|
Information Technology (IT) Professionals analyze, develop, implement, maintain, and modify computer operations, systems, networks, databases, applications, and/or information security. Incumbents may perform duties in one or more IT specialization areas depending on the needs of the agency.
Incumbents perform supervisory duties and manage projects of varying size, scope, and impact to agency operations to include serving as the project leader; planning, organizing, and directing project activities; resolving design conflicts; data administration; resource allocation; contract negotiation; timeline development; critical path tracking; justifying the need for additional resources; and coordination with other work units within and outside the organization as assigned. Non-supervisory positions must spend the preponderance of their time performing the most advanced professional work in project management and oversight or technology planning and consultation.
This position is located at the Department of Motor Vehicles in Carson City. Under limited supervision, the incumbent acts as the Department's Information Security Officer (ISO) and performs journey level duties and implements program/project information security tasks with responsibility for the design, establishment, administration and execution of the information security program; and for the planning and implementation of information security initiatives at the functional, project or program level. Incumbents perform some or all of the duties described in the series concept at a program/project level with 100% of their daily activities devoted solely to information security.
Information Security Officers administer security policies, security operations, and/or maintain oversight of information systems and data within the assigned area of information security responsibility. Incumbents work with management and technical staff to develop a comprehensive information security program for integrated IT systems within the State or agency and may be responsible for the following security domain areas: access control; application/system development security; continuity of operations/disaster recovery planning; cryptography; information security management; operational security (OPSEC); physical technical security; security architecture and models; security law, investigation, and ethics; telecommunications/network security.
Incumbents also interact with internal and external peers and supervisory levels in order to answer questions requiring explanations or interpretations of information security standard procedures and to solve security problems involving some conflict and requiring interpretation/application of policy. The incumbent will facilitate, coordinate, participate in, and report on Federal and State information security safeguarding measures (including Federal/State onsite audits), demonstrating safeguard compliance as outlined by NIST, CIS, PCI, CJIS, SSA, and DHS REAL ID regulatory provisions.
DMV shall not knowingly employ a person if they have been convicted of any of the felonies listed under the Real ID regulation, which includes Espionage, Sedition, Treason, Terrorism, Transportation Security Incident, Improper Transportation of a Hazardous Material, Unlawful Possession of Explosives, Murder, Making any Threat Concerning a Lethal Device, Racketeering. Additional Real ID criteria provides that the DMV shall not employ a person if they have been convicted of a felony within 7 years of their application or if an applicant was released from incarceration for one of these crimes within five years of their application including Unlawful Firearm Violations, Extortion, Fraud, Bribery, Smuggling, Immigration Violations, Distribution of Controlled Substances, Arson, Kidnapping, Rape or Sexual Abuse, Assault With Intent to Kill, Robbery, or Fraudulent Seaport Entry. Under the authority of NRS 239B.010.1(b), the DMV also utilizes NRS 205 as criteria to obtain an FBI fingerprint clearance on prospective employees. Any convictions pursuant to NRS 205 will disqualify any employee or vendor employee from obtaining access to the DMV Computer System.
In order to be qualified, you must meet the following requirements:
|
 |
Bachelor's degree from an accredited college or university with major course work in computer science, management information systems, or closely related field and five years of progressively responsible professional IT experience relevant to the duties of the position which may include systems administration, network administration, database administration, applications analysis and development, and/or information security, two years of which were at the advanced journey level or in a supervisory or project management capacity; OR Bachelor's degree from an accredited college or university with major course work in computer science,management information systems, or closely related field and five years of progressively responsible professional IT experience which may include systems administration, network administration, database administration, applications analysis and development, and/or information security, relevant to the duties of the position, two years of which were at the journey level in information security; OR two years of relevant experience as an IT Professional III in Nevada State service; OR an equivalent combination of education and experience as described above. |
|
| |
Applicants for positions in this series may have a combination of complementary education, experience, knowledge, skills and abilities that qualify for the class level and specialty being recruited. |
| |
International Information Systems Security Certification Consortium, Inc. (ISC2) - Certified Information System Security Professional (CISSP) is equivalent to three years of experience. |
| |
Information Systems Audit and Control Association (ISACA) - Certified Information Security Manager (CISM) is equivalent to two years of experience. |
| |
Global Information Assurance Certification (GIAC) - Security Expert is equivalent to two years of experience. |
| |
Other nationally recognized information security certifications may be substituted for up to one year or experience. |
|
| |
A pre-employment criminal history check and fingerprinting are required. Persons offered employment in this position will be required to pay for these items. |
| |
This position requires specialized certification that will be identified at the time of recruitment. |
| |
Statewide travel 25% of the time is required.
|
|
| |
Payment Card Industry Internal Security Assessor (PCI ISA) certification must be obtained within 6 months of appointment and maintained as a condition of continued employment. |
|
| The exam will consist of an application evaluation. It is essential that applications include detailed information with time frames regarding education and experience. The most qualified applicants will be contacted by the hiring agency for interview. The hiring agency may require specific skills related testing as part of the interviewing process. |
|
|
|
|
1) Do you have experience with: facilitating, coordinating, participating in, and reporting on Federal and/or State information security safeguarding measures utilizing NIST or CIS frameworks? If so, provide details of this experience to include where and when received.
|
|
2) Describe your experience with: facilitating, coordinating, participating in, and reporting on Network Scanning, Penetration Testing, Vulnerability Management, Antivirus, and Log Management\SIEM solutions? If so, provide details of this experience to include the tools (vendors), and in what capacity you administrated these solutions.
|
|
3) Do you have experience with: facilitating, coordinating, participating in, and reporting on compliance audits, threat assessments and security matrix reporting? If so, provide details of this experience to include a description of the results achieved.
|
|
4) Do you have experience with: facilitating, coordinating, development of Security Plans, Business Continuity Plans, Incident Response Plans, Disaster Recovery Plans and/or Security Assessment reporting? If so, provide details of which standard you developed to and what role you served.
|
|
