Job Description
The chief objective of this position is to provide on-going information security administration, information security support, and privileged access control for all enterprise applications and services. This position is responsible for the maintenance of PeopleSoft (ERP) application security roles and responsibilities and developing supporting documentation for use by all colleges. This position serves as backup security administrator for all Enterprise Application Systems.
This position provides information security access control management and support to 25 state agencies across the state. The employee is expected to work outside of normal business days and hours to meet established business goals. The further expectation is that the nature of the work requires that the employee must be able to work fully remote and be on-call nights and weekends for investigation of information security related events or to address emergency information security access requests. Special Assignments
May be required to perform other duties as assigned. May be required to assist the agency or state government generally in the event of an emergency declaration by the Governor.
KSA's/Required Qualifications
Virginia’s community colleges have a 50-year track record of educational excellence and innovation to serve the needs of our citizens and strengthen the Commonwealth’s economy. When Virginia’s General Assembly established the Virginia Community College System in 1966, the need for a comprehensive system was well known. Over the two decades after the end of World War II, leaders in government, business, professional sectors, and academia had called for a new approach to providing educational opportunity. A key concern was Virginia’s ability to develop a skilled and knowledgeable workforce to expand the state’s economy. Today our community colleges give every Virginian the opportunity to gain a quality education. With 23 colleges on 40 campuses located throughout the state, Virginia’s Community Colleges are committed to serving Virginia families, helping them acquire the knowledge and skills to seize the opportunities of today and tomorrow.
Demonstrated knowledge of role based security principles and access controls.
Demonstrated knowledge of relational database design and structured query language programming.
Knowledge of enterprise resource planning (ERP) software security administration (Peoplesoft, SAP).
Demonstrated knowledge of IT Security and IT Audit concepts and techniques.· Comprehensive knowledge of Virginia’s security standards.· Knowledge of current trends and advancements in information systems and enterprise-wide security· Knowledge and implementation experience with commonly accepted industry standards and best practices, including ISO 17799 or 27002, NIST publications, ISF Best Practices, etc· Substantial experience with current legal and regulatory requirements around information security and privacy, including FERPA, PCI, SOX, HIPAA, GLBA, etc· Commonwealth of Virginia Data Classification and Data Retention Standards· Current trends and advancements in messaging and other related technologies.· Network Security (Firewalls, Microsoft Entra, Purview, etc).· Application Security (Application Firewall)· Internet, Intranet, Extranet, and Remote Access network design Standards and protocols.· Internet application Standards and protocols (Telnet, FTP, etc.).· Internet network Standards and protocols (TCP and UDP).· Desktop applications to include email, office software product, etc.· HTML, XML, SQL, CGI, SAS, REXX, Scripting, Perl, JAVA.· Global Directory Services (LDAP, X.500).· Electronic Messaging.· Directory Services Security automation· Web services Implementation and SSL security· Client/server technology.· Specialized hardware to include network routers, servers, etc.· Internet transport Standard and protocol (IP).· Virtual Private Networks (VPNs).· Internet Domain Name Server (DNS) Standards and protocols.· Unix & Microsoft Operating Systems.· SQL PL SQL programming
Skills · Considerable skill in all the items listed above· Working skill in all the items listed above
· Outstanding oral/written communication.
Ability: · To learn new things and to apply them when and where appropriate.· To work on multiple tasks simultaneously.· To apply general work experience to a task.· To work independently or as part of a team.· To work in stressful situations.· To use logic to resolve complex problems.· To communicate and work well with everyone from the highest levels of technical Management to staff level.· Ability to understand a technical environment, and plan accordingly.· To find creative solutions to problems.· To analyze user needs and solve problems.· To be a self-starter and work independently.· To use logic to resolve complex problems.· Coordinate work of a team.· To coordinate multiple projects and priorities.
· To define and develop solutions based on business requirements.
Education & Experience: · Education and/or coursework in Information Systems, Computer Science or a related field
· Experience working as an IT security analyst, administrator, or consultant.· Experience in project management or in systems analysis/design. Additional Considerations · Comprehensive knowledge of Peoplesoft Application and Oracle Database security principles, operations, and procedures for applying role based security on the basis of least privilege and segregation of duties.· Demonstrated knowledge of Peoplesoft Campus Solutions, Finance, and Human Capital Management application systems.
· Comprehensive knowledge of VCCS security standards
· Considerable knowledge of PeopleSoft ERP (Student Information System (SIS), Administrative Information System (AIS), Human Capital Management System (HCMS)
· Working knowledge of Oracle enterprise products.
· Author of technology based white papers, models, guidelines and presentations for IT management, vendors, peers and other agencies.
Peoplesoft security training will be provided to candidates that meet all other job requirements and pre-requisite knowledge.