Information Security Officer

Title:Information Security Officer

State Role Title: Info Technology Specialist III

Hiring Range: $85,000 - $110,000

Pay Band: 6

Agency: Department of Fire Programs

Location: Dept of Fire Programs

Agency Website: www.vafire.com

Recruitment Type: General Public - G

Job Duties

About the Agency
The mission of the Virginia Department of Fire Programs (VDFP) is to be committed to providing the highest level of risk reduction efforts as well as coordinating and delivering specialized professional development and training to emergency response personnel across the Commonwealth. The Virginia Department of Fire Programs is committed to enhancing public safety throughout the Commonwealth.
About the Position
The Information Security Officer is responsible for developing and managing the agency's IT security program, and ensuring compliance with associated standards, regulations, and guidelines promulgated by the Virginia IT Agency (VITA). Specifically, this position will be responsible for but not limited to developing and managing agency level Information Security policies; reviewing business impact
analyses; reviewing all security role requests including creation, modification, and deletion of employees, employee access rights in all sensitive systems; inventorying all sensitive IT systems including ownership, roles, and boundaries, and updating the documentation as changes occur; and performing continuous monitoring, and classification of sensitivities identified in VDFP's data and IT systems as required by VITA standards. The incumbent of this position will also be responsible for conducting/coordinating the agency's annual risk assessment conducting/coordinating audits; conducting business impact analyses and assessing systems for data sensitivity as required by COV; developing a process to respond to Information Security incidents and responding to security incidents as needed; and coordinating Information Security awareness training.

Minimum Qualifications

Systems administration/engineer certification from a major operating system (MCSE, SCSA, RHCE, CNE).

 Certified as an Information Systems Security Professional (CISSP), Systems
Security Certified Practitioner (SSCP) or a GIAC Security Essentials Certification
(GSEC) upon hire or must obtain one of the above noted certifications within 12
months of hire.
Experience demonstrating knowledge of practices and tools for the effective
planning, control, and management of information systems technology.
A work history demonstrating considerable experience, knowledge, and abilities
to determine network sensitivities and vulnerabilities.
Experience demonstrating the ability to provide innovative and creative business
solutions to changes in integrated systems technology and software applications.
Experience providing Technical IT and business support services to diverse
internal and external stakeholders.
Budget Experience demonstrating the ability to develop, manage, and track
program budget program expenditures.
Experience demonstrating knowledge, skills, and abilities to leverage various
technologies to develop Information Security awareness program training for
diverse staff and customers.
Experience communicating verbally with demonstrated ability to conduct training
sessions, make formal presentations, provide technical guidance to all levels of
staff as needed, and experience communicating in writing with demonstrated
ability to formulate reports, technical guidance documents/policies, and other
similar forms of correspondence.
Experience demonstrating the ability to interpret, understand, and comply with
complex IT policies/practices, guidelines, and standards of state and federal
regulations.

Additional Considerations

A college degree from an accredited university in information technology or
information systems is preferred.
A work history demonstrating 5 years or more of experience performing
Information Security activities; or an equivalent combination of education and
experience is preferred.
Experience demonstrating considerable knowledge of the Commonwealth's
Information Technology Resource Management - Information Security Standard
SEC501.
Certifications in Information Systems Security Professional (CISSP), Systems
Security Certified Practitioner (SSCP), or GIAC Security Essentials Certification
(GSEC) is preferred.

Special Instructions

You will be provided a confirmation of receipt when your application and/or resume is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.

Valid driver's license. Occasional daytime travel may be required. Ability to
successfully qualify for U.S. Government Security Clearance. Certified as an
Information Systems Security Professional (CISSP), Systems Security Certified
Practitioner (SSCP) or a GIAC Security Essentials Certification (GSEC) upon hire or
must obtain one of the above noted certifications within 12 months of hire.
Criminal History: The individual has not been convicted of or pled guilty or no
contest to a felony or any offense that would be a felony if convicted in the
Commonwealth, have not been convicted of or pled guilty or no contest to (a) any
misdemeanor involving moral turpitude, including but not limited to petit larceny
under 18.2-96, or any offense involving moral turpitude that would be a
misdemeanor if committed in the Commonwealth, (b) any misdemeanor sex
offense in the Commonwealth, another state, or the United States, including but
not limited to sexual battery under 18.2-67.4 or consensual sexual intercourse
with a minor 15 or older under clause (ii) of 18.2-371, or (c) domestic assault
under 18.2-57.2 or any offense that would be domestic assault under the laws of
another state or the United States.
Other: U.S. Citizen at least 18 years of age. A one-year probationary period is
required of all newly hired and re-hired employees.
The candidate selected for this position will be required to successfully complete a
background check. State employees who have been affected by Policy 1.3 Layoff
and possess a valid Interagency Placement Screening Form (Yellow Card) or a
Preferential Hiring Form (Blue Card) must submit the card BEFORE the closing date
for this position. The card may be scanned and attached to the application or faxed
to (804) 371-7401. Please include your name and the position number on the fax
cover sheet. You may apply for this position at https://www.jobs.virginia.gov/home.
Reasonable accommodations are available to individuals with disabilities during
the application and/or interview processes per the Americans with Disabilities Act.
Please contact Ethel White at (804) 249-1992 for assistance. VETERANS,
PEOPLE WITH DISABILITIES, AMERICORPS, PEACE CORPS, AND OTHER NATIONAL
SERVICE ALUMNI ARE ENCOURAGED TO APPLY.
Equal Opportunity Employer

Contact Information

Name: Taris Harmon

Phone: 804-225-2532

Email: taris.harmon@dhrm.virginia.gov

In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their Certificate of Disability (COD) provided by a Vocational Rehabilitation Counselor within the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their Certificate of Disability. If you need to get a Certificate of Disability, use this link: Career Pathways for Individuals with Disabilities, or call DARS at 800-552-5019, or DBVI at 800-622-2155.