It Professional - Information Security

Job Overview

Information Technology (IT) Professionals analyze, develop, implement, maintain, and modify computer operations, systems, networks, databases, applications, and/or information security.

• Bachelor's degree in computer science, management information systems, or closely related field and five years of professional IT experience, including systems administration, network administration, database administration, applications analysis and development, and/or information security; two years of which were at the advanced journey level or in a supervisory or project management capacity.
• Bachelor's degree in computer science, management information systems, or closely related field and five years of professional IT experience, including systems administration, network administration, database administration, applications analysis and development, and/or information security; two years of which were at the journey level in information security.
• Two years of relevant experience as an IT Professional III in Nevada State service.
• An equivalent combination of education and experience as described above.

• Design, research, develop, implement, audit, test, and report on the Department’s information security program.
• Coordinate the development of departmental information security policies, standards, and procedures.
• Plan and implement information security initiatives at the functional, project, or program level.
• Coordinate efforts with members of the technical teams in the Office of the CIO Division and with non‑GTO departments and divisions as required.
• Interact with internal and external management and technical levels to provide guidance and direction regarding the interpretation of information security policies, standards, and procedures.
• Use and develop solutions, addressing the applicability of solutions to security advisories, vulnerabilities, or deficiencies.
• Navigate conflict and provide sensible direction.
• Understand, interpret, apply, and demonstrate compliance with security controls from multiple industry and Federal regulatory frameworks (CIS, CJIS, HIPAA, FISMA, FIRPA, MARS‑E, IRS, SSA, OCSE, NIST) and facilitate, coordinate, participate in, and report on audit activities involving Governors Technology Office, Department of Administration, and/or its divisions.
• Develop and administer the security awareness program for all employees and contractors of the Departments, Divisions, and offices within purview.
• Recurrently report current state, projections, and progress of the information security program to all levels of management.

• Working knowledge of current principles, theories, practices and procedures related to information security management.
• Five of the ten information security domains.
• General‑purpose security controls.
• Current information security trends and technologies.
• Strategic planning and project management at the division/work unit level.
• Policy development and implementation.
• Methods and techniques used to safeguard against accidental or unauthorized modification, destruction or disclosure of data to meet security needs.
• Interagency business practices and principles.

• Identify complex information security risks, vulnerabilities and problems; select the best mitigation actions.
• Assess the security and/or vulnerability of information assets to assist in developing a risk assessment of multiple security domains.
• Assess costs and present alternatives for the assigned area of responsibility.
• Analyze data, solve problems and make appropriate decisions within five of the ten domains.
• Design appropriate solutions to complex security problems.

Incumbent(s) will be expected to have knowledge, skills and abilities from a previous level.

RECRUITER CONTACT INFORMATION:
Jon Terrazas at j.terrazas.gov