Deputy Chief Information Security Officer (Hybrid Work Schedule)

Title : Deputy Chief Information Security Officer (Hybrid Work Schedule)

State Role Title : Technology

Hiring Range : $174,447 - $190,000

Pay Band : UG

Agency : Virginia Retirement System

Location : Virginia Retirement System

Agency Website : www.varetire.org / careers

Recruitment Type : General Public - G

Job Duties

The Virginia Retirement System (VRS) is seeking a Deputy Chief Information Security Officer to direct and oversee the technology security operations program for the Investments organization within VRS, focusing on efforts to assure their security program allows their team to function with specific policies, procedures, and controls matched to their requirements.

Under the direction of the Chief Information Security Officer (CISO) this position will serve as a key advisor across the enterprise, including identifying key corporate security initiatives and standards. This position provides subject matter expertise to the VRS security staff developing and implementing technology that will protect the confidentiality, integrity and availability of VRS IT systems and data from unauthorized access and intrusion attempts. In concert with the CISO, this position ensures Technology Security Services staff act as expert resources for the agency and analyzes business needs for the purpose of providing enhanced security solutions and to support agency goals. Additionally, this position will develop and direct all counter-intelligence operations in coordination with Satte and Federal authorities and collaborates with the agency Information Security Officer (ISO) to ensure timely reports to VITA and reconciliation of identified compliance gaps.

Essential functions include but are not limited to :

• Assists CISO with overseeing the Enterprise information technology security program and operations.
• Possesses and applies a broad range of advanced expertise of technology and security principles, best practices, policies and procedures to direct other technology staff in the completion of difficult and complex assignments crossing multiple functional areas.
• Coordinates and provides senior level technical guidance to security staff.
• Assists CISO and CTSO and other technology managers in project selection and scoping, project management, change management, technology evaluations and planning, procurements, and integration of various technologies for VRS.
• Mentors, and directs other technical staff with project selection and scoping, project management, change management, technology evaluations and planning, procurements, best practices and approaches for secure analysis / design, and integration of various technologies for VRS as required.
• Ensures that all components of the program work collaboratively to protect VRS data and systems and evolve as necessary to address emerging threats.
• Verifies all sensitive systems have documented / approved system security plans.
• Establishes the CRS counterintelligence program in concert with Local, State, and Federal Authorities
• Coordinates with the CISO and the ISO to ensure all VITA standards and expectations are operationalized.
• Manages all outsourced contracts in collaboration with the CISO, and ensures that procurement policies are updated and followed.
• With the CISO verifies VRS policies align with Commonwealth of Virginia's security policies and standards.
• Collaborates with the CISO and engages with the agency's cyber fraud analytics program to ensure fraud prevention and detection.
• Actively assists the CISO and the CTSO in leading the office and ensuring that technology and security is proactively applied to solve business problems and achieve business goals.
• Ensures that staff are focused on all aspects of security, especially protection of sensitive customer information.
• Oversees physical and logical building security.
• Stays abreast of security vulnerabilities, risk assessments and investigates suspicious activity. Monitors advancements in hacking / anti-hacking and other security technologies.
• Oversees, coordinates, and performs penetration testing and vulnerability risk assessments internally, externally and with third party business partners.
• Maintains 24x7x365 Security Operations Center functionality monitoring, reporting and responding to incidents.
• Collaborates with various auditors to remediate, respond, and coordinate responses to potential findings or observations.
• Directs and oversees business continuity planning, disaster recovery; exercising each plan, updating, and modifying with each business partner to ensure positive outcomes.
• Works collaboratively with technology management peers to ensure security is appropriately included in all development and maintenance activities.
• Provides input and review of material for security awareness program and training; reviews training material to ensure consistency with agency operations and serves as a subject matter expert to deliver components of in person activities.
• Implements and maintains a program of preventative, detective and corrective controls; collaborates with agency ISO to ensure timely reconciliation of identified compliance gaps.

Minimum Qualifications

Bachelor's degree in Computer Science or a closely related field.

Ten (10) years of experience in information technology security including 2 years of supervisory or lead experience or an equivalent combination of education and experience.

Additional Considerations

Proven ability in building highly productive teams. Proven ability to effectively build and sustain positive customer relationships and lead technical staff through substantial change.

Demonstrated ability to :

Special Instructions

Currently, VRS' security team operates on a hybrid work schedule. The DCISO is expected to be onsite with the security team on designated days and at the discretion of the CISO when required.

You will be provided a confirmation of receipt when your application and / or résumé is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.

Contact Information

Name : Human Resources

Email : careers@varetire.org

In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS / DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.

Note : Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.

Salary : $174,447 - $190,000