Agency

Department of Information Technology

Division

DIT Secretary , CIO

Job Classification Title

IT Security & Compliance Specialist II (NS)

Position Number

60087641

Grade

DT10

About Us

The N.C. Department of Information Technology (NCDIT) serves as the Technology Center for the State of NC. Services that NCDIT provides reach a client base of state and local government agencies, as well as schools, colleges and universities. NCDIT’s mission is to enable trusted business-driven solutions that meet the needs of North Carolinians. NCDIT provides technology services to state agencies and is charged with closing the digital divide by expanding availability of broadband services and promoting the adoption of affordable, high-speed internet.

Description of Work

Salary Range: $84,353 - $126,529

Are you ready to take the next step in your career?

We currently have an opening for an IT Security & Compliance Specialist II

This position may be eligible for hybrid remote work in accordance with state policy and the agency’s remote work program but does require weekly onsite work

This vacancy is open to current North Carolina state government and current UNC System employees only or previous NC state government and UNC System employees with unexpired RIF priority re-employment rights. Current temporary employees working in NC state government or in the UNC System will also be considered.

This position serves as a Business Continuity/Disaster Recovery (BC/DR) Specialist for the Enterprise Security Risk Management Office (ESRMO) Business Continuity Management (BCM) team. This position has a statewide focus supporting the BCM program through development, administration and maintenance of DIT and executive branch agency Business Continuity Program Framework, Policy Administration, Education and Training, Publications, Business Continuity & Disaster Recovery Plan Development, Plan Reviews, IT Risk Assessment, and special projects. The BC/DR Specialist for ESRMO aids all executive branch agencies in the development of the Business Continuity Plans which includes IT disaster recovery, Continuity of Operations (COOP), Continuity of Government (COG) and pandemic plans. This position serves as an expert advisor and coordinator for the selection, implementation and development of enterprise IT risk and business continuity management tools.

Key Responsibilities:
•Supporting the statewide IT BCM program to ensure continuity of service to agency operations and to safeguard information technology assets against accidental or unauthorized modification, destruction, or disclosure by reviewing annual agency business continuity plans and continuity of operations plans for compliance with applicable policies as well as identifying opportunities for improvement.
•Ensuring the continuity of business processes by collaborating with agency management, risk assessment staff, auditors, facilities, security departments, and other agency personnel to identify and formulate contingency plans for prompt recovery of state agency applications, hardware, data, network, and telecommunications and assisting with the development of DR strategies as needed.
•Serving as an administrator for the Business Continuity/Disaster Recovery (BC/DR) and Emergency Notification System applications.
•Supporting the development and adherence to statewide policies, standards and procedures and relevant regulatory requirements and provide statewide leadership in the analysis, mitigation, and resolution of Information Technology risks, as they relate to business continuity and disaster recovery.
•Providing status reporting, documentation, and recommendations to management along with establishing statewide metrics consistent with contingency plan requirements.
•Creating and administering BC/DR training and awareness opportunities.
•Assisting and supporting agency contingency/recovery plan exercises, reviews and tests which includes accessing risk of any identified deficiencies and advising in remediation activities.

About the Division:

The Department of Information Technology (DIT) serves as the Technology Center for the State of NC operating two data centers in the state – the Eastern Data Center and the Western Data Center – and reporting directly to the Office of the Governor. Services that DIT provides reach a client base of state and local government agencies, as well as schools, colleges and universities. The State Chief Risk Officer (SCRO) reports directly to the State Chief Information Officer (SCIO) and provides leadership and direction for the ESRMO. The ESRMO provides governance in the development, delivery and maintenance of a cybersecurity program that safeguards the state’s information assets and the supporting infrastructure against unauthorized use, disclosure, modification, damage or loss. The ESRMO is organized to help the state meet the requirements of the security standards legislation, N.C.G.S. § 147-33.110-33.113 and N.C.G.S. § 147-33.72c and other legal and regulatory requirements. ESRMO responsibilities for information security include the following: Support the development and maintenance of information security policies, standards and procedures by translating business objectives into security policies and standards that support the Statewide Technical Architecture.

Knowledge Skills and Abilities/Management Preferences

The following Management Preferences are not required, but applicants that possess these skills are preferred:

• FEMA Level 1 Professional Continuity Practitioner, FEMA Level II Master Continuity Practitioner, Certified Business Continuity Professional (CBCP) Master Business Continuity Professional (MPCP), Certified Information Systems Auditor (CISA). 

• Demonstrated experience with a state, local or federal government entities

"This position requires a fingerprint-based background search. Hires must agree to a fingerprint-based background search prior to being hired.”

Discover why NCDIT is the ideal destination for your professional growth - Why Work for NCDIT

Minimum Education and Experience

Some state job postings say you can qualify by an “equivalent combination of education and experience.” If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.

Bachelor’s degree in computer science or a related IT field or closely related field from an appropriately accredited institution and two years of progressive experience in IT Security or closely related area;

OR

Associate degree in computer science or a related IT field or closely related field from an appropriately accredited institution and three years of progressive experience in IT security or closely related area; or an equivalent combination of education and experience.

EEO Statement

The State of North Carolina is an Equal Employment Opportunity Employer and dedicated to providing employees with a work environment free from all forms of unlawful employment discrimination, harassment, or retaliation. The state provides reasonable accommodation to employees and applicants with disabilities; known limitations related to pregnancy, childbirth, or related medical conditions; and for religious beliefs, observances, and practices.

Recruiter:

Tajia Monae Shatia Brown

Recruiter Email:

dithr[email protected]