Georgia Gwinnett College has flagged the Information Security Administrator job as unavailable. Let’s keep looking.

The Georgia Department of Driver Services (DDS) is seeking a hands-on Information Security Officer (ISO) to maintain, develop, and implement DDS system security policies, plans and procedures, oversee audits, security assessments and address all security incidents. The ISO manages the DDS Information Technology Section and a team of system administrators and security analysts. The ISO ensures that DDS maintains the highest level of security standards, best practices, and system architecture. The position is responsible for the implementation of processes and methods that ensure that data entrusted to DDS is maintained in a safe and secure manner. The position is also responsible for managing and directing all Information Technology audits and addressing non-compliance to security standards and facilitating migration of non-compliance to compliance. The ISO conducts research to ensure the agency maintains compliance with standards and current industry security best practices. The ISO manages and participates in the planning and implementation of security administration for all IT projects and is responsible for the evaluation and selection of security applications and systems. The ISO is responsible for making recommendations and assisting in the implementation of changes to work processes and procedures to make them more effective in strengthening security.

JOB FUNCTIONS:

  • Design and develop the vision, charter and road map for the Security best practices, standards, principles, and functions.
  • Lead and manage Information Security strategic, operational projects and key initiatives.
  • Define and maintain Security policies and procedures and drive continuous improvement.
  • Track and provide reporting on Security key performance indicators and operational metrics.
  • Responsible for organizational planning, budget planning and analysis, and strategic vision for DDS Information Security.
  • Manage and continue to build with identified skills to enhance security posture.
  • Develop, manage, and enhance the IT Security and Risk programs to protect DDS systems, data, and customers
  • Oversee and direct the internal and external security audits as necessary. These areas include PCI, Social Security Administration, GOA, DOAA, Pen Tests, and various other annual audits conducted within DDS operations.
  • Ensures information security controls, capabilities, and best practices are integrated DDS Systems
  • Provides information security capabilities, oversight, and consulting for all DDS business units such as GRC, security scanning, pen testing, and information security consultations.
  • Perform information security risk assessments including security architecture assessment and threat modeling of applications and IT systems throughout the SDLC/Agile/Iterative lifecycle
  • Manage and maintain the current IT security team and responsibilities. Lead teams responsible for information security governance, executing security initiatives, risk, and compliance; cybersecurity operations; information security technology; managed security services; and incident response and recovery.
  • Ensure compliance with relevant regulations and standards. Ensure all technologies and processes meet minimum security practices based on NIST, ISO, and other security standards as required.
  • Develop and publish security awareness notices for staff awareness and continued education
  • Maintain and distribute risk based KPIs
  • Report the agency’s overall security posture and issues to executives and senior management
  • Report Information security issues to IT with appropriate recommendations in line with DDS Information security policies/standards to mitigate and/or remediate the risk as well as assist IT as required
  • Collaborate with other department heads to integrate cybersecurity best practices into the organization's overall operations.
  • Oversee the development and implementation of incident response plans and protocols.
  • Identify new and relevant cybersecurity threats and trends and raise awareness across the agency, partners, and customers. Develop and improve the agency’s security awareness and knowledge including communication and testing of the agency’s incident response plans and exercises.

Competencies Needed:

  • Excellent analytical, organizational and documentation skills
  • Influential leader who can serve as an effective member of the management team and who can communicate security-related concepts to a broad range of technical and non-technical staff
  • Practical experience with penetration and vulnerability scanning and auditing tools
  • Experience with cloud security best practices.
  • Knowledge of NIST 800-53, PCI and HIPPA
  • Broad understanding of information security tools and technologies and their applications.
  • Must possess excellent communication, analytical, managerial, and organizational skills.

Minimum Qualifications:

Master's degree in Information Assurance or Cybersecurity AND Must hold or be able to qualify for a US Department of Homeland Security (DHS) clearance

OR

BS/BA degree in Computer Science/ Information Technology/ Information Security or related field or equivalent experience

AND

Four years of proven experience and demonstrated success in technology leadership with an emphasis on information security and data governance.

AND

Currently holds an advanced level cyber certification per state guidelines or achieves within 12 months of start date: (CISA, CISM, CISSP, GSLC, or C) ISSO)

AND

Must hold or be able to qualify for a US Department of Homeland Security (DHS) clearance.

Preferred Qualifications: Preference will be given to those applicants who, in addition to meeting the minimum qualifications, also meet two (2) or more of the following:

CISM certification

CISS certification

CRISC certification

Five years of experience supporting security architectures and applying security best practices

Experience defining vendor requirements, vendor evaluation and selection, and vendor management.

Experience managing and reporting on strategic technology initiatives.

Experience managing operational performance and driving continuous improvement.

Expert understanding of state and federal information security and privacy regulations, requirements, and best practices.

Applicant Instructions

Eligible applicants may apply at https://careers.georgia.gov

If you are having issues with your profile or application, contact the Taleo Helpdesk at 1-877-318-2772 or HRA@doas.ga.gov.

Application materials should be filled out carefully and completely. An incomplete application/online resume or an application/online resume with insufficient information may result in an applicant not being considered for a vacancy. Describe your employment background in full.

Preference will be given to applicants who, in addition to meeting the minimum qualifications, possess two or more of the Preferred Qualifications.

All resumes will be reviewed and considered, however, all applicants may not be interviewed. 

Due to the large volume of applications received by this office, we are unable to provide information on your application status over the telephone. Applicants can log back into your profile and see the status of each of the applications you have submitted.

DDS employees, in the event of an identified emergency, may be required as a term and condition of employment, to assist in meeting the emergency responsibilities of the Department. In addition, in an emergency, they may be required to perform responsibilities that are not regularly assigned to them to continue the operations of the agency.

NOTE: Information in this announcement is subject to change. This announcement is subject to close at any time.

Additional Information

  • Agency Logo:
  • Requisition ID: INF02ES
  • Number of Openings: 1
  • Advertised Salary: $94,400 -$100,000
  • Shift: Day Job
Read Full Description
Confirmed 10 hours ago. Posted 9 days ago.

Discover Similar Jobs

Suggested Articles