Overview
Remote
On Site
USD 174,447.00 - 190,000.00 per year
Full Time
Skills
UG
Recruiting
Investments
Information Security
Policies and Procedures
Project Management
Change Management
Systems Analysis/design
System Security
Counterintelligence
Collaboration
Procurement
Analytics
Fraud
Penetration Testing
Risk Assessment
Security Operations
Reporting
Business Continuity Planning
Disaster Recovery
IT Management
Security Awareness
Training
ISO 9000
Regulatory Compliance
Computer Science
IT Security
Supervision
Software Development
Business-to-business
Retail
Firewall
Intrusion Detection
Computer Networking
End-user Computing
Virtualization
Microsoft Technologies
Cloud Computing
Customer Relationship Management (CRM)
Coaching
Writing
Management
Technical Writing
Job Details
Title: Deputy Chief Information Security Officer (Hybrid Work Schedule)
State Role Title: Technology
Hiring Range: $174,447 - $190,000
Pay Band: UG
Agency: Virginia Retirement System
Location:Virginia Retirement System
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
The Virginia Retirement System (VRS) is seeking a Deputy Chief Information Security Officer to direct and oversee the technology security operations program for the Investments organization within VRS, focusing on efforts to assure their security program allows their team to function with specific policies, procedures, and controls matched to their requirements.
Under the direction of the Chief Information Security Officer (CISO) this position will serve as a key advisor across the enterprise, including identifying key corporate security initiatives and standards. This position provides subject matter expertise to the VRS security staff developing and implementing technology that will protect the confidentiality, integrity and availability of VRS IT systems and data from unauthorized access and intrusion attempts. In concert with the CISO, this position ensures Technology Security Services staff act as expert resources for the agency and analyzes business needs for the purpose of providing enhanced security solutions and to support agency goals. Additionally, this position will develop and direct all counter-intelligence operations in coordination with Satte and Federal authorities and collaborates with the agency Information Security Officer (ISO) to ensure timely reports to VITA and reconciliation of identified compliance gaps.
Essential functions include but are not limited to:
Assists CISO with overseeing the Enterprise information technology security program and operations.
Possesses and applies a broad range of advanced expertise of technology and security principles, best practices, policies and procedures to direct other technology staff in the completion of difficult and complex assignments crossing multiple functional areas.
Coordinates and provides senior level technical guidance to security staff.
Assists CISO and CTSO and other technology managers in project selection and scoping, project management, change management, technology evaluations and planning, procurements, and integration of various technologies for VRS.
Mentors, and directs other technical staff with project selection and scoping, project management, change management, technology evaluations and planning, procurements, best practices and approaches for secure analysis/design, and integration of various technologies for VRS as required.
Ensures that all components of the program work collaboratively to protect VRS data and systems and evolve as necessary to address emerging threats.
Verifies all sensitive systems have documented/approved system security plans.
Establishes the CRS counterintelligence program in concert with Local, State, and Federal Authorities
Coordinates with the CISO and the ISO to ensure all VITA standards and expectations are operationalized.
Manages all outsourced contracts in collaboration with the CISO, and ensures that procurement policies are updated and followed.
With the CISO verifies VRS policies align with Commonwealth of Virginia's security policies and standards.
Collaborates with the CISO and engages with the agency's cyber fraud analytics program to ensure fraud prevention and detection.
Actively assists the CISO and the CTSO in leading the office and ensuring that technology and security is proactively applied to solve business problems and achieve business goals.
Ensures that staff are focused on all aspects of security, especially protection of sensitive customer information.
Oversees physical and logical building security.
Stays abreast of security vulnerabilities, risk assessments and investigates suspicious activity. Monitors advancements in hacking/anti-hacking and other security technologies.
Oversees, coordinates, and performs penetration testing and vulnerability risk assessments internally, externally and with third party business partners.
Maintains 24x7x365 Security Operations Center functionality monitoring, reporting and responding to incidents.
Collaborates with various auditors to remediate, respond, and coordinate responses to potential findings or observations.
Directs and oversees business continuity planning, disaster recovery; exercising each plan, updating, and modifying with each business partner to ensure positive outcomes.
Works collaboratively with technology management peers to ensure security is appropriately included in all development and maintenance activities.
Provides input and review of material for security awareness program and training; reviews training material to ensure consistency with agency operations and serves as a subject matter expert to deliver components of in person activities.
Implements and maintains a program of preventative, detective and corrective controls; collaborates with agency ISO to ensure timely reconciliation of identified compliance gaps.
Minimum Qualifications
Bachelor's degree in Computer Science or a closely related field.
Ten (10) years of experience in information technology security including 2 years of supervisory or lead experience or an equivalent combination of education and experience.
Extensive specialized knowledge and expertise in IS tools, technologies, and techniques that can be applied to lead other staff to accomplish agency goals in a timely manner, with outstanding quality.
Commercial software development environment servicing B2B and B2C.
Technology experience with firewalls, intrusion detection, end-point protection, data networking, end user computing, virtualization, Microsoft technologies, and private/public cloud computing.
Additional Considerations
Proven ability in building highly productive teams. Proven ability to effectively build and sustain positive customer relationships and lead technical staff through substantial change.
Demonstrated ability to:
Direct a highly complex security operation
Ascertain and meet customer expectations
Work effectively and independently in a fast paced team environment where priorities can rapidly change
Solve the most complex problems through discovery and analysis with minimal guidance
Prioritize own work activities with minimal guidance and coaching
Complete complex projects independently with minimal oversight and direction
Manage competing priorities to meet goals
Learn new technologies and assist others in learning new technologies
Prioritize own work activities with minimal guidance and coaching
Communicate effectively orally and in writing
Develop and execute detailed and accurate work plans and appropriately communicate work plan risks and impacts to management
Provide, maintain and follow technical documentation
Special Instructions
Currently, VRS' security team operates on a hybrid work schedule. The DCISO is expected to be onsite with the security team on designated days and at the discretion of the CISO when required.
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
Contact Information
Name: Human Resources
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title: Technology
Hiring Range: $174,447 - $190,000
Pay Band: UG
Agency: Virginia Retirement System
Location:Virginia Retirement System
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
The Virginia Retirement System (VRS) is seeking a Deputy Chief Information Security Officer to direct and oversee the technology security operations program for the Investments organization within VRS, focusing on efforts to assure their security program allows their team to function with specific policies, procedures, and controls matched to their requirements.
Under the direction of the Chief Information Security Officer (CISO) this position will serve as a key advisor across the enterprise, including identifying key corporate security initiatives and standards. This position provides subject matter expertise to the VRS security staff developing and implementing technology that will protect the confidentiality, integrity and availability of VRS IT systems and data from unauthorized access and intrusion attempts. In concert with the CISO, this position ensures Technology Security Services staff act as expert resources for the agency and analyzes business needs for the purpose of providing enhanced security solutions and to support agency goals. Additionally, this position will develop and direct all counter-intelligence operations in coordination with Satte and Federal authorities and collaborates with the agency Information Security Officer (ISO) to ensure timely reports to VITA and reconciliation of identified compliance gaps.
Essential functions include but are not limited to:
Assists CISO with overseeing the Enterprise information technology security program and operations.
Possesses and applies a broad range of advanced expertise of technology and security principles, best practices, policies and procedures to direct other technology staff in the completion of difficult and complex assignments crossing multiple functional areas.
Coordinates and provides senior level technical guidance to security staff.
Assists CISO and CTSO and other technology managers in project selection and scoping, project management, change management, technology evaluations and planning, procurements, and integration of various technologies for VRS.
Mentors, and directs other technical staff with project selection and scoping, project management, change management, technology evaluations and planning, procurements, best practices and approaches for secure analysis/design, and integration of various technologies for VRS as required.
Ensures that all components of the program work collaboratively to protect VRS data and systems and evolve as necessary to address emerging threats.
Verifies all sensitive systems have documented/approved system security plans.
Establishes the CRS counterintelligence program in concert with Local, State, and Federal Authorities
Coordinates with the CISO and the ISO to ensure all VITA standards and expectations are operationalized.
Manages all outsourced contracts in collaboration with the CISO, and ensures that procurement policies are updated and followed.
With the CISO verifies VRS policies align with Commonwealth of Virginia's security policies and standards.
Collaborates with the CISO and engages with the agency's cyber fraud analytics program to ensure fraud prevention and detection.
Actively assists the CISO and the CTSO in leading the office and ensuring that technology and security is proactively applied to solve business problems and achieve business goals.
Ensures that staff are focused on all aspects of security, especially protection of sensitive customer information.
Oversees physical and logical building security.
Stays abreast of security vulnerabilities, risk assessments and investigates suspicious activity. Monitors advancements in hacking/anti-hacking and other security technologies.
Oversees, coordinates, and performs penetration testing and vulnerability risk assessments internally, externally and with third party business partners.
Maintains 24x7x365 Security Operations Center functionality monitoring, reporting and responding to incidents.
Collaborates with various auditors to remediate, respond, and coordinate responses to potential findings or observations.
Directs and oversees business continuity planning, disaster recovery; exercising each plan, updating, and modifying with each business partner to ensure positive outcomes.
Works collaboratively with technology management peers to ensure security is appropriately included in all development and maintenance activities.
Provides input and review of material for security awareness program and training; reviews training material to ensure consistency with agency operations and serves as a subject matter expert to deliver components of in person activities.
Implements and maintains a program of preventative, detective and corrective controls; collaborates with agency ISO to ensure timely reconciliation of identified compliance gaps.
Minimum Qualifications
Bachelor's degree in Computer Science or a closely related field.
Ten (10) years of experience in information technology security including 2 years of supervisory or lead experience or an equivalent combination of education and experience.
Extensive specialized knowledge and expertise in IS tools, technologies, and techniques that can be applied to lead other staff to accomplish agency goals in a timely manner, with outstanding quality.
Commercial software development environment servicing B2B and B2C.
Technology experience with firewalls, intrusion detection, end-point protection, data networking, end user computing, virtualization, Microsoft technologies, and private/public cloud computing.
Additional Considerations
Proven ability in building highly productive teams. Proven ability to effectively build and sustain positive customer relationships and lead technical staff through substantial change.
Demonstrated ability to:
Direct a highly complex security operation
Ascertain and meet customer expectations
Work effectively and independently in a fast paced team environment where priorities can rapidly change
Solve the most complex problems through discovery and analysis with minimal guidance
Prioritize own work activities with minimal guidance and coaching
Complete complex projects independently with minimal oversight and direction
Manage competing priorities to meet goals
Learn new technologies and assist others in learning new technologies
Prioritize own work activities with minimal guidance and coaching
Communicate effectively orally and in writing
Develop and execute detailed and accurate work plans and appropriately communicate work plan risks and impacts to management
Provide, maintain and follow technical documentation
Special Instructions
Currently, VRS' security team operates on a hybrid work schedule. The DCISO is expected to be onsite with the security team on designated days and at the discretion of the CISO when required.
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
Contact Information
Name: Human Resources
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.