Chief Information Security Officer
The Chief Information Security Officer (CISO) provides leadership and day-to-day coordination for securing and protecting VCCS information resources and the supporting infrastructure from external and internal threats, while administering the overall security operations. The CISO is responsible for the planning, implementation, management and administration of the VCCS Information Security Program; and creates and develops security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Duties include but are not limited to:
- Directly responsible for supervising the activities of all staff assigned to Security, Risk and Compliance (SRC) including hiring, evaluating and dismissing personnel. Establishes project priorities, determines staff assignments, resolves conflict and provides for employee career development.
- Develops, administers, and maintain the VCCS Information Security Program and supporting models, policies, standards and guidelines that comply with all COV, VCCS, and applicable security standards.
- Serves as the VCCS Chief Information Security Officer and an expert advisor to ITS management team and the twenty three colleges in the development, implementation, and maintenance of an information security infrastructure.
- Contributes to and participate in supporting VCCS Governance and the Information Technology Mission in accordance with the VCCS Information Technology Plan and directions received from the Vice Chancellor of ITS.
- Develop and maintain the VCCS IT Audit Plan and coordinate the successful completion of the annual audits
- Responsible for establishing and maintaining effective communications and coordination within the ITS organization as well as with the System Office, the twenty three colleges, external state agencies, and all business partners.
- Develop reports, correspondence and documentation in order to fulfill administrative reporting requirements. Assists in budgetary planning and preparation for all assigned projects and related investments that impact security
Requirements:
- Bachelor's degree or combination of equivalent education and experience to allow the position to complete the essential functions of the job.
- Information security program development and management to include: risk identification and mitigation, security architecture, and compliance.
- Current trends and advancements in IT systems and enterprise wide security
- Implementation experience with commonly accepted industry standards and best practices, including ISO 27000, NIST publications, ISF Best Practices, etc.
- Substantial experience with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
- Demonstrated knowledge of IT Security and IT Audit concepts and techniques
- Comprehensive knowledge of VCCS and Virginia's security standards
- Substantial knowledge of cited functions and four-year degree in Computer Science, Information Management, or related field, or equivalent work experience is required.
- Higher education, governmental agency or corporate/industry information security experience.
- Extensive experience as information security officer.
- Proven ability to define and develop solutions based on business requirements.
- Extensive experience working in Information Technology.
- Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of the Information Technology Services team and communicate information security-related concepts to a broad range of technical and non-technical staff.
- Experience with large enterprise systems (ERP deployments).
- Progressive experience in computing and information security efforts.
- Experience as a systems engineer, network engineer or software developer.
- Excellent knowledge of network protocols and operations.
- Considerable experience with disaster recovery planning and testing, auditing, risk analysis, and business continuity planning.
Preferred:
- CISSP or other security certification/accreditation.
- An advanced degree in Information Management, Computer Science or related field.
Additional Information:
The VCCS System Office is located in the beautiful Arboretum Business Park off of Midlothian Turnpike in southwest of Richmond. Please keep this in mind as you consider this position.
This position is a state classified position and the individual hired will be required to serve a one-year probationary period. The VCCS offers competitive compensation along with excellent benefits and opportunity for career development. For information on benefit offerings, go to: http://cdn.vccs.edu/wp-content/uploads/2013/07/Classified-Staff-Benefits....
Hiring Range: Salary commensurate with education and relevant experience.
About the Richmond Area: The Blue Ridge Mountains and the Atlantic Ocean are within 1 1/2 hours. We have the beautiful James River, wonderful restaurants, shopping, kayaking, fishing, boating, state of the art hospitals, world class museums, major historical sites, shows, concerts and festivals, automobile racing, and much, much, more.
Application Instructions:
To apply for this position, qualified applicants must complete the online information section and questions, and attach a resume and cover letter with salary requirements for consideration. This position will remain open until filled, however, first consideration will be given to applicants who apply by May 20, 2018.
Reference, background, and e-Verify checks are required for all VCCS positions.
The Virginia Community College System is committed to fostering, cultivating, and sustaining a culture of diversity and is an Equal Opportunity/Affirmative Action Employer. The VCCS encourages applications from women, minorities, veterans, and those with disabilities in our effort to reflect our diverse society. Reasonable accommodations are available to persons with disabilities during application and/or interview process per the Americans with Disabilities Act. Contact 804-819-4685 for assistance.
We thank you for your interest in the Virginia Community College System. Unfortunately due to the volume of submissions, we cannot respond to applicants directly. If we believe your education, experience and/or skills may be a good fit for this position, a member of our team will reach out to you for additional information and next steps.