Connecticut StateDepartment of Administrative Services

IT Security and Compliance Subject Matter Expert

Information Technology Subject Matter Expert (40 Hour) (Hybrid)

Recruitment #220804-7607FR-001

Introduction


Are you an IT leader looking to take on a new challenge? If so, we want you to check out this exciting opportunity!

The State of Connecticut Department of Administrative Services (DAS), Bureau of Information Technology Solutions (BITS) is currently accepting applications from qualified individuals for the position of IT Security and Compliance Subject Matter Expert (Information Technology Subject Matter Expert) for the Department of Children and Families (DCF) within the IT Security Division in Hartford, CT, with some remote work possible.

POSITION HIGHLIGHTS

  • Monday - Friday
  • Full-time (40 hours per week)
  • First shift
  • Hybrid work environment
RESPONSIBILITIES INCLUDE

  • Reviewing and documenting where security and technology controls are adequate or require improvement, as well as areas where risk is too high
  • Recommending risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls
  • Working closely with risk management and security leadership, teammates, and stakeholders to evaluate and recommend models aligning with organizational risk posture
  • Identifying strengths and weaknesses in the program as they relate to privacy, security, business resiliency, and compliance frameworks
  • Attending change and project management meetings to understand and proactively strengthen controls to avoid unnecessary risk across lines of business
  • Retaining expertise in one or more compliance standards, including Sarbanes-Oxley Act (SOX), Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Centers for Medicare & Medicaid Services (CMS), National Institute of Standards and Technology (NIST), and International Standards Organization (ISO) 27001
  • Monitoring plans of action and milestones for risk remediation requirements from internal and external security assessments, vulnerability reports, audit findings, and security gaps
  • Enforcing a strong security culture mindset set forth by risk management, ensuring uniformity across technical teams, business units, and employees
  • Conducting architecture reviews and identifying where security controls must be implemented
  • Analyzing workflows and designing documents and procedures to identify gaps in risk posture and risk acceptability based on controls
  • Fostering strong relationships with internal business units and excelling in risk management, technical controls, and cybersecurity communication
WHAT WE CAN OFFER YOU

The State of Connecticut offers a competitive starting salary, excellent state benefits package including health/dental insurance, generous paid time off, retirement plan options, alternate work schedules, and a culture that encourages work-life balance.

View the video below to learn what it's like to be part of this new BITS team!


Selection Plan

To Apply:

  • In order to be considered for this job opening, you must meet the Minimum Qualifications as listed on this job opening. You must specify your qualifications on your application.
  • The minimum experience and training requirements must be met by the close date on the job opening, unless otherwise specified.
  • Ensure that your application is complete and detailed before submitting it. In order to comply with Public Act 21-69, the State of Connecticut is no longer asking for resumes during the initial application process. You will not be able to make revisions once your application is submitted into the JobAps system.
  • Please select all location(s) and shift(s) you are willing to work on your application. Failure to do so may result in not being considered for vacancies in that specific location or shift.
  • All application materials must be received by the recruiting agency by the time specified on the job opening for the position for which you are applying. Late applications may not be submitted and will not be considered. Exceptions are rare and limited to documented events that incapacitate a candidate during the entire duration of the job posting time period. It is the candidate’s obligation and responsibility to request an exception and provide a legally recognized justification to accommodate such exception. Requests should be made to DAS.SHRM@ct.gov.
FOR ASSISTANCE IN APPLYING:

Important Information After You Apply:

  • This posting may require completion of additional referral questions (RQs). You can access these RQs via an email that will be sent to you after the posting's closing date or by visiting your JobAps Personal Status Board (Certification Questionnaires section). Your responses to these RQs must be submitted by the questionnaire's expiration date. Please regularly check your email and JobAps Personal Status Board for notifications. Please check your SPAM and/or Junk folders on a daily basis in the event an email provider places auto-notification emails in a user's spam.
  • Although applicants will receive correspondence via email, as a backup they are also encouraged to sign on to their Personal Status Board on a daily basis to monitor their status, view all emailed notices and complete tasks required in the recruitment process.
  • Note: At any point during the recruitment process, applicants may be required to submit additional documentation which support their qualification(s) for this position. These documents may include: a cover letter, resume, performance reviews, attendance records, supervisory references, licensure, etc., at the discretion of the hiring agency.
  • Interviews will be limited to candidates whose experience and training most closely meet the requirements of the position.
  • The immediate vacancy is listed above, however, applications to this recruitment may be used for future vacancies in this job class.
Connect With Us:

Due to the large volume of applications received, we are unable to provide confirmation of receipt or status during the recruitment process. Updates will be available through your JobAps portal account. Should you have any questions pertaining to this recruitment, please contact Frank DeCusati at frank.decusati@ct.gov or 860-713-5176.

PURPOSE OF JOB CLASS (NATURE OF WORK)

In a state agency supporting a highly complex Information Technology (IT) environment this class is accountable for functioning as a Subject Matter Expert in one of the following functional IT areas: networking, security, systems development, systems programming or database administration. This class also provides technical leadership and consultation in the areas of architecture, application design, systems programming, system integration, and/or database management OR the analysis, development and operational support of highly complex technologies affecting multiple infrastructure areas.

EXAMPLES OF DUTIES

Acts as a full project manager; participates in the development of architectural designs; recommends policies, procedures, and associated technical implementation standards; researches, designs, analyzes, develops and enhances new and highly complex infrastructure projects in support of agency information systems; participates in the design and configures infrastructure systems that optimize information access capabilities and ensure the security and integrity of these systems; provides consulting in a technology area, such as IT Security, Network Architecture (including LAN/WAN design), Platform Architecture (including mainframe and desktop hardware and software selection), Middleware Architecture (including messaging and Physical Data Architecture); acts as a consultant to management and individual employees regarding area of expertise including technical leadership and consultation in the areas of architecture and application design, systems programming, system integration, and/or database management or the analysis and development of highly complex technologies affecting multiple infrastructure areas; serves as Subject Matter Expert on various IT project teams; researches and analyzes technology trends and assists in the development of infrastructure technology strategy and standards; troubleshoots existing infrastructure systems to identify errors or deficiencies; recommends and implements software, hardware and configuration changes to improve system performance; participates in defining architecture and technology standards to optimize system performance and integrity; participates in long-term infrastructure technology strategy development and planning; recommends new tools, technologies, and platforms to be implemented; assists in the development of a comprehensive disaster recovery plan; provides technical leadership; provides assistance with escalated Tier III support issues; works on multiple projects including complex integration efforts and transitioning applications to new technologies; defines and develops the project scope of multiple complex projects; makes recommendations towards buy versus build decisions surrounding applications; designs component architectures, making use of multiple tiers to provide insulation to changes from application interfaces and databases; participates in the evaluation and selection process for application packages to meet solutions; recommends testing tools, middleware, and database management systems; document changes to architecture and conversion plans; develops and maintains system and application architecture diagrams; assists in organization wide data modeling and database design; participates in the definition of data architecture standards, policies and procedures for the organization structure, attributes and nomenclature of data elements; assists in the design and construction of data architectures, operational data stores, and data marts; performs related duties as required.

KNOWLEDGE, SKILL AND ABILITY

Considerable knowledge of current methods of information systems analysis, design and development; considerable knowledge of principles, practices and techniques of information technology; considerable knowledge of applications systems development principles, techniques and development; considerable knowledge of principles and techniques of computer programming and languages; considerable knowledge of principles and theories of business planning functions; considerable knowledge of project management principles and techniques; considerable knowledge of principles and techniques of systems analysis and design; considerable knowledge of computer operating systems and databases; considerable knowledge of business re-engineering process; considerable knowledge of principles of data modeling and related tools; considerable knowledge of distributed systems architecture, network, middleware and object oriented analysis; considerable interpersonal skills; considerable oral and written communication skills; considerable analytical and problem solving skills; considerable ability to develop and implement system security and disaster recovery plans; considerable ability to identify, analyze and resolve highly complex business and technical problems; considerable ability to conduct highly complex detailed analysis and design of major computer systems and networks; considerable ability to develop reports, manuals and documentation.

MINIMUM QUALIFICATIONS - GENERAL EXPERIENCE

Nine (9) years of experience in infrastructure systems support, programming, database administration, systems/software development, networking or technical support.

MINIMUM QUALIFICATIONS - SPECIAL EXPERIENCE

Two (2) years of the General Experience must have been performing advanced technical level duties or as a working supervisor in such areas as: designing, configuring and implementing complex networks; configuring, installing and upgrading host based applications packages and host and/or operating system software; system software/application development, performing any closely related advanced technical function. 
NOTE: For state employees this is interpreted at the level of Information Technology Analyst 3.

MINIMUM QUALIFICATIONS - SUBSTITUTIONS ALLOWED

1. College training in management information systems, computer science or information technology related area may be substituted for the General Experience on the basis of fifteen (15) semester hours equaling six (6) months of experience to a maximum of four (4) years for a Bachelor's degree.
2. A Master's degree in management information systems, computer science or electrical engineering may be substituted for one (1) additional year of the General Experience.

PREFERRED QUALIFICATIONS

  • Experience with Health and Human Services (HHS), National Institute Standards and Technology (NIST), Health Insurance Portability and Accountability (HIPAA)
  • Experience with Social Security Administration (SSA) and Payment Card Industry (PCI) and Application Vulnerability/Compliance Scanning (CJTS)
  • Experience with CISSP (Certified Information Systems Security Professional) credentials
  • Experience with Access Control principles; Software Development Security; Information Security Governance and Risk Management
  • Experience with Operations Security Redundancy and fault tolerance
  • Experience with Physical (Environmental) Security; Architecture and Design
  • Experience with Telecommunications and Network Security

Conclusion

AN AFFIRMATIVE ACTION/EQUAL OPPORTUNITY EMPLOYER

The State of Connecticut is an equal opportunity/affirmative action employer and strongly encourages the applications of women, minorities, and persons with disabilities.

#INDHP







The State of Connecticut is an Affirmative Action/Equal Opportunity Employer and strongly encourages the application of women, minorities and persons with disabilities.