financial harm. The Department works with business, banking and legal communities to strengthen our state's economy with a state-of-the-art system of reliable business and governmental records. We also safeguard individuals and businesses against fraud. The IT Security team is crucial to the Department to ensure these goals are met through the protection of data and systems from cyber threats. 

 

DESCRIPTION OF WORK: This position will report to the Department's Chief Information Officer and manage the agency's overall security function and oversee all security control measures. 

 

Job responsibilities include:

• Manage, direct and implement information security policies, standards and guidelines to ensure compliance with State and Federal compliance requirements.
• Manage all aspects of third-party vendor applications and resources.
• Oversee and direct information security risk management and continuous monitoring that integrates vulnerability and threat assessment activities.
• Oversee and manage the department's annual Business Impact Analysis (BIA) and Business Continuity Plan (BCP) development and exercises.
• Oversee the incident response management activities as necessary to ensure the department effectively responds to security incidents.
• Manage and direct audit and compliance activities to ensure that information systems are operating in compliance with State and Federal requirements.
• Manage all information security awareness training to ensure all department employees receive training as required.
• Prepare routine reports utilizing IT security data and metrics.
• Research security enhancements and make recommendations to senior staff.
• Manage a staff of one or more IT Security professionals.

• Thorough understanding of information technology and security concepts.
• Experience performing information security threat assessments and audits.
• Knowledge of operating systems (e.g., Linux, Windows, VMWare), networks, hardware and software platforms, and protocols as they relate to information security.
• Thorough understanding of BIA, SCP, COOP, and disaster recovery concepts and practices.
• Experience with IT security products, solutions, best practices, and state security requirements.
• Experience with secure networking technologies such as firewalls and IDS/IPS technologies.
• In-depth understanding of security management practices, access control systems, telecommunications and network security, application and system development, investigation and ethics, and physical security.
• In depth understanding of data encryption techniques and identification and authentication solutions.
• Ability to establish and maintain effective working relationships.
• Excellent written and verbal communications skills.
• Ability to make independent decisions and exercise sound judgment.
• Knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls (e.g., National Institute of Standards and Technology (NIST), Payment Card Industry Data Security Standard (PCI DSS) etc.)

 

MANAGEMENT PREFERENCES:

• Experience with State of North Carolina Compliance, SCP, COOP, and other security-related documentation and reporting requirements.
• Familiarity with the requirements of the State of North Carolina Statewide Information Security Manual and related policies.
• Experience with the following technologies or their equivalents:
  • Palo Alto NGFW
  • Solarwinds Orion (NCM, NPM, SCM, NTA, WPM)
  • Solarwinds SEM and ARM
  • Crowdstrike End Point Protection
  • lvanti Security Controls (Patching)
  • Nessus Scanning Appliance 
• Preference will be given to those candidates with a current nationally recognized IT security certification such as CISSP and or CISA.

 * Employment at NC SOS is contingent upon a satisfactory background check

Some state job postings say you can qualify by an ‘equivalent combination of education and experience.’ If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.

 

Bachelor’s degree in computer science or a related IT field or related degree from an appropriately accredited institution and two years of progressive experience in IT Security or closely related area; or Associate degree in computer science or a related IT field or related degree from an appropriately accredited institution and three years of progressive experience in IT Security or closely related area; or an equivalent combination of education and experience.

To apply for this position, please click the "Apply" link on the Government Jobs website or visit Job Opportunities with the Secretary of State to complete an online application.

 

Applications that include "see attached" or rely solely on resumes instead of completing the formal application's education and work experience sections will be considered incomplete and ineligible for consideration for the vacancy. Unless explicitly requested in the vacancy announcement (e.g., transcripts, proof of licensure or certification), all attachments are considered optional and will not be reviewed during the initial screening to assess the applicant's eligibility for the vacancy.

 

Applicants seeking Veteran's Preference must attach a DD Form 214, Certificate of Release or Discharge from Active Duty, along with their application.

 

Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if currently serving as a member of the NC National Guard in good standing. If you are a former member of the NC National Guard with a service tenure of at least 6 years and an honorable discharge, please attach either a DD256 or NGB 22.

 

The North Carolina Department of the Secretary of State is committed to Equal Opportunity Employment and employs the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified candidates. The actual salary will be determined based on relevant competencies, knowledge, skills, and abilities, as well as considerations for internal equity and budgetary considerations pertinent to the advertised position.

 

State Employees are encouraged to apply for positions of interest even if the salary grade is the same as, or lower than their current position.

 

The State of North Carolina offers health insurance, twelve paid holidays, one personal observance leave day, generous vacation and sick leave accrual, dental and vision coverage, and additional insurance options, along with retirement benefits. Detailed information about our benefits can be found at NC OSHR: Benefits. 

 

If you are having technical issues submitting your application, please call the NC Office of State Human Resources at 984-236-0800.

 

 

For further information, please contact:

                       APRIL TIBBS, ASSISTANT HR DIRECTOR
                       North Carolina Secretary of State
                       Human Resources | Old Revenue Building
                       2 S. Salisbury Street | Raleigh, NC 27601
                       Phone: (919) 814-5331 | Fax: (919) 814-5395
                       Email: atibbs@sosnc.gov

Salary : $84,353 - $126,529