Deputy CISO

State of North Carolina • Raleigh, NC, US • 1w ago

Description of Work

Are you ready to take the next step in your career?

Discover why NCDIT is the ideal destination for your professional growth - Why Work for NCDIT.

We currently have an opening for a Deputy CISO

The position is designated Statutory Exempt and is exempt from the State Human Resources Act.

We are seeking an experienced cybersecurity leader to serve as Deputy Chief Information Security Officer (DCISO), reporting directly to the State Chief Information Security Officer (SCISO). This strategic position leads our Security Operations and Risk Management teams and serves as the secondary cybersecurity incident response coordinator across government systems.

Key Responsibilities

Leadership & Oversight

Manage enterprise security & risk programs and risk management initiatives
Govern controls across distributed environments
Represent the State and Agency in support of the State Chief Information Security Officer and the agencies initiatives and mission

Incident Management

Lead incident response efforts
Evaluate intelligence on cybersecurity threats (including classified information)
Disseminate actionable threat intelligence to stakeholders
Mature vulnerability management programs

Awareness & Training

Mature security training for state employees and contractors
Deliver presentations on information security practices and current threat landscape
Enhance knowledge base for new security technologies and cybersecurity threats

Policy & Compliance

Ensure compliance with regulatory requirements (HIPAA, FERPA, IRS-1075, etc.)
Develop security standards for new technologies
Evaluate information security measures for statewide IT systems projects

This position plays a critical role in protecting our state's digital infrastructure and requires a strategic thinker with both technical expertise and leadership skills.

This position is expected to be onsite minimum 3 days/week including on call when required.

About The Organization

The N.C. Department of Information Technology (NCDIT) serves as the Technology Center for the State of NC. Services that NCDIT provides reach a client base of state and local government agencies, as well as schools, colleges and universities. NCDIT’s mission is to enable trusted business-driven solutions that meet the needs of North Carolinians. NCDIT provides technology services to state agencies and is charged with closing the digital divide by expanding availability of broadband services and promoting the adoption of affordable, high-speed internet.

As NCDIT’s services reach North Carolina residents from all backgrounds, we believe that our workforce should reflect the demographics of the state. The workforce is our most valuable asset to recognize, understand and meet the IT needs of our constituents across North Carolina. Our agency’s culture is derived through the implementation of thoughtful, practical, innovative and data-driven strategies. We are an Employment First state, ensuring that people with disabilities have equal opportunities to succeed in the state government workplace (Executive Order 92). NCDIT supports recent executive orders to address pay equity for women (Executive Order 93), establish paid parental leave for birth, adoption, and foster care (Executive Order 95), and implement fair chance policies (Executive Order 158). NCDIT also has several initiatives designed to help past and current military personnel and their spouses find rewarding careers with us. Join a team that welcomes, values, respects and supports all members of our work community.

If you have student loans, becoming a state employee includes eligibility for the Public Service Loan Forgiveness Program. Visit www.studentaid.gov to learn more.

Knowledge, Skills And Abilities / Competencies

Resumes/CVs are intended to be used as a complement to an application. Generally resumes/CVs are lacking the detail and breadth of an applicant’s full education and work history so applicants should complete the application with more detail than what their resume contains to show that they meet both the Education Requirements and ALL Knowledge, Skills and Abilities (KSAs) listed below in order to qualify. Click these links for additional information: Introduction to the Job Application and Addressing Knowledge, Skills and Abilities. (Note: These links refer to Dept. of Public Safety process; this process is the same for Dept. of Information Technology.)

To qualify for this position, applicants must document on the application that they possess ALL of the following:

Experience deploying, operating and/or maturing Enterprise Information Security programs and/or controls, preferably in the public service sector
Experience with security disciplines, preferably all of the following: identification, authentication, authorization, access control, administration and audit, risk management, vulnerability assessment, disaster recovery, incident management and business continuity
Experience with security governance, security frameworks, and/or relevant regulatory guidelines (HIPPA, NIST, etc.)

The following Management Preferences are not required, but applicants that possess these skills are preferred:

Certifications related to Security
Project management experience

This position requires a fingerprint-based background search. Hires must agree to a fingerprint-based background search prior to being hired.

Minimum Education And Experience Requirements

Some state job postings say you can qualify by an ‘equivalent combination of education and experience.’ If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.

Bachelor's degree in computer science or a related IT field or related degree from an appropriately accredited institution and three years of progressive experience in IT security or closely related area including two years of supervisory experience

OR

Associate degree in computer science or a related IT field or related degree from an appropriately accredited institution and four years of progressive experience in IT security or closely related area which includes two years supervisory experience; or an equivalent combination of education and experience.

Supplemental and Contact Information

The North Carolina Department of Information Technology (DIT) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders.

NCDIT uses the Merit-Based Recruitment and Selection Plan to fill posted positions. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position.

The Department of Information Technology will not accept "See Resume" or inserted text resumes in lieu of all work experience and education completed on the application.
Employment at NCDIT is contingent upon a satisfactory background check.
Applicants seeking Veteran's Preference must attach a DD form 214, Certificate of Release or Discharge from Active Duty, along with your application.
Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if you are a current member of the NC National Guard in good standing. If you are a former member of the NC National Guard who served for at least 6 years and was discharged under honorable conditions, you must attach either a DD256 or NGB 22.
Applicants applying for positions that require specific coursework, must upload and attach a copy of the transcript with their application.
Applicants with relevant professional certifications to the posted job must attach proof of active certification along with the information in the “Certificates and Licenses” section.
If applicants earned college credit hours but did not complete a degree program, they must attach an official transcript to each application to receive credit for this education.
If applicants earned a foreign degree, foreign degrees require an official evaluation for U.S. equivalency, and must be submitted to Human Resources for verification. There are several organizations that perform this specialized service, feel free to use any service of your choosing. The National Association of Credential Evaluation Services (NACES) has several options on their website that can provide credential verification: https://www.naces.org/members

Hybrid/Flexible Work Schedules

At NCDIT, we are dedicated to fostering a collaborative and flexible work environment, offering a hybrid remote work option for positions that are conducive to remote flexibility. If you do not currently reside within a reasonable commuting distance of the assigned duty station, new hires are granted up to 120 days from their start date to relocate. This relocation ensures the ability to work onsite multiple days per week. If you're eager to contribute to a dynamic workplace, we encourage you to apply!

Compensation & Benefits

The state of North Carolina offers excellent comprehensive benefits. Employees can participate in health insurance options, standard and supplemental retirement plans, and the NCFlex program (numerous high-quality, low-cost benefits on a pre-tax basis). Employees also receive paid vacation, sick, and community service leave. In addition, paid parental leave is available to eligible employees.

Some Highlights Include

The best funded pension plan/retirement system in the nation according to Moody’s Investor’s Service
Twelve (12) holidays/year
Fourteen (14) vacation days/year which increase as length of service increases and accumulate year-to-year
Twelve (12) sick days/year which are cumulative indefinitely
Longevity pay lump sum payout yearly based on length of service
401K, 457, and 403(b) plans

Learn More About Employee Perks/benefits

Why Work For NC?
NC OSHR: Benefits
NC OSHR: Total Compensation Calculator

To apply for this position, please click the "Apply" link above (on the Government Jobs website) or visit https://www.governmentjobs.com/Applications/Index/northcarolina to complete an on-line application.

About

Due to the volume of applications received, we are unable to provide information regarding the status of your application over the phone. To check the status of your application, please log in to your account and click "Application Status." If you are selected for an interview, you will be contacted by management. If you are no longer under consideration, you will receive an email notification. If there are any questions about this posting other than your application status, please contact:

NCDIT Human Resources

Shaun Osborne

dit_hr_recruitment@nc.gov

For technical issues with your application, please call the GovernmentJobs.com Applicant Support Help Line at 855-524-5627.

NOTE: For temporary, contract or other supplemental staffing appointments: There are no paid leave, retirement or other benefits associated with these appointment types.

For Permanent And Time-limited Appointments

Eligible employees have benefits that include employee health insurance options, standard and supplemental retirement plans, NC Flex (a variety of high-quality, low-cost benefits on a pre-tax basis), and paid vacation, sick, and community service leave, to name a few. Paid parental leave is available for eligible employees. Some benefits require 30 + hours work/week for participation.

01

To qualify for this position, applicants must possess the required "Minimum Education and Experience" AND all "Knowledge, Skills and Abilities" listed on the job posting. I understand that my application MUST include a complete work history in the "Work Experience" section, all education in the "Education" section, and credentials in the "Certificates and Licenses" section. I understand that a resume is NOT a substitute for completing the sections listed above. Also, I understand that Supplemental Questions are considered a part of the application and the answers are used in the screening process, and that all questions must be answered completely and accurately.

Yes, I understand

02

Are you aware this position is exempt from the provisions of the State Human Resources Act (EHRA), meaning the position is at-will, however, still eligible for all state employee benefits?

Yes, I understand

03

This position requires a fingerprint-based background search

I understand and agree to a fingerprint-based background check search prior to being hired.

04

To receive credit for relevant professional certifications you must attach documented proof of your active certifications to this application in addition to including the information regarding your certifications in the "Certificates and Licenses" section.

Yes, I understand

05

If you earned a foreign degree, you must attach your official evaluation for U.S. equivalency to your application to receive credit for your degree as foreign degrees require an official evaluation for U.S. equivalency. If you do not attach, Human Resources cannot verify your degree equivalency to give you credit for salary qualification purposes. There are several organizations that perform this specialized service listed on the National Association of Credential Evaluation Services (NACES) website: www.naces.org/members

Yes, I understand

06

Please select the education and experience level that best reflects your education and related experience as defined here: https://oshr.nc.gov/experience-guide

Bachelor's degree in computer science or a related IT field or related degree from an appropriately accredited institution and three years of progressive experience in IT security or closely related area including two years of supervisory experience
Associate degree in computer science or a related IT field or related degree from an appropriately accredited institution and four years of progressive experience in IT security or closely related area which includes two years supervisory experience
An equivalent combination of education and experience as defined here: https://oshr.nc.gov/experience-guide
I do not have the minimum number of years of relevant education and/or experience and I do not meet the equivalent combination of education and experience as indicated above

07

Which areas have you demonstrated in the work experience section on your application? For example, if you select that you have experience in one of the choices below, this should be explicitly reflected within each relevant job in the work experience section in your application, not just indicated in this supplemental question. Check all that apply.

Experience deploying, operating and/or maturing Enterprise Information Security programs and/or controls, preferably in the public service sector
Experience with security disciplines, preferably all of the following: identification, authentication, authorization, access control, administration and audit, risk management, vulnerability assessment, disaster recovery, incident management and business continuity
Experience with security governance, security frameworks, and/or relevant regulatory guidelines (HIPPA, NIST, etc.)
I do not have knowledge or experience in any of the areas listed

08

Where did you find out about this posting?

#TriangleTuesdays
#Work4Us Wednesdays
Career Fair
CollegeCentral
Employee Referral
Facebook
Google
Government Jobs (State Jobs website)
Handshake
Indeed
LinkedIn
NC Tech
NCWorks
OSHR Website (Office of State Human Resources)
Symplicity
Twitter
Other

09

If you selected Career Fair (but it was not listed above), Employee Referral, or Other from above please let us know which Career Fair, Employee, or Other place you found about us! If you did not choose one of the above, please enter N/A

10

If you chose Career Fair from above, please indicate which career fairs you attended. If you did not attend any, please choose N/A.

1/30/25 - UNC Charlotte STEM Fair
2/5/25 - Fort Liberty Military & Government Attendee at TechNet Fort Liberty Symposium & Exposition
2/12/25 - East Carolina University Job & Internship Fair
2/12/25 - Elizabeth City State University Spring 2025 Career Fair
2/18/25 - Western Carolina University Career Fair Plus - STEM Fair - Spring '25
2/25/25 - Wake Technical Community College IT Career Fields Fair
2/26/25 - Appalachian State University Internship & Job Fair
2/26/25 - NC4ME Career Expo @ Seymour Johnson Air Force Base
3/5/25 - North Carolina Central University Internship & Career Fair
3/12/25 - High Point University Spring Career & Internship Expo
3/26/25 - Forsyth Technical Community College Business and IT Career Fair
N/A
Required Question

Apply