Liaison Chief Information Security Officer - 61049563

Job Responsibilities

Liaison Chief Information Security Officer

The Department of Administration, Division of Information Security (DIS) seeks an experienced Liaison Chief Information Security Officer (V-CISO) that specializes in IT risk and compliance management. You will serve as a liaison between DIS and your assigned agencies/agency. The majority of your time will be spent with your agency, and you will participate in a regular cadence with DIS. Your expertise will be leaned on by your assigned agency and you will be responsible for their implementation and maintenance of information security programs. A key portion of this role is dedicated to communicating security both at the division leadership level and throughout agency operations to facilitate adoption of security best practices. Now is an exciting time to join state government! We have prioritized maturing our security posture and look to lean on innovative thinkers to continue the evolution. We are service minded and believe our purpose is to protect our home state. If you are a forward-thinking security professional with an actionable mind set and want to make a difference, join DIS in leading that charge. You will have the opportunity to impact decisions, implement security practices and standards that will protect our SC state government agencies.

Responsibilities of the Liaison Chief Information Security Officer:

• Advise agency executive leadership and IT management on information security and privacy program requirements and direct the implementation of information security policies, processes, and procedures.

• Develop business metrics to measure the effectiveness of the security management program and increase the maturity of the program over time.

• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

• Determine acceptable levels of risk for the agency and manage a risk and incident response system that includes monitoring, evaluations, tests, audits, and mitigation strategies to reduce or eliminate identified vulnerabilities.

• Ensure all information owned, collected, or controlled by the agency is processed and stored in accordance with applicable laws and requirements.

• Oversee the evaluation, selection, and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive. Control access to agency systems and data.

• Develop and implement a strategic long-term information security strategy and road map to ensure information assets.

• Develop up-to-date information security policies, procedures, standards, and guidelines and oversee their approval, dissemination, and maintenance.

Minimum and Additional Requirements

• A bachelor's degree in computer science or relate field and at least eight (8) years of experience in information security, four (4) of which are in a leadership role.

• Relevant experience may be substituted for the bachelor's degree on a year-for-year basis.

• Candidate must be eligible to obtain and retain a Secret or higher security clearance from appropriate federal authorities.

Additional Requirements:

• Expert level knowledge of security administration for various operating systems and software.

• Knowledge of security, privacy, risk, and control frameworks and standards such as NIST, CIS, CJIS, HIPAA, FERPA, PCI.

• Expert analytical problem-solving skills and ability to develop project plans for information security systems.

• Expert knowledge and understanding of information risk concepts and principles, and ability to relate business needs and security controls.

• Expert ability to document and present security findings clearly and logically.

• Ability to explain information security concepts to audiences outside the field and to executive-level staff.

• Knowledge of South Carolina state government procedures and processes. Knowledge of South Carolina state procurement and contracting principles.

• Experience with contract and vendor negotiations.

• Professional certifications such as CISSP, CISM, GIAC, CIPM, CIPP.

Applicants indicating college credit or degree(s) on the application will be required to bring a copy of college transcript to the interview. A copy of the transcript may also be uploaded as an attachment to the application, if required by the hiring department or if desired by the applicant. Please note that some areas of the Department may require an official, certified copy of the transcript prior to hiring or within a specific timeframe required by that area, after hiring. Failure to produce an official, certified transcript may result in not being hired or termination.

Additional Comments

The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.

Supplemental questions are considered part of your official application. Any misrepresentation will result in your disqualification from employment. Please complete the state application to include all current and previous work history and education. A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.

The South Carolina Department of Administration offers an exceptional benefits package for full time (FTE) employees:

• Health, dental, vision, long-term disability, and life insurance for employees, spouse, and children. Click here for additional information.

• 15 days annual (vacation) leave per year

• 15 days sick leave per year

• 13 paid holidays

• Paid parental leave

• S.C. Deferred Compensation Program available (S.C. Deferred Compensation)

• Retirement benefit choices *

• State Retirement Plan (SCRS)

• State Optional Retirement Program (State ORP)

• Enrollment in one of the listed plans is required for all FTE employees; please refer to the contribution section of hyperlinked retirement sites for the current contribution rate of gross pay.