Salary: $92,300.00 - $175,400.00 Annually Location : Richland County, SC Job Type: FTE - Full-Time Job Number: 179250 Agency: Department of Administration Division: Division of Information Security Opening Date: 08/13/2025 Closing Date: 8/24/2025 11:59 PM Eastern Agency Specific Application Procedures:: All applicants must apply online. Class Code:: AF50 Position Number:: 61049747, 61049753, 61049563 Normal Work Schedule:: Monday - Friday (8:30 - 5:00) Pay Grade: GEN13 Hiring Range - Min.: $92,300.00 Hiring Range - Max.: $140,000.00 Opening Date: 08/13/2025 EEO Statement: Equal Opportunity Employer Veteran Preference Statement: South Carolina is making our Veterans a priority for employment in state agencies and institutions. Job Responsibilities Virtual Chief Information Security Officer The Department of Administration, Division of Information Security (bolthires) is seeking experienced Risk Management & Compliance Managers to fill Virtual Chief Information Security Officer positions that specialize in IT risk management. bolthires is responsible for a variety of statewide policies, standards, programs and services related to cybersecurity and information systems, including the statewide coordination of critical infrastructure information. You will function as a liaison within bolthires to assist assigned agencies with implementation and maintenance of information security programs with a key portion of the role dedicated to communicating security both at the division leadership level and throughout assigned agency operations to facilitate adoption of security best practices. If you are a forward-thinking security professional with an actionable mind set and want to make a difference, join bolthires in leading that charge. You will have the opportunity to impact decisions, implement security practices and standards that will protect our SC state government agencies. This position is onsite in Columbia, South Carolina. Job Responsibilities of the Virtual Chief Information Security Officer: • Partner and work collaboratively with assigned agency leadership and IT management to identify information security and compliance requirements. • Advise agency executive leadership and IT management on information security and privacy program requirements and direct the implementation of information security policies, processes, and procedures. • Complete regular intrusion detection and vulnerability reporting, audit group reviews, and coordination of all required fixes. • Assist with development of business metrics to measure the effectiveness of the security management program and increase the maturity of the program over time. • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. • Determine acceptable levels of risk for the agency and manage a risk and incident response system to reduce or eliminate identified vulnerabilities. • Ensure all agency information and system access is processed, stored, and controlled in accordance with applicable laws and contractual requirements. • Oversee the evaluation, selection, and implementation of information security solutions that are innovative, bolthires-effective, and minimally disruptive. • Develop and implement a strategic long-term information security strategy and road map, to ensure information assets are adequately protected, and the security management program complies with applicable laws, regulations, and contractual requirements. Minimum and Additional Requirements • A bachelor's degree in computer science or relate field and at least eight (8) years of experience in information security, four (4) of which are in a leadership role. • Relevant experience may be substituted for the bachelor's degree on a year-for-year basis. • Candidate must be eligible to obtain and retain a Secret or higher security clearance from appropriate federal authorities. Additional Requirements • Expert level knowledge of security administration for various operating systems and software. • Knowledge of security, privacy, risk, and control frameworks and standards such as NIST, CIS, CJIS, HIPAA, FERPA, PCI. • Expert analytical problem-solving skills and ability to develop project plans for information security systems. • Expert knowledge and understanding of information risk concepts and principles, and ability to relate business needs and security controls. • Expert ability to document and present security findings clearly and logically. • Ability to explain information security concepts to audiences outside the field and to executive-level staff. • Knowledge of South Carolina state government procedures and processes. • Knowledge of South Carolina state procurement and contracting principles. • Experience with contract and vendor negotiations. • Professional certifications such as CISSP, CISM, GIAC, CIPM, CIPP. • Employee may be required to work beyond the standard 37.5 hours/week including nights, weekends