Talent.com
Chief Information Security Officer
Chief Information Security OfficerVirginia Community College System • Richmond, VA, United States
Chief Information Security Officer

Chief Information Security Officer

Virginia Community College System • Richmond, VA, United States
9 days ago
Job type
  • Full-time
  • Part-time
Job description

Posting Details

Posting Summary

Working Title

Chief Information Security Officer

Role Title

12 month - Admin - Assoc Prof

Role Code

01125-SW

FLSA

Exempt

Pay Band

00

Position Number

261FA059

Agency

VCCS-System Office

Agency / Division

System Office (Div)

Work Location

Richmond (City) - 760

Hiring Range

$160,000 - $170,000

Emergency / Essential Personnel

Yes

EEO Category

A-Official or Administrator

Full Time or Part Time

Full Time

Does this position have telework options? -Telework options are subject to change based on business needs-

Yes

Does this position have a bilingual or multilingual skill requirement or preference?

No

Work Schedule

This is a full-time, 40 hours per week position, with additional hours required to address the organization's needs.

Sensitive Position

No

Job Description

Virginia's community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwealth's economy. When Virginia's General Assembly established the Virginia Community College System in 1966, the need for a comprehensive system was well known. Over the two decades after the end of World War II, leaders in government, business, professional sectors, and academia had called for a new approach to providing educational opportunity. A key concern was Virginia's ability to develop a skilled and knowledgeable workforce to expand the state's economy. Today our community colleges give every Virginian the opportunity to gain a quality education. With 23 colleges on 40 campuses located throughout the state, Virginia's Community Colleges are committed to serving Virginia families, helping them acquire the knowledge and skills to seize the opportunities of today and tomorrow.

The Chief Information Security Officer ( CISO ) role at VCCS offers a unique opportunity to lead and inspire a single comprehensive cybersecurity strategy across 23 community colleges and 2 support organizations, ensuring the protection of vital educational and institutional assets while fostering a culture of security and resilience. The CISO collaborates with AVC for infrastructure security engineers, policy development, incident response, and regulatory compliance efforts across VCCS's enterprise-wide IT infrastructure. The role includes oversight of security risk assessments, audit response, security architecture, third-party risk management, and emerging cybersecurity threats. Additionally, the CISO collaborates with the AVC for Applications and Integration Technologies to ensure that software applications and integrated data across systems are seamless and that operations are secure throughout the VCCS network.

The CISO is responsible for aligning VCCS security practices with :

  • NIST 800-53 and NIST Cybersecurity Framework ( CSF )
  • Center for Internet Security ( CIS ) Controls and Benchmarks
  • Commonwealth of Virginia Information Technology Agency ( VITA ) security policies
  • Higher education cybersecurity standards (e.g., EDUCAUSE , REN - ISAC )
  • Federal regulations, including FERPA , HIPAA , PCI - DSS , and GLBA compliance

The CISO supports the strategic direction established by the CIO , VCCS executive leadership, and relevant VCCS governance bodies. The role leads a team of staff members supporting cybersecurity responsibilities.

The role requires active collaboration with internal audit, college IT departments, faculty technology committees, and state cybersecurity leaders to strengthen security postures across the academic enterprise.

Special Assignments

May be required to perform other duties as assigned. May be required to assist the agency or state government generally in the event of an emergency declaration by the Governor.

KSA's / Required Qualifications

Education and Experience

  • Faculty Equivalent position requires a Master's degree. (preferred Computer Science, Cybersecurity, Information Security, or a related field required and experience in cybersecurity leadership).
  • CISSP , CISM , or CISA certification required.
  • Other IT certifications preferred : Security+, ITIL .

    • Experience

  • 10+ years of progressively responsible experience in cybersecurity leadership, security governance, enterprise risk management, IT security, IT infrastructure design and personnel management.
  • Proven experience leading enterprise cybersecurity programs in complex distributed organizations, including managing cybersecurity teams and supervising senior security professionals such as a Deputy CISO .
  • Higher education experience with understanding student data protection regulations and laws, academic IT security, research security concerns, and direct, hands-on experience managing and leading academic technology programs in higher education.
  • Experience managing large-scale cybersecurity programs in compliance with NIST , ISO 27001 (as we transition away from), and state IT security frameworks.
  • Hands-on experience with security engineering, SIEM solutions, IAM frameworks, and regulatory compliance.
  • Knowledge of Virginia IT Agency ( VITA ) governance structures and VITA security policies is preferred.

    • Knowledge

  • Cybersecurity Frameworks & Compliance : In-depth understanding of NIST 800-53, NIST Cybersecurity Framework ( CSF ), Center for Internet Security ( CIS ) Controls, ISO 27001 (as we transition away), PCI - DSS , FERPA , HIPAA , GLBA , and VITA security standards.
  • Center for Internet Security ( CIS ) Controls : Expertise in implementing CIS benchmarks and security controls to safeguard VCCS systems against cyber threats.

    • Enterprise Security Architecture : Knowledge of zero-trust security models, network segmentation, identity and access management ( IAM ), and cloud security best practices.

  • Cybersecurity vendors, products, and services : Knowledge of leading cybersecurity products and their potential role in a holistic cybersecurity architecture strategy.
  • Higher Education IT Security : Familiarity with academic IT environments, research security, student data protection ( FERPA compliance), and cybersecurity risks unique to educational institutions.
  • Threat Intelligence & Risk Management : Strong foundation in threat detection, risk assessment methodologies, vulnerability management, and incident response strategies.
  • IT Security Operations & Engineering : Experience with firewall management, SIEM platforms, endpoint protection, penetration testing, and data loss prevention ( DLP ) strategies.

    • Skills

  • Security Program Development : Ability to develop, implement, and maintain a system-wide cybersecurity strategy that aligns with VCCS IT governance, NIST guidelines, CIS controls, and state security mandates.
  • Regulatory Compliance & Audit Management : Strong experience in audit preparation, compliance tracking, and reporting to state ( VITA , JLARC , SCHEV ), federal, and accrediting bodies.
  • Technical Proficiency : Skilled in cloud security ( AWS , Azure, Google Cloud), virtualization, endpoint security, and hybrid infrastructure security.
  • Incident Response & Forensics : Proficient in developing incident response plans, leading forensic investigations, and ensuring rapid containment and remediation of security breaches.
  • Leadership & Team Development : Supervise, mentor, and provide professional development opportunities for the Deputy CISO and cybersecurity staff to build a high-performing security team. Foster a culture of continuous learning, leadership development, and succession planning to ensure long-term cybersecurity leadership continuity within VCCS .
  • Project & Vendor Management : Ability to assess, negotiate, and oversee security vendors, contracts, and technology procurements in compliance with state procurement policies.

    • Abilities

  • Strategic Thinking & Planning : Ability to align cybersecurity initiatives with VCCS's strategic IT objectives and statewide technology priorities.
  • Communication & Stakeholder Engagement : Capable of translating complex security concepts for executives, faculty, IT staff, and policymakers.
  • Cross-functional leadership : Proven ability to collaborate with college CIOs, faculty technology committees, and state agencies ( VITA , SCHEV ) to advance cybersecurity programs.
  • Crisis Management & Problem-Solving : Ability to make critical decisions in high-pressure situations and lead incident response efforts across multiple colleges.
  • Training & Awareness : Ability to design and deliver cybersecurity awareness programs, phishing simulations, and faculty / staff training.

    • Competencies

  • Communication : The ability to articulate thoughts and deliver information effectively using oral, written, visual, and non-verbal communication skills, as well as listening skills to gain understanding.
  • Coaching : The ability to facilitate skill development and improved performance by providing clear, specific feedback to others, understanding their goals, and working with them to achieve those goals.
  • Change Management : The ability to implement strategies for effecting change, delivering the message of change, and helping people adapt to change.
  • Managing Conflict : The ability to understand all sides of an issue, help others calmly move through emotional or tense situations, and achieve the best solution for everyone involved.
  • Performance Management : The ability to set realistic performance expectations, demonstrate awareness of others' work performance, provide regular feedback, and track performance progress.
  • Facilitating : The ability to impartially guide a group with an overall goal of reaching consensus, solving problems, or accomplishing tasks.
  • Diversity , Equity , and Inclusion : The ability to effectively manage and communicate across differences, identify and address barriers, and foster an inclusive, equitable work environment.
  • Critical Thinking : The ability to carefully consider multiple pieces of information, from a variety of sources and perspectives, to integrate into a rational and beneficial solution.
  • Interpersonal Skills : The ability to interact with others in a mutually respectful, genuine, direct, and supportive manner.
  • Strategic Management : The ability to formulate objectives and priorities and implement initiatives to bring value to the organization's long-term objectives.

    • Project Management : The ability to see the objective, the steps and resources needed to get there, ensure the timeline is followed, and provide the leadership necessary to impart the vision

    Additional Considerations

  • Ability to work at a computer workstation for extended periods up to eight hours per day.
  • Ability to speak on the telephone and / or communicate via video conference technology.
  • Ability to sit for extended periods without breaks.
  • Ability to perform repetitive movements, such as typing, and the use of commonly used office machines and supplies.
  • Ability to lift and move a minimum of 10 pounds.
  • Ability to communicate and present information in a clear manner.
  • Ability to travel independently.
  • Ability to travel within the Commonwealth of Virginia as needed for meetings and training.
  • Ability to travel outside the Commonwealth as necessary for conferences or professional development.

    • Operation of a State Vehicle

    Yes

    Supervises Employees

    Yes

    Required Travel

  • Ability to travel independently.
  • Ability to travel within the Commonwealth of Virginia as needed for meetings and training.
  • Ability to travel outside the Commonwealth as necessary for conferences or professional development.

    • Posting Detail Information

    Posting Number

    FAC_1753P

    Recruitment Type

    General Public - G

    Number of Vacancies

    Position End Date (if temporary)

    Job Open Date

    10 / 21 / 2025

    Job Close Date

    11 / 04 / 2025

    Open Until Filled

    No

    Agency Website

    https : / / www.vccs.edu /

    Contact Name

    Patsy Rose

    Email

    prose@vccs.edu

    Phone Number

    804-819-4938

    Special Instructions to Applicants

    Additional Information

    Background Check Statement Disclaimer

    The selected candidate's offer is contingent upon the successful completion of a criminal background investigation, which may include : fingerprint checks, local agency checks, employment verification, verification of education, credit checks (relevant to employment). Additionally, selected candidates may be required to complete the Commonwealth's Statement of Economic Interest. For more information, please follow this link : http : / / ethics.dls.virginia.gov /

    EEO Statement

    The Virginia Community College System ( VCCS ) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, political affiliation, veteran status, sexual orientation, gender identity or other non-merit factors.

    ADA Statement

    The Virginia Community College System ( VCCS ) is an Equal Employment Opportunity employer and complies with the Americans with Disabilities Acts ( ADA and ADAAA ), to provide, reasonable accommodation to applicants in need of access to the application, interviewing, and selection processes when requested.

    E-Verify Statement

    VCCSuses E-Verify to check employee eligibility to work in the United States. You will be required to complete an I-9 form and provide documentation of your identity for employment purposes.

    Quicklink for Posting

    https : / / jobs.vccs.edu / postings / 89914

    Create a job alert for this search

    Chief Information Officer • Richmond, VA, United States

    Related jobs
    Chief Risk Officer, US & Bermuda

    Chief Risk Officer, US & Bermuda

    Markel • Richmond, VA, US
    Full-time
    Chief Risk Officer, Us & Bermuda.What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confide...Show more
    Last updated: 30+ days ago • Promoted
    IT Security Analyst 3

    IT Security Analyst 3

    Quantaleap • Richmond, VA, US
    Full-time
    Role : IT Security Analyst 3 .Location : Richmond, VA (Hybrid).Interview Mode : Web Cam Interview...Show more
    Last updated: 30+ days ago • Promoted
    Boomi Integration Architect - Manager - 65711731

    Boomi Integration Architect - Manager - 65711731

    Cognizant • Short Pump, VA, US
    Full-time
    About the role As a Boomi Integration Architect, you will make an impact by designing and implementing scalable integration solutions that enhance business operations and data flow across systems.Y...Show more
    Last updated: 2 days ago • Promoted
    Enterprise Architect

    Enterprise Architect

    Quantaleap • Richmond, VA, US
    Full-time
    Role : Enterprise Architect / AWS Security Architect.Location : Richmond, VA(Hybrid) Minimum 3 days a week required.Interview Mode : Video Interview Only. Note : Client is looking for only candida...Show more
    Last updated: 30+ days ago • Promoted
    Boomi Integration Architect - Manager - 65711221

    Boomi Integration Architect - Manager - 65711221

    Cognizant • Providence Forge, VA, US
    Full-time
    About the role As a Boomi Integration Architect, you will make an impact by designing and implementing scalable integration solutions that enhance business operations and data flow across systems.Y...Show more
    Last updated: 2 days ago • Promoted
    IT Security Architect

    IT Security Architect

    Quantaleap • Richmond, VA, US
    Full-time
    Role : IT Security Architect 4 .Client : VITA State of VA .Location : &...Show more
    Last updated: 27 days ago • Promoted
    Director, Technology Risk- Enterprise Services Risk

    Director, Technology Risk- Enterprise Services Risk

    Capital One • Richmond, VA, US
    Full-time +1
    Director, Technology Risk- Enterprise Services Risk.The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly skilled profe...Show more
    Last updated: 30+ days ago • Promoted
    AVC ITS - Chief Information Officer

    AVC ITS - Chief Information Officer

    Virginia Department of Human Resource Management • Richmond, VA, US
    Full-time +1
    AVC ITS - Chief Information Officer.Title : AVC ITS - Chief Information Officer.Location : Richmond (City) - 760.Hiring Range : $195,000 to $210,000. Full Time or Part Time : Full Time.Virginia's commun...Show more
    Last updated: 23 days ago • Promoted
    Chief Operating Officer

    Chief Operating Officer

    Warren Whitney • Richmond, VA, US
    Full-time
    Warren Whitney is seeking an experienced and forward-thinking Chief Operating Officer (COO) to lead the firm's internal operations, support our continued growth, and take a leading role to ushe...Show more
    Last updated: 30+ days ago • Promoted
    Chief Product Officer

    Chief Product Officer

    CJK Group • Glen Allen, VA, US
    Full-time
    The Chief Product Officer (CPO) will serve as a key member of the executive leadership team, responsible for defining, leading, and executing the product vision and strategy across the organization...Show more
    Last updated: 21 days ago • Promoted
    Cybersecurity Engineer 4 - Senior Security Operations Engineer (Onsite)

    Cybersecurity Engineer 4 - Senior Security Operations Engineer (Onsite)

    Serigor Inc. • Richmond, VA, US
    Full-time
    Cybersecurity Engineer 4 - Senior Security Operations Engineer (Onsite).The Client is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in t...Show more
    Last updated: 24 days ago • Promoted
    IT Security Analyst 4

    IT Security Analyst 4

    NextGen Solutions Corp • Richmond, VA, US
    Full-time
    Please note that this position is with our direct client.IT Security Analyst 4 (Min 5+yrs Exp) HYBRID (In Person Interview. Please Note this position Hybrid (ONSITE Required : 2-3 days / week).Document...Show more
    Last updated: 30+ days ago • Promoted
    Cybersecurity Engineer / Azure Sr Security Engg

    Cybersecurity Engineer / Azure Sr Security Engg

    NextGen Solutions Corp • Richmond, VA, US
    Full-time
    Please note that this position is with our direct client.Cybersecurity Engineer (Min 5+yrs Exp) REMOTE (.Work Address : Richmond, VA 23219. Elect - Cybersecurity Engineer.Please Note This Position Is...Show more
    Last updated: 30+ days ago • Promoted
    Chief Information Security Officer

    Chief Information Security Officer

    Virginia Department of Human Resource Management • Richmond, VA, US
    Full-time
    Chief Information Security Officer.Virginia's community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwea...Show more
    Last updated: 7 days ago • Promoted
    Chief Technology Officer

    Chief Technology Officer

    Virginia Farm Bureau • Henrico, VA, US
    Full-time
    JOB TITLE : Chief Technology Officer.REPORTS TO : EVP & General Manager.DEPARTMENT : Information Services.This position will play a critical role in partnering with executive leadership to develop...Show more
    Last updated: 8 days ago • Promoted
    Resort Executive Chef

    Resort Executive Chef

    Kalahari Resorts & Conventions • Woodford, VA, US
    Full-time
    At Kalahari Resorts & Conventions, our Promise is simple : Lead with Love.We care deeply for our guests, associates, and communities, treating people like family and creating spaces where everyo...Show more
    Last updated: 11 days ago • Promoted
    Boomi Integration Architect - Manager - 65711223

    Boomi Integration Architect - Manager - 65711223

    Cognizant • Colemans Mill Crossing, VA, US
    Full-time
    About the role As a Boomi Integration Architect, you will make an impact by designing and implementing scalable integration solutions that enhance business operations and data flow across systems.Y...Show more
    Last updated: 2 days ago • Promoted
    IT Security Analyst 3 (Hybrid)

    IT Security Analyst 3 (Hybrid)

    Serigor Inc. • Richmond, VA, US
    Full-time
    IT Security Analyst 3 (Hybrid).Client is seeking a highly motivated Security Analyst to support cybersecurity operations within the Operations Technology (OT).Monitor security alerts...Show more
    Last updated: 13 days ago • Promoted