Title: Deputy CISO, Finance Lead
State Role Title: Information Technology Manager II
Hiring Range: $190,000 - $210,000
Pay Band: 7
Agency: VA Information Tech Agency
Location: Richmond, Virginia
Agency Website: vita.virginia.gov
Recruitment Type: General Public - G
Job Duties
The Deputy CISO, Finance Lead is responsible for establishing, directing and maintaining the vision, strategy, and program for information security of the Finance Executive Agencies to protect critical information assets and technologies. The Deputy CISO Finance Lead will be matrixed to the Secretary of Finance in order to coordinate efforts across the Finance Executive Agencies with input from Finance Independent Agencies and other Commonwealth Agencies. The Finance Security Leader will interface regularly with the Commonwealth Chief Information Security Officer in the Virginia Information Technologies Agency (VITA) to ensure that relevant Commonwealth’s Information Security Policies and Programs are implemented.
The Security Leader will direct Finance agency cybersecurity staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) security risks. They will respond to incidents, establish appropriate standards and controls, direct efforts to implement new security processes and technologies in the Finance Executive Agencies, support Finance Executive Agencies’ adoption of VITA technologies and services, and direct the establishment and implementation of policies and procedures in alignment with Commonwealth policies and standards.
Key Responsibilities:
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
- Provide leadership to the enterprise's information security organization.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Chairs Finance Cyber Executive Oversight Committee.
- Accountable for ensuring new initiatives are executed and oversee execution.
- Approves master project plans, execution plans, change management strategy and operations (including security program solutioning and budget estimation) relative to Finance Agencies.
- Conducts stage gate reviews of key project milestones.
- Coordinates with VITA and Agencies on the completion of assigned tasks.
- Maintains Finance Agencies risk register, communicates risks to Secretary of Finance, and facilitates risk treatment and mitigation decisions.
- Partner with VITA on Agency risks and mitigation plans.
- Works closely with Finance Agency ISOs in addressing risks for which agencies are accountable for mitigating
Minimum Qualifications
Extensive IT and business/banking/audit industry work experience, with leadership experience in managing multiple, large, cross-functional teams or projects, and influencing senior-level management and key stakeholders.
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
Experience working with and applying NIST-based security standards including NIST 800.53.
Good working knowledge of current IT risks and experience implementing security solutions.
Experience in planning, organizing, and developing IT security and facility security system technologies.
Experience with contract and vendor negotiations and management including managed services.
Excellent written and verbal communication skills, interpersonal and collaborative skills.
Ability to communicate security and risk-related concepts to technical and nontechnical audiences
Additional Considerations
Special Instructions
This position is posted Open Until Filled. The position may close at any time when a suitable pool of qualified applicants has been received.
You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to “Your Application” in your account to check the status of your application for this position.
This position is eligible for one (1) day telework.
Applicants must consent to a fingerprint background check.
State applications and/or resumes will only be accepted as submitted online by 11:55 p.m. on the closing date through the state applicant tracking system. We will not accept applications, resumes, cover letters, etc. in any other format. Please refer to “Your Application” in your PageUp account to check the status of your application for this position. The decision to interview an applicant is based on the information provided in the application and/or resume.
Reasonable accommodations are available to persons with disabilities during the application and/or interview processes per the Americans with Disabilities Act.
VITA is a “Virginia Values Veterans” (V3) official certified state agency that provides hiring preference to Veterans and Members of the Virginia National Guard in support of Executive Order 29, (2010). If you are a Veteran or Virginia National Guard Member, we encourage you to apply and receive preference in the hiring process. AmeriCorps, Peace Corps and other national service alumni also are encouraged to apply.
Contact Information
Name: VITA Human Resources
Email: VITAhr@vita.virginia.gov
In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.