What are the responsibilities and job description for the Information Security Officer position at VCCS-System Office?
Posting Summary
Working Title
Information Security Officer
Role Title
Info Technology Specialist III
Role Code
39113-SW
FLSA
Exempt
Pay Band
06
Position Number
261R0052
Agency
VCCS-System Office
Division
System Office (Div)
Work Location
Chesterfield - 041
Hiring Range
$80,000 - $100,000
Emergency/Essential Personnel
No
EEO Category
B-Professional
Full Time or Part Time
Full Time
Does this position have telework options? -Telework options are subject to change based on business needs-
Yes
Does this position have a bilingual or multilingual skill requirement or preference?
No
Work Schedule
The employee is expected to work outside of normal business days and hours to meet established business goals. The further expectation is that the nature of the work requires that the employee must be able to work fully remote and be on-call nights and weekends. Potential to telework dependent upon business needs and DHRM and VCCS telework policies. Telework policy is subject to change. Travel and overnight stays are expected quarterly.
Sensitive Position
No
Job Description
Virginia’s community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwealth’s economy. When Virginia’s General Assembly established the Virginia Community College System in 1966, the need for a comprehensive system was well known. Over the two decades after the end of World War II, leaders in government, business, professional sectors, and academia had called for a new approach to providing educational opportunity. A key concern was Virginia’s ability to develop a skilled and knowledgeable workforce to expand the state’s economy. Today our community colleges give every Virginian the opportunity to gain a quality education. With 23 colleges on 40 campuses located throughout the state, Virginia’s Community Colleges are committed to serving Virginia families, helping them acquire the knowledge and skills to seize the opportunities of today and tomorrow.
The Information Security Officer provides guidance and oversight for information security activities necessary to secure and protect information resources and technology infrastructure at one or more VCCS organizations (college/agency) from external and internal threats while supporting the overall VCCS Information Security Program.
The position serves as the Information Security Officer for one or more VCCS organizations and assists the college/agency administration in the planning, implementation, management and administration of their information security program.
The position will develop and advise college staff on security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure; address issues and matters specific to information security and their impact on telecommunications and computing areas such as voice, data, and video; desktops and servers; and general computing applications and services; provide analyses and reports to college management on the development and implementation of security controls necessary to address information security risks; confer with college/agency management, technical staff, system/data owners, auditors, security officers, and other personnel to plan and implement the college/agency information security program as outlined in the VCCS Memorandum of Understanding for Information Security Shared Services (ISSS).
Special Assignments
May be required to perform other duties as assigned. May be required to assist the agency or state government generally in the event of an emergency declaration by the Governor.
KSA's/Required Qualifications
Required:
Ability to meet the requirements to obtain and maintain the VCCS ISO certification as outlined below:
Ability to meet the requirements to obtain and maintain the VCCS ISO certification as outlined below:
A. Graduation from an accredited Cybersecurity Degree program; or
B. Has obtained and maintained any advanced information security certification listed below:
- ISACA Certified Information Systems Auditor (CISA)
- ISACA Certified Information Systems Manager (CISM)
- ISACA Certified in Risk and Information Systems Control (CRISC)
- ISC2 Certified Information Systems Security Professional (CISSP)
- ISC2 Governance, Risk and Compliance Certification (CGRC)
- GIAC Security Leadership (GSLC)
- GIAC Information Security Professional Certification (GISP)
; or
C. Previously met all requirements for the Commonwealth Certified Information Security Officer position with another Commonwealth of Virginia agency; or
D. Served in the role of Information Security Officer for a minimum of five years.
KSA’s:
Comprehensive knowledge:
- Information security program development and management to include: risk identification and mitigation, security architecture, and compliance.
- Current trends and advancements in IT systems and enterprise wide security
- Implementation experience with commonly accepted industry standards and best practices, including ISO 27000, NIST publications, ISF Best Practices, etc.
- Some experience with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
- Demonstrated knowledge of IT Security and IT Audit concepts and techniques
- Comprehensive knowledge of VCCS and Virginia’s security standards
- Significant understanding and management capability related to the effective planning, implementation and maintenance of a highly technical and complex information technology infrastructure.
- Current trends and advancements in the security industry.
- Creating documentation (White papers, models, guidelines, user guides, procedures, test plans, implementation plans, etc.).
- Security and networking hardware and software evaluation.
- Internet, Intranet, Extranet, and Remote Access network design Standards and protocols.
- Directory Services Security automation
- Web services Implementation and SSL security
- ERP Applications (preferably Oracle/PeopleSoft).
- In all the items listed under comprehensive and considerable knowledge.
- In all the items listed under working knowledge.
- To learn new things and to apply them when and where appropriate.
- Outstanding oral/written communication.
- Detail-oriented.
- To work on multiple tasks simultaneously.
- To apply general work experience to a task.
- To work independently or as part of a team.
- To work in stressful situations.
- To use logic to resolve complex problems.
- To communicate and work well with everyone from the highest levels of technical Management to staff level.
- Ability to understand a technical environment, and plan accordingly.
- To find creative solutions to problems.
- To analyze user needs and solve problems.
- To be a self-starter and work independently.
- To use logic to resolve complex problems.
- Coordinate work of a team.
- To coordinate multiple projects and priorities.
Additional Considerations
CISSP, CISM, or other security certification/accreditation desirable.
Operation of a State Vehicle
No
Supervises Employees
No
Required Travel
Travel is required. Overnight stays are expected quarterly. Expenses related to travel are reimbursable based on state guidelines.
Posting Detail Information
Posting Number
CLS_3556P
Recruitment Type
General Public - G
Number of Vacancies
1
Position End Date (if temporary)
Job Open Date
02/04/2025
Job Close Date
02/18/2025
Open Until Filled
No
Agency Website
Contact Name
Patsy Rose
Email
prose@vccs.edu
Phone Number
804-819-4938
Special Instructions to Applicants
In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth’s Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly called a Certificate of Disability) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans may also apply via the AHP if they also provide an AHP Letter. To request an AHP Letter, use this link:
Additional Information
This position is defined as a restricted classified position and is dependent upon the continuation of funding. The individual hired will be required to serve a one-year probationary period. The VCCS offers competitive compensation along with excellent benefits and opportunity for career development.
Background Check Statement Disclaimer
The selected candidate’s offer is contingent upon the successful completion of a criminal background investigation, which may include: fingerprint checks, local agency checks, employment verification, verification of education, credit checks (relevant to employment). Additionally, selected candidates may be required to complete the Commonwealth’s Statement of Economic Interest. For more information, please follow this link: http://ethics.dls.virginia.gov/
EEO Statement
The Virginia Community College System, an EEO employer, welcomes applications from people of all backgrounds and recognizes the benefits of a diverse workforce. Therefore, the VCCS is committed to providing a work environment free of discrimination and harassment. Employment decisions are based on business needs, job requirements and individual qualifications. We prohibit discrimination and harassment on the basis of race, color, religion, sex, national origin, age, sexual orientation, mental or physical disabilities, political affiliation, veteran status, gender identity, or other non-merit factors.
ADA Statement
The VCCS is an EOE and Affirmative Action Employer. In compliance with the Americans with Disabilities Acts (ADA and ADAAA), VCCS will provide, if requested, reasonable accommodation to applicants in need of access to the application, interviewing and selection processes.
E-Verify Statement
VCCS uses E-Verify to check employee eligibility to work in the United States. You will be required to complete an I-9 form and provide documentation of your identity for employment purposes.
Salary : $80,000 - $100,000
