Engineer the Quantum RevolutionYour expertise can help us shape the future of quantum computing at Oxford Ionics.

View Open Roles

Information Security Officer

Commonwealth of Virginia
Derbyshire
1 month ago
Applications closed

Related Jobs

View all jobs

Information Security Officer

Information Security Officer

Information Security Officer

Information Security Officer #00515

Chief Information Security Officer

Senior Information Security Officer

Title:Information Security Officer

Agency:VCCS-System Office

Location:Chesterfield - 041

FLSA:Exempt

Hiring Range:$80,000 - $100,000

Full Time or Part Time:Full Time


Job Description:


Virginia's community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwealth’s economy. When Virginia’s General Assembly established the Virginia Community College System in 1966, the need for a comprehensive system was well known. Over the two decades after the end of World War II, leaders in government, business, professional sectors, and academia had called for a new approach to providing educational opportunity. A key concern was Virginia's ability to develop a skilled and knowledgeable workforce to expand the state's economy. Today our community colleges give every Virginian the opportunity to gain a quality education. With 23 colleges on 40 campuses located throughout the state, Virginia's Community Colleges are committed to serving Virginia families, helping them acquire the knowledge and skills to seize the opportunities of today and tomorrow.

The Information Security Officer provides guidance and oversight for information security activities necessary to secure and protect information resources and technology infrastructure at one or more VCCS organizations (college/agency) from external and internal threats while supporting the overall VCCS Information Security Program.

The position serves as the Information Security Officer for one or more VCCS organizations and assists the college/agency administration in the planning, implementation, management and administration of their information security program.

The position will develop and advise college staff on security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure; address issues and matters specific to information security and their impact on telecommunications and computing areas such as voice, data, and video; desktops and servers; and general computing applications and services; provide analyses and reports to college management on the development and implementation of security controls necessary to address information security risks; confer with college/agency management, technical staff, system/data owners, auditors, security officers, and other personnel to plan and implement the college/agency information security program as outlined in the VCCS Memorandum of Understanding for Information Security Shared Services (ISSS).
Minimum Qualifications:


Required:
Ability to meet the requirements to obtain and maintain the VCCS ISO certification as outlined below:A. Graduation from an accredited Cybersecurity Degree program; orB. Has obtained and maintained any advanced information security certification listed below:• ISACA Certified Information Systems Auditor (CISA)• ISACA Certified Information Systems Manager (CISM)• ISACA Certified in Risk and Information Systems Control (CRISC)• ISC2 Certified Information Systems Security Professional (CISSP)• ISC2 Governance, Risk and Compliance Certification (CGRC)• GIAC Security Leadership (GSLC)• GIAC Information Security Professional Certification (GISP); orC. Previously met all requirements for the Commonwealth Certified Information Security Officer position with another Commonwealth of Virginia agency; orD. Served in the role of Information Security Officer for a minimum of five years.

KSA's:
Comprehensive knowledge:
• Information security program development and management to include: risk identification and mitigation, security architecture, and compliance.
• Current trends and advancements in IT systems and enterprise wide security
• Implementation experience with commonly accepted industry standards and best practices, including ISO 27000, NIST publications, ISF Best Practices, etc.
�� Some experience with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
• Demonstrated knowledge of IT Security and IT Audit concepts and techniques
• Comprehensive knowledge of VCCS and Virginia’s security standards
Considerable knowledge:
• Significant understanding and management capability related to the effective planning, implementation and maintenance of a highly technical and complex information technology infrastructure.
• Current trends and advancements in the security industry.
• Creating documentation (White papers, models, guidelines, user guides, procedures, test plans, implementation plans, etc.).
• Security and networking hardware and software evaluation.
Working knowledge:
• Internet, Intranet, Extranet, and Remote Access network design Standards and protocols.
• Directory Services Security automation
• Web services Implementation and SSL security
• ERP Applications (preferably Oracle/PeopleSoft).
Considerable skill:
• In all the items listed under comprehensive and considerable knowledge.
Working skill:
• In all the items listed under working knowledge.
Ability:
• To learn new things and to apply them when and where appropriate.
• Outstanding oral/written communication.
• Detail-oriented.
• To work on multiple tasks simultaneously.
• To apply general work experience to a task.
• To work independently or as part of a team.
• To work in stressful situations.
• To use logic to resolve complex problems.
• To communicate and work well with everyone from the highest levels of technical Management to staff level.
• Ability to understand a technical environment, and plan accordingly.
• To find creative solutions to problems.
• To analyze user needs and solve problems.
• To be a self-starter and work independently.
• To use logic to resolve complex problems.
• Coordinate work of a team.
• To coordinate multiple projects and priorities.


Additional Considerations:

CISSP, CISM, or other security certification/accreditation desirable.

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

The Future of Cybersecurity Jobs: Careers That Don’t Exist Yet

Cybersecurity has moved from a specialist concern to a national and global priority. Once seen as an IT issue, it is now a boardroom subject, a government responsibility, and a daily reality for individuals. With the increasing reliance on digital infrastructure, cloud platforms, and artificial intelligence, the risks posed by cyber threats have never been higher. The UK’s cybersecurity sector is thriving. It is home to thousands of companies offering defence services, penetration testing, encryption solutions, and critical infrastructure protection. Demand for cybersecurity skills continues to rise, with both the public and private sector investing heavily to defend against ransomware, nation-state cyber operations, and new forms of digital crime. Yet the industry is still at the beginning of its journey. The technologies that will define the next two decades—artificial intelligence, quantum computing, extended reality, and the Internet of Things—are only just starting to reshape cybersecurity. This means that many of the most important cybersecurity jobs of the future don’t even exist today. This article explores why new roles will emerge, what they might look like, how today’s jobs will evolve, why the UK is well-positioned to lead, and how professionals can prepare.

Seasonal Hiring Peaks for Cybersecurity Jobs: The Best Months to Apply & Why

The UK's cybersecurity sector has emerged as one of the most critical and lucrative technology markets, with roles spanning from security analysts to penetration testers and chief information security officers. With cybersecurity positions commanding salaries from £28,000 for junior security analysts to £140,000+ for senior security architects, understanding when organisations actively recruit can dramatically impact your career trajectory in this essential field. Unlike traditional IT sectors, cybersecurity hiring follows distinct patterns influenced by threat landscapes, regulatory compliance cycles, and incident response requirements. The sector's unique combination of perpetual threat evolution, regulatory pressures, and skills shortages creates predictable hiring windows that strategic professionals can leverage to advance their careers in protecting Britain's digital infrastructure. This comprehensive guide explores the optimal timing for cybersecurity job applications in the UK, examining how cyber threat cycles, compliance deadlines, and government initiatives influence recruitment patterns, and why strategic timing can determine whether you join a cutting-edge security consultancy or miss the opportunity to defend against tomorrow's cyber threats.

Pre-Employment Checks for Cyber Security Jobs: DBS, References & Right-to-Work and more Explained

The cyber security sector in the UK stands at the forefront of protecting national infrastructure, business operations, and personal data from increasingly sophisticated cyber threats. As organisations across all sectors recognise cyber security as a critical business function, employers are implementing the most rigorous pre-employment screening processes in the technology industry to ensure they recruit professionals capable of defending against advanced persistent threats and maintaining the highest standards of security and trustworthiness. Whether you're a penetration tester, security analyst, incident response specialist, or chief information security officer, understanding the comprehensive vetting requirements is essential for successfully advancing your career in this security-critical field. This detailed guide explores the extensive background checks and screening processes you'll encounter when applying for cyber security positions in the UK, from fundamental eligibility verification to the most stringent security clearance requirements and specialised threat intelligence assessments.