Overview
On Site
USD 185,000.00 per year
Full Time
Skills
Information Technology
Telephone Exchange
Recruiting
Strategic Leadership
Vulnerability Management
Supervision
Risk Assessment
Training
Data Security
Business Continuity Planning
Recovery
Privacy
IT Governance
ISO/IEC 27001:2005
SEC
Incident Management
Cloud Security
Cloud Computing
Artificial Intelligence
Management
Cyber Security
Risk Management
Communication
Analytical Skill
Conflict Resolution
Problem Solving
CISSP
CISM
Information Systems
CISA
Public Sector
Information Security
HIPAA
Regulatory Compliance
SAP GRC
Reporting
Leadership
Job Details
Title: Chief Information Security Officer (CISO)
State Role Title:Info Technology Manager II
Hiring Range: Up to $185,000
Pay Band: 7
Agency: Dept Behavioral Health/Develop
Location:Central Office
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
The Department of Behavioral Health and Developmental Services (DBHDS) is seeking a dynamic and experienced information security and privacy leader to serve as the Chief Information Security Officer (CISO). This position is responsible for developing, managing and ensuring an efficient and effective information security and privacy program that safeguards the agency's information assets and supports the compliance with all applicable federal and Commonwealth laws and regulations. This position oversees the agency's security policies, risk management, compliance, and cybersecurity operations to ensure protection, detection, and corrective controls for all IT systems.
Additional responsibilities include:
Providing strategic leadership for enterprise-wide cybersecurity, privacy, and IT governance, risk, and compliance (GRC) programs.
Designing and implementing policies, standards, and risk management frameworks aligned with Commonwealth security standards, and HIPAA requirements.
Overseeing the agency's incident response, vulnerability management, and cloud security, ensuring protection, detection, and corrective controls for all IT systems and cloud environments.
Leading the agency's initiatives in AI governance and emerging technology oversight, establishing responsible AI policies, risk assessments, and controls to ensure ethical, secure, and compliant adoption of artificial intelligence and automation technologies across DBHDS systems.
Supervising professional staff responsible for implementing technical safeguards, conducting risk assessments, managing investigations, and delivering security and privacy awareness training to maintain a secure, compliant, and resilient technology environment.
Advising the Executive Leadership Team on cybersecurity, privacy, and risk posture.
Developing data protection strategies and ensuring business continuity and incident recovery plans align with enterprise risk tolerance.
Minimum Qualifications
Considerable experience in information security, information systems review, or related technology fields.
Demonstrated knowledge of information security and privacy practices, IT governance, risk management, and compliance frameworks (e.g., NIST, ISO 27001, HIPAA, ARMICS, VITA SEC-530)
Proven experience implementing and managing cloud security controls in cloud environments, including IAM, monitoring, and shared responsibility compliance.
Ability to lead enterprise cybersecurity operations, manage incident response, and oversee vulnerability and threat management programs.
Knowledge of cloud security architectures, shared responsibility models, and cloud-native risk mitigation strategies.
Experience establishing or managing AI governance frameworks or oversight committees related to data ethics, model transparency, and security of AI systems.
Proven ability to lead teams and supervise staff performing cybersecurity and risk management functions.
Strong communication, analytical, and problem-solving skills, with the ability to interact effectively with technical, executive stakeholders, and oversight entities.
Additional Considerations
Certification as an Information Systems Security Professional (CISSP), Information Security Manager (CISM), or Information Systems Auditor (CISA).
Experience working in state or public sector information security programs.
Familiarity with HIPAA, ARMICS, and NIST security standards.
Experience building or maturing governance, risk, and compliance (GRC) programs and reporting metrics to executive leadership or board-level committees.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
This position is eligible, however not guaranteed, for telework opportunities; availability, hours, and duration of telework shall be approved as outlined in the Commonwealth telework policy.
For consideration, interested applicants must apply by completing the online application. A resume may also be included with your submission. However, emailed, faxed, and hand-delivered applications and/or resumes will not be accepted. This position is open until filled; however, applications/resumes will begin to be reviewed within seven (7) business days of the date of this posting. Reasonable accommodations are available to persons with disabilities during application and/or interview processes per the Americans with Disabilities Act.
DBHDS welcomes all applicants authorized to work in the U.S. For more information on how to seek this authorization, please refer to Working in the United States or contact the U.S. Citizenship and Immigration Services office directly.
For any technical assistance with the jobs.virginia.gov website, please contact
Contact Information
Name: ShaKiera Miles
Phone: N/A
Email: - Inquiries Only/No Submissions, to include resumes.
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title:Info Technology Manager II
Hiring Range: Up to $185,000
Pay Band: 7
Agency: Dept Behavioral Health/Develop
Location:Central Office
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
The Department of Behavioral Health and Developmental Services (DBHDS) is seeking a dynamic and experienced information security and privacy leader to serve as the Chief Information Security Officer (CISO). This position is responsible for developing, managing and ensuring an efficient and effective information security and privacy program that safeguards the agency's information assets and supports the compliance with all applicable federal and Commonwealth laws and regulations. This position oversees the agency's security policies, risk management, compliance, and cybersecurity operations to ensure protection, detection, and corrective controls for all IT systems.
Additional responsibilities include:
Providing strategic leadership for enterprise-wide cybersecurity, privacy, and IT governance, risk, and compliance (GRC) programs.
Designing and implementing policies, standards, and risk management frameworks aligned with Commonwealth security standards, and HIPAA requirements.
Overseeing the agency's incident response, vulnerability management, and cloud security, ensuring protection, detection, and corrective controls for all IT systems and cloud environments.
Leading the agency's initiatives in AI governance and emerging technology oversight, establishing responsible AI policies, risk assessments, and controls to ensure ethical, secure, and compliant adoption of artificial intelligence and automation technologies across DBHDS systems.
Supervising professional staff responsible for implementing technical safeguards, conducting risk assessments, managing investigations, and delivering security and privacy awareness training to maintain a secure, compliant, and resilient technology environment.
Advising the Executive Leadership Team on cybersecurity, privacy, and risk posture.
Developing data protection strategies and ensuring business continuity and incident recovery plans align with enterprise risk tolerance.
Minimum Qualifications
Considerable experience in information security, information systems review, or related technology fields.
Demonstrated knowledge of information security and privacy practices, IT governance, risk management, and compliance frameworks (e.g., NIST, ISO 27001, HIPAA, ARMICS, VITA SEC-530)
Proven experience implementing and managing cloud security controls in cloud environments, including IAM, monitoring, and shared responsibility compliance.
Ability to lead enterprise cybersecurity operations, manage incident response, and oversee vulnerability and threat management programs.
Knowledge of cloud security architectures, shared responsibility models, and cloud-native risk mitigation strategies.
Experience establishing or managing AI governance frameworks or oversight committees related to data ethics, model transparency, and security of AI systems.
Proven ability to lead teams and supervise staff performing cybersecurity and risk management functions.
Strong communication, analytical, and problem-solving skills, with the ability to interact effectively with technical, executive stakeholders, and oversight entities.
Additional Considerations
Certification as an Information Systems Security Professional (CISSP), Information Security Manager (CISM), or Information Systems Auditor (CISA).
Experience working in state or public sector information security programs.
Familiarity with HIPAA, ARMICS, and NIST security standards.
Experience building or maturing governance, risk, and compliance (GRC) programs and reporting metrics to executive leadership or board-level committees.
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
This position is eligible, however not guaranteed, for telework opportunities; availability, hours, and duration of telework shall be approved as outlined in the Commonwealth telework policy.
For consideration, interested applicants must apply by completing the online application. A resume may also be included with your submission. However, emailed, faxed, and hand-delivered applications and/or resumes will not be accepted. This position is open until filled; however, applications/resumes will begin to be reviewed within seven (7) business days of the date of this posting. Reasonable accommodations are available to persons with disabilities during application and/or interview processes per the Americans with Disabilities Act.
DBHDS welcomes all applicants authorized to work in the U.S. For more information on how to seek this authorization, please refer to Working in the United States or contact the U.S. Citizenship and Immigration Services office directly.
For any technical assistance with the jobs.virginia.gov website, please contact
Contact Information
Name: ShaKiera Miles
Phone: N/A
Email: - Inquiries Only/No Submissions, to include resumes.
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.