Virtual Chief Information Security Officer - 61049747

Full Job Description

Virtual Chief Information Security Officer The Department of Administration's Division of Information Security (DIS) is seeking an experienced Virtual Chief Information Security Officer that specializes in IT risk management.

DIS is responsible for a variety of statewide policies, standards, programs and services related to cybersecurity and information systems, including the statewide coordination of critical infrastructure information.

You will function as a liaison within DIS to assist assigned agencies with implementation and maintenance of information security programs with a key portion of the role dedicated to communicating security both at the division leadership level and throughout assigned agency operations to facilitate adoption of security best practices.

If you are a forward-thinking security professional with an actionable mind set and want to make a difference, join DIS in leading that charge.

You will have the opportunity to impact decisions, implement security practices and standards that will protect our SC state government agencies.

This position is onsite in Columbia, South Carolina.

Job Responsibilities of the Virtual Chief Information Security Officer:

• Partner and work collaboratively with assigned agency leadership and IT management to identify information security and compliance requirements.

• Advise agency executive leadership and IT management on information security and privacy program requirements and direct the implementation of information security policies, processes, and procedures.

• Complete regular intrusion detection and vulnerability reporting, audit group reviews, and coordination of all required fixes.

• Assist with development of business metrics to measure the effectiveness of the security management program and increase the maturity of the program over time.

• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

• Determine acceptable levels of risk for the agency and manage a risk and incident response system to reduce or eliminate identified vulnerabilities.

• Ensure all agency information and system access is processed, stored, and controlled in accordance with applicable laws and contractual requirements.

• Oversee the evaluation, selection, and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.

• Develop and implement a strategic long-term information security strategy and road map, to ensure information assets are adequately protected, and the security management program complies with applicable laws, regulations, and contractual requirements.

Requirements

• A bachelor’s degree in computer science or related field and at least eight (8) years of experience in information security, four (4) of which are in a leadership role.
• Relevant experience may be substituted for the bachelor's degree on a year-for-year basis.
• Candidate must be eligible to obtain and retain a Secret or higher security clearance from appropriate federal authorities.

Additional Requirements

• Expert level knowledge of security administration for various operating systems and software.
• Knowledge of security, privacy, risk, and control frameworks and standards such as NIST, CIS, CJIS, HIPAA, FERPA, PCI.
• Expert analytical problem-solving skills and ability to develop project plans for information security systems.
• Expert knowledge and understanding of information risk concepts and principles, and ability to relate business needs and security controls.
• Expert ability to document and present security findings clearly and logically.
• Ability to explain information security concepts to audiences outside the field and to executive-level staff.
• Knowledge of South Carolina state government procedures and processes.
• Knowledge of South Carolina state procurement and contracting principles.
• Experience with contract and vendor negotiations.
• Professional certifications such as CISSP, CISM, GIAC, CIPM, CIPP.
• Employee may be required to work beyond the standard 37.5 hours/week including nights, weekends and holidays, and during emergency/disaster events including hazardous weather either on site, remotely, or in combination of the two.

Applicants indicating college credit or degree(s) on the application may bring a copy of college transcript to the interview. A copy of the transcript may also be uploaded as an attachment to the application, if required by the hiring department or if desired by the applicant. Please note that some areas of the Department may require an official, certified copy of the transcript prior to hiring or within a specific timeframe required by that area, after hiring. Failure to produce an official, certified transcript may result in not being hired or termination.

Additional Information

The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.

Supplemental questions are considered part of your official application. Any misrepresentation will result in your disqualification from employment.

Please complete the state application to include all current and previous work history and education.

A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.

The South Carolina Department of Administration offers an exceptional benefits package for full time (FTE) employees:

• Health, dental, vision, long-term disability, and life insurance for employees, spouse, and children. Click herefor additional information.
• 15 days annual (vacation) leave per year
• 15 days sick leave per year
• 13 paid holidays
• Paid Parental Leave
• S.C. Deferred Compensation Program available (S.C. Deferred Compensation)
• Retirement benefit choices *
  • State Retirement Plan (SCRS)
  • State Optional Retirement Program (State ORP)

*Enrollment in one of the listed plans is required for all FTE employees; please refer to the contribution section of hyperlinked retirement sites for the current contribution rate of gross pay.