Description

Responsibilities:

·Documentsprocesses and script narratives/executive summaries.

·CreateBusiness focused documentation for circulation among readers with varioustechnical understanding.

·Shareinsight of Security Architecture and IT Governance approaches andimplementation methodologies

·Researchand provide written guidance on alignment with security policies/standards.

·Performtasks related to Security Compliance and Control Evaluation, Risk analysis, andexception documentation.

·Collaboratewith Business areas and cross- functional Enterprise Architects to fullyunderstand business needs and provide strategic consultation on data securityand risk-averse implementation.

·Partnerwith architects, other technical team members and to develop roadmaps andstrategies to support agency KPIs

·Design/ImplementEnterprise Security/technology Patterns

·Consultwith teams as needed on initiatives and provide tactical direction as well asprovide architecture considerations on legacy solutions

·Researchand share finding of architecture governance, controls, and peer review processedwith regards to platform technology, security, and cloud.

Qualifications:

·Comprehensiveknowledge of Information Security principles; including information securitytrends, emerging technologies, best-practices, controls, models, architecture,etc.

·Practicalexperience with identity and access management, IT risk management, businesscontinuity and IT disaster recovery planning, security awareness education andtraining, security vulnerability management, and security incident management.

·Familiarity withthe Commonwealth of Virginia’s Information Security Standards and/or theNational Institute of Standards and Technology Publication NA0-53.

·Able tocommunicate effectively in writing and orally, exercise judgment, interpretlaws and policies, and maintain effective working relationships with a widevariety of individuals in both the public and private sectors

·Experience in monitoring ITenvironments for compliance with information security architecture policies andstandards.

·Substantial technicalexperience in 2 or more: Cloud-based technologies, Identity & AccessManagement, Vulnerability Management, firewalls, computer forensic techniques,databases, collaboration tools, web & mail services.

·Ability to provide inputand security direction for future designs, information security capabilities,and strategic technology alternatives.

·Excellent written and oralcommunication and presentation skills (possessing the ability to breakdowncomplex technical terms into everyday language).

·Demonstrated ability towork with broad cross-section of personal including all levels of managementand external entities such as VITA consultants and service providers to explainand security measures and collaborate and disseminate security relatedinformation in partnership with the Office of Information Security.

·Work experience in a fast-pacedenvironment and acquire new skills/knowledge to meet customer needs.

·Thorough understanding ofcustomers priorities and the business criticality of platforms, applicationsand services.

 

Required/Desired Skills

 

SkillRequired /DesiredAmount of Exp in Years Candidate Experience
Comprehensive knowledge of Information Security principles; including information security trends, emerging technologies, best-practices, controls,Required5 
Practical experience with identity and access management, IT risk management, business continuity and IT disaster recovery planningHighly desired5 
Knowledge of IT Security Governance and ComplianceRequired5 
Experience in business writing and presentingRequired5 
Educational or Career Experience in Cybersecurity, Government technology implementation, IT Governance or related field(s).Required4 


 

Education

Bachelor's degree