Information Security Officer
Information Security Officer
Job Description
Virginia’s community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwealth’s economy. When Virginia’s General Assembly established the Virginia Community College System in 1966, the need for a comprehensive system was well known. Over the two decades after the end of World War II, leaders in government, business, professional sectors, and academia had called for a new approach to providing educational opportunities. A key concern was Virginia’s ability to develop a skilled and knowledgeable workforce to expand the state’s economy. Today our community colleges allow every Virginian to gain a quality education. With 23 colleges on 40 campuses located throughout the state, Virginia’s Community Colleges are committed to serving Virginia families, helping them acquire the knowledge and skills to seize the opportunities of today and tomorrow.
The chief objective of this position is to provide information security guidance and oversight for information security activities necessary to secure and protect information resources and technology infrastructure at one or more VCCS organizations (college/agency) from external and internal threats while supporting the overall VCCS Information Security Program. Serves as the Information Security Officer for one or more VCCS organizations and assists the college/agency administration in the planning, implementation, management and administration of their information security program.
KSA’s/Required Qualifications:
Comprehensive knowledge:
- Information security program development and management to include: risk identification and mitigation, security architecture, and compliance.
- Current trends and advancements in IT systems and enterprise wide security
- Implementation experience with commonly accepted industry standards and best practices, including ISO 27000, NIST publications, ISF Best Practices, etc.
- Some experience with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
- Demonstrated knowledge of IT Security and IT Audit concepts and techniques
- Comprehensive knowledge of VCCS and Virginia’s security standards
Considerable knowledge:
- Significant understanding and management capability related to the effective planning, implementation and maintenance of a highly technical and complex information technology infrastructure.
- Current trends and advancements in the security industry.
- Creating documentation (White papers, models, guidelines, user guides, procedures, test plans, implementation plans, etc.).
- Security and networking hardware and software evaluation.
Working knowledge:
- Internet, Intranet, Extranet, and Remote Access network design Standards and protocols.
- Directory Services Security automation
- Web services Implementation and SSL security
- ERP Applications (preferably Oracle/PeopleSoft).
Considerable skill:
- In all the items listed under comprehensive and considerable knowledge
Working skill:
- In all the items listed under working knowledge
Ability:
- To learn new things and to apply them when and where appropriate.
- Outstanding oral/written communication.
- Detail-oriented.
- To work on multiple tasks simultaneously.
- To apply general work experience to a task.
- To work independently or as part of a team.
- To work in stressful situations.
- To use logic to resolve complex problems.
- To communicate and work well with everyone from the highest levels of technical management to staff level.
- Ability to understand a technical environment, and plan accordingly.
- To find creative solutions to problems.
- To analyze user needs and solve problems.
- To be a self-starter and work independently.
- To use logic to resolve complex problems.
- Coordinate work of a team.
- To coordinate multiple projects and priorities.
Education:
- Excellent knowledge of cited functions and four-year degree in Computer Science, Information Management, or related field, or equivalent work experience is required.
- Higher education, governmental agency or corporate/industry information security experience.
- Previous experience as information security officer.
- Proven ability to define and develop solutions based on business requirements.
- Extensive experience working in Information Technology.
- Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of the Information Technology Services team and communicate information security-related concepts to a broad range of technical and non-technical staff.
Experience:
- Some experience with CISCO, Unix, Linux, and/or Windows platforms.
- Progressive experience in computing and information security, including experience with Internet technologies, wireless technologies, and security issues.
- Experience with disaster recovery planning and testing, auditing, risk analysis, and business continuity planning.
Preferred Qualifications:
Education
- An advanced degree in Information Management, Computer Science or related field.
- Higher education, governmental agency or corporate/industry information security experience highly preferred
Licensure or Certifications:
- CISSP, CISM, or other security certification/accreditation desirable.
To view the full job posting and apply, go to: https://jobs.vccs.edu/postings/61234
Virginia’s Community College System, an EEO employer, welcomes applications from people of all backgrounds and recognizes the benefits of a diverse workforce. Therefore, the VCCS is committed to providing a work environment free of discrimination and harassment. Employment decisions are based on business needs, job requirements and individual qualifications. We prohibit discrimination and harassment on the basis of race, color, religion, sex, national origin, age, sexual orientation, mental or physical disabilities, pregnancy, childbirth or related medical conditions, political affiliation, veteran status, gender identity, or other non-merit factors.