Information Security Officer (00049)

Job Duties

Organizational Objective

The Department of Elections promotes and supports accurate, fair, open and secure elections for the citizens of the Commonwealth.

Elect ensures the proper administration of election laws, campaign finance disclosure compliance, and voter registration processes in the state by promulgating rules, regulations, issuing instructions, and providing information to local Electoral Boards and general registrars.

The Department of Elections envisions a highly modern, efficient and professional electoral process that is trustworthy and accountable at all levels and engages Virginia’s diverse citizenry in the most fundamental right in a democratic society : the right to vote.

About the Position

The Information Security Officer leads ELECT’s Information Security Program to ensure ELECT Systems remain confidential, integrity is maintained, and ELECT systems remain available for all users.

Ensures ELECT systems meet federal, Commonwealth of Virginia and agency security standards. The position will work with ELECT development teams, network service providers and security staff of the Commonwealth of Virginia to ensure security requirements are included in SDLC activities.

Responsible for creating and maintaining security policies, artifacts, tracking vulnerability remediation and updating system security plans to meet changing business, security, and technology requirements.

Responsible for implementing and monitoring security controls for ELECT’s information technology systems.

Work will involve providing solutions to secure ELECTS’s electronic information and providing technical expertise in the selection, installation, configuration, testing and implementation of security technology.

Work will also involve leading the Information Systems Security program to protect electronic information from unauthorized users, intrusions, or other security threats, participating as a security subject matter expert for information technology projects, overseeing security investigations and recommending and implementing corrective actions;

ensuring compliance with state and federal security regulations; and assisting with the development and delivery of ELECT's security awareness training program.

Minimum Qualifications

• Demonstrated ability to manage the agency's Information Security Program based on the Commonwealth's security standard.
• Extensive knowledge of the Commonwealth security standards including but not limited to Commonwealth of Virginia SEC530.
• Comprehensive knowledge of security principles, policies, procedures, risk management and internal controls in a technology environment.
• Ability to serve as a liaison between the agency, VITA, and outside technical experts as required.
• Ability to translate and understand federal, state and agency laws, regulations, standards and policies and their effects on information security.
• Knowledge of security in government and experience with the NIST standards for security.
• Ability to assess and document risk to agency IT systems and data.
• Ability to create and manage the disaster recovery preparedness program.
• Ability to provide technical direction, training and assistance to technology staff related to security features and requirements for development and the infrastructure
• Ability to analyze, evaluate and recommend security solutions for business and technical requirements.
• Extensive knowledge of Internet, intranet, networking security requirements and security vulnerabilities.
• Ability to communicate effectively both verbally and in writing.
• Demonstrated ability to organize and prioritize work in a team environment and individually while providing exceptional customer service.
• Experience developing and maintaining a security program compliant with the standards of the

Commonwealth of Virginia.

• Experience developing and maintaining Business Impact Analysis, Risk Assessments, system Security Plans, and Disaster Recovery Plans.
• Experience developing and maintaining agency policies related to security and technology.
• Experience managing a Security Awareness Training Program.
• Experience identifying technical security vulnerabilities and risk and ability to solve technical and security problems.
• Considerable experience in information technology, information security, and the development process.
• Experience with firewall technologies, authentication, and authorization methods, and deploying, securing, and managing certificate authorities

Additional Considerations

Experience in compliance or information security within the Commonwealth of Virginia preferred. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.

Special Instructions

You will be provided a confirmation of receipt when your application and / or résumé is submitted successfully. Please refer to Your Application in your account to check the status of your application for this position.

The Virginia Department of Elections is an equal opportunity employer, committed to diversity in the workplace. We do not discriminate on the basis of race, religion, color, sex, age, national origin or disability.

Applicants who need accommodations for an interview should request this in advance by emailing ov. AmeriCorps, Peace Corps, and other National Service Alumni are encouraged to apply."

The selected candidate will have to complete a fingerprint based background check. Must have or be able to obtain a valid driver’s license.

State employees who have been affected by Policy 1.30 Layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card) must submit the card BEFORE the closing date for this position.

The card may be scanned and attached to the application or faxed to (804) 371-7401. Please include your name and the position number on the fax cover.

Contact Information

Name : Debbie Wyatt-Smith

Phone : 804-225-2007

Email : Debbie. Wyatt-ov

In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process.

To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI).

Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS / DBVI to get their AHP Letter.