63117: Columbus, OH – IT – DAS – Mobile Specialist 2/MS2

Agency: Department of Admin Services Office of Information Technology
Job Classification: Mobile Specialist 2 / MS2 (ADS Security Lead)
NFP Rate: $117.92
Will Close to Submissions on: Tuesday, July 2nd at 10:00a
Interviews: Initial Phone screen followed by potential on-site interview
Duration: Start date targeted 8/5 with possible extensions
Right To Represent Must Be Included on Submission
Take note of close date on submissions- Withdrawn candidates will not be permitted to be replaced.

Security Lead for State of Ohio

InnovateOhio Platform Analytics and Data Sharing

Position Description:

InnovateOhio Platform Analytics and Data Sharing Information Security Officer

This person is responsible for leading the maintenance of a comprehensive information security and data privacy program working with the State’s InnovateOhio Platform Analytics and Data Sharing program team and integration partners.

The role will have multiple areas of focus. The primary focus will be daily security and privacy operations oversight and to enhance the architecture of the InnovateOhio Platform Analytics and Data Sharing program.  Focus will be on reviewing, recommending and approving system design to ensure security compliance, system security and privacy and integration with other enterprise systems. This includes policy development, security and privacy monitoring, and auditing the security operations of the InnovateOhio Platform Analytics and Data Sharing program. The candidate should possess knowledge and experience in “big data” enterprise security, Role Based Access Control, the principles of Least Privilege, Need to Know, and ensuring Confidentiality, Integrity, and Availability to reduce risk and enhance security and privacy.

("Big data" is a field that focuses on ways to analyze, systematically extract information from, or otherwise deal with data sets that are too large or complex to be dealt with by traditional data-processing application software.)

Duties and responsibilities:

  • Publish IT enterprise artifacts; formulate, recommend, and then implement security policies, procedures, standards, guidelines, best practices and position papers as they pertain to the InnovateOhio Platform Analytics and Data Sharing program and systems.
  • Serve as a consultant for overall planning and analysis of the security architecture of information systems. Provide technical advice and guidance to other members of the business partners, Office of Information Security & Privacy team and the CISO as well as to other IT managers and staff.
  • Conduct analysis of security events reported to the Office of Information Security & Privacy that pertain to identity authentication and its systems and data. Provide incident response support as needed.
  • Represent the Office of Information Security and Privacy at meetings with other governmental or agency officials.
  • Research security technologies, regulations, policies, and innovations which may be applicable to the program.
  • Oversee performance measurement for vendors information security program to ensure compliance with state and federal laws, regulations, and other requirements.
  • Contribute to the alignment of security governance with enterprise architecture governance and project and portfolio management (PPM).
  • Directly participate in information security short and long term planning processes.
  • Evaluate information security needs and research most difficult or complex information security problems (e.g. overall efficiency of information security controls; resource planning; coordination efforts with various agencies and contractors on the design and implementation of information security controls); evaluate hardware and software products, assist with the implementation of program security controls where appropriate.

Required qualifications:

  • A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience;
  • Experience with enterprise “Big Data” security best practices;
  • Experience with multi-factor authentication software;
  • At least 7 years of IT experience;
  • At least 5 years’ experience in IT security or Risk roles;
  • Excellent problem solving/analytical skills;
  • Excellent verbal and written communication skills;
  • Ability to organize and prioritize to meet established deadlines,
  • Ability to establish and communicate security concepts, risk, and controls;
  • Expert knowledge of security issues, techniques and implications across all existing IT infrastructure;
  • Knowledge of a security-specific architecture methodology;
  • Proven ability in security process and organizational design;
  • Other IT security related duties as assigned.

Desired qualifications:

  • Knowledge of current version of NIST 800-53 and NIST.SP.1500;
  • Knowledge of FERPA, HIPAA, CJIS, and IRS 1075
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials;
  • Experience with vendor management;
  • Experience with data center and cloud solutions;

 

 

Comments are closed.