It Security Program Director

Location
Fairfax, Virginia
Salary
$94,050.94 - $156,750.67 Annually
Posted
Nov 13, 2021
Closes
Nov 27, 2021
Ref
21-02451
Industry
Security
Hours
Full Time
Job Announcement

These are incredibly exciting times at Fairfax County Government Department of Information Technology! We are driving unprecedented, progressive organizational change to create platforms for industry-leading innovations with the goal of delivering the best possible outcomes.

Join our team, drive the change, and make a difference! We are offering an exciting opportunity for a dynamic and innovative senior executive leader to join our team of IT professionals as the Information Security Office Director.

The position reports to, and serves as the “right hand” of the Chief Information Security Officer (CISO) and participates as a member of the agency leadership team to fulfill technology portfolio and agency objectives as established by the CIO and CISO. This senior leadership position is responsible and accountable for the core responsibilities related to the Security program and workforce management of agency technology architecture and quality assurance and manages operations, project management and development, providing operational and strategic direction. Under the counsel of the CISO, the position has authority and responsibility for the strategic direction of the IT security portfolio’s mission and the outcomes of portfolio performance.

  • Provides policy, leadership and direction, and serves as a key contributor to DIT’s strategy security initiatives regarding achieving mission goals;
  • Ensures that IT functions are integrated, prioritized and executed within agency priorities and allocated resources; and working closely with Infrastructure Director , Platform Directors, Deputy Directors, FIOA Office, CISO and CIO.
  • Providing leadership with a combination of functional expertise, leading people, and managing changes for a key portfolio of security activities
  • Accountability for the strategic planning, technology review, enterprise architecture, IT standards, customer engagement, modernization of existing technology, development and maintenance
  • Management of the software development, information services, web development, project development, quality management, and information security teams
  • Drives Information Security Compliance and Governance program
  • Provides oversight to Information Security access control systems, multifactor authentication and user provisioning/de-provisioning processes.
  • Develops and maintains a data inventory, conducts and oversees regular reviews and risk assessments.
  • Develops, implements and maintains the data security plan according to CISO guidance.
  • Works with Executive Leadership to understand audit findings and formulate responses; identifies gaps in management practices or information technology controls as it relates to audit requirements, state or federal regulatory compliance, or industry best practices.
  • Develops and maintains Information Security audit and compliance plans.
  • Maintains contact and coordination with internal/external audit and prepares responses to audit reports.
  • Provides guidance and risk assessments of new and existing solutions, services, and business processes.
  • Facilitates communication and collaboration with Privacy, Compliance, Legal and Risk Management Teams.
  • Develops and maintains formalized disaster recovery and business continuity plans for Information Security to support the needs of business operations.
  • Provides oversight to Data Loss Prevention (DLP) program under Information Security
  • Prepares presentations and maintains metrics on data inventory and audit for Executive Leadership.
  • Assists in development and training of users on Information Security policies.
  • Responsible for all duties as assigned by the CISO.


Employment Standards

MINIMUM QUALIFICATIONS:
Any combination of education, experience, and training equivalent to the following:
(Click on the aforementioned link to learn how Fairfax County interprets equivalencies for "Any combination, experience, and training equivalent to")
Graduation from an accredited four-year college or university with a bachelor's degree in a computer or information science discipline, IT/cyber security, network or IT systems administration, engineering; or a bachelor's degree in a business or related field that has been supplemented by at least 36 credit hours of intermediate computer science coursework; plus four years of experience in information security systems, network security, or cyber security.

NECESSARY SPECIAL REQUIREMENTS:
The appointee to this position will be required to complete a criminal background check and credit check to the satisfaction of the employer.

All newly hired employees are required to be fully vaccinated against COVID-19 (two weeks after the last required dose) as a condition of employment or obtain approval of a medical or religious exemption prior to their start date. Proof of an exemption or vaccination status will be required during the pre-employment onboarding process. New employees who obtain an exemption from the vaccine mandate for medical or sincerely held religious beliefs will still be subject to the weekly testing requirement. Vaccinated employees and employees with a medical or religious exemption will complete the attestation online on their first day of employment or shortly thereafter.

PREFERRED QUALIFICATIONS:
Advanced working knowledge of cyber and information security standards, frameworks, technologies, control strategies, compliance practices. Knowledge of and experience working with government and industry security standards and frameworks commonly used in government services industry, especially NIST SP800 series, FISMA, FedRAMP, ISO 2700x, and the NIST Cybersecurity Framework. Broad and deep knowledge of secure software development, networking, firewalls, load balancers, TCP/IP, web servers, REST APIs, and the other technical underpinnings of modern IT systems. Strong verbal and written communication skills. Excellent judgment and interpersonal skills and a high level of integrity. Experience preparing cyber presentations for all levels including C-level officers and Board members. Demonstrated leadership/supervisory experience.

PHYSICAL REQUIREMENTS:
Work is generally sedentary, performed in a normal office environment. All duties performed with or without reasonable accommodations. All duties performed with or without reasonable accommodations.

SELECTION PROCEDURE:
Panel interview and may include exercise.

Fairfax County Government prohibits discrimination on the basis of race, color, religion, national origin, sex, pregnancy, childbirth or related medical conditions, age, marital status, disability, sexual orientation, gender identity, genetics, political affiliation, or military status in the recruitment, selection, and hiring of its workforce.

Reasonable accommodations are available to persons with disabilities during application and/or interview processes per the Americans with Disabilities Act. Contact 703-324-4900 for assistance. TTY 703-222-7314. EEO/AA/TTY.

Similar jobs