NCDIT - Policy Manager

VTECH Solution
Raleigh / durham / CH, NC
05 Oct 2024

Vacancy expired!

Short Description:The Technical Specialist is a senior level resource with specialized knowledge and experience in a specific technology.

Complete Description:Candidate is allowed to work remotely, HOWEVER, the candidate needs to be prepared to come onsite regularly at short notice for in office sessions when needed.The candidate will need to come onsite the first day.

Primary Purpose of the PositionThe Policy Manager is charged with providing a sustainable policy program and taxonomy for technology policy, standards, and procedures for the Department of Information Technology. The position ensures policies and procedures align with broader state policy and governing law and reflect best practices for mature IT governance.

The position provides highly technical policy analysis and advice to the Chief Deputy State Information Officer (DCIO) and the Secretary & State Chief Information Officer for Information Technology (SCIO), as well as interpretation to DIT staff and other constituents.

The Policy Manager develops policy documents to support compliance with HIPAA, FERPA, NCID, GDPR, FISMA, CMMC, and other frameworks, statutes, and regulations. This position works most closely with those in the Enterprise Security & Risk Management Office, Internal Audit, and the General Counsel.

The person in this position is expected to maintain a high-level knowledge of legislative initiatives and regulatory practices, including in those areas of privacy and security, in order to craft and maintain policies that reduce institutional, financial, reputational, and technology risk.

Duties and Responsibilities• Create and maintain processes for policy management covering technology and data for DIT.o Establish appropriate documented processes to create and revise policies, standards, and procedures.o Coordinate policy process with DIT-level policy processes, participating on DIT policy workgroups or committees as needed.o Ensure a defined and documented lifecycle for policy review and updating. • Create and modify policy as needed to adhere to compliance regulations governing DIT technology and data o Architect policy in collaboration with subject matter experts, senior leadership, and representatives of the user communityo Identify policy gaps, particularly governing the use of technology and data, to ensure DIT compliance with governing standards as well as contractual and legal requirementso Properly champion and gain feedback on proposed changes in policies made by DIT and related content.o Ensure that those affected by policy decisions have a voice during the policy development process.o Prioritize policy development and revision processes based on risk and on the priorities of key stakeholders.o Provide detailed background information to the CIO and DCIO in order to guide policy decisions to support the mission of the DIT and of DIT, and to protect the interests of the state• Define and create a repository for DIT policies.• Interpret policy with relation to information technology contracts, internal procedures, terms of service, memoranda of understanding and other documents and modify said materials to modify existing procedures to document these new use cases of policy

Competencies/Skills• Technical Knowledge and Leadership - Ability to understand complex technology issues as they relate to federal, state and local legal statutes to anticipate the consequences of strategies and communicate the impact of pursuit of such strategies both near and long term. Ability to effectively collaborate with, and gain respect of, stakeholders at all levels.• Planning and Organizing - Ability to propose, develop, and maintain policies and procedures to a high standard of auditability. • Strategic Development and Program Leadership - Ability to develop cooperative agreements with appropriate constituents. Ability to explain complicated regulatory issues and policies to all levels and rank.• An ability to understand policy from all aspects and then be able to convey those aspects to those in various fields is a requirement for success in this highly diverse state environment.

Essential Qualifications• Bachelor's degree in Computer or Information Science, Computer Information Systems, Computer Engineering, or other related technical degree from an appropriately accredited institution and four years progressive experience in the field of information technology; or equivalent combination of higher education and directly-related experience.• Five or more years of experience in technology management or similar decision-making position strongly impacted by technology and data-related policies.• Proven ability to meet deadlines and generate high quality products.• Proven track record drafting and negotiating effective policies, standards, procedures and guidelines• Experience working in a highly regulated, monitored and audited environment.

Preferred Qualifications• Ten or more years of experience in technology management or similar decision maker position where one is a major consumer of technology and data related policies.• Proven record of managing audits or portions of audits related to policy.• Working knowledge and experience monitoring state and federal laws, regulations and best practices related to information technology, information security, and privacy. Skills:

Skill

Required / Desired Amount of Experience

Experience developing cooperative agreements with appropriate constituents.

Required 5 Years Experience proposing, developing, and maintaining policies and procedures to a high standard of auditability. Required 5 Years Experience explaining complicated regulatory issues and policies to all levels and rank. Required 5 Years Experience understanding policy from all aspects and then be able to convey those aspects Required 5 Years Experience understanding policy from all aspects and then be able to convey this to those in various fields. Required 5 Years Experience effectively collaborating with, and gain respect of, stakeholders at all levels. Required 5 Years Proven track record drafting and negotiating effective policies, standards, procedures and guidelines Required 5 Years Experience working in a highly regulated, monitored and audited environment. Required 10 Years Proven record of managing audits or portions of audits related to policy. Highly desired 10 Years Experience monitoring state and federal laws, regulations and best practices related to information technology, information security and privacy Highly desired 1 Years
  • ID: #20675789
  • State: North Carolina Raleigh / durham / CH 27601 Raleigh / durham / CH USA
  • City: Raleigh / durham / CH
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2021-10-05
  • Deadline: 2021-12-02
  • Category: Security