IT Security Analyst – Richmond, VA




The IT Security Analyst is a member of the Audit and Consulting Team. The chief objective of this position is to ensure a secure computing environment that will safeguard assets, maintain data integrity and operate effectively to achieve the VCCS’s goals.


The IT Security Analyst’s primary responsibilities include:

  • Perform Information Systems Internal Control risk analysis
  • Assess and determine effectiveness of system security controls
  • Assess current and evolving information security threats
  • Assess user and administrator compliance to protect VCCS information systems
  • Evaluate cyber security throughout the VCCS and its member colleges against VCCS information security policies and standards
  • Review the operations and technical configurations of system implementation
  • Assess the adequacy and effectiveness of security and business continuity/disaster plans
  • Develop and maintain a framework to monitor IT environments
  • Communicate results of audits to management and identify methods of improvement for organizational effectiveness and efficiency.
  • Act as a liaison with the CIO, CISO and IT community, and actively participate in all IT Tech Council meetings and key initiatives.




  • Bachelor’s or Master’s degree in information systems or computer science; or a four-year degree with a minor in information systems or computer science; and experience in supporting the development and implementation of large scale, complex, commercial off-the-shelf software systems. Applicants with extensive related experience and post- secondary course work in information systems may also be considered.
  • Possession of CISA, CISSP, LPT, CEH, ECSA, CEPT or related certification
  • Knowledgeable of current trends and developments in cyber and information security
  • Technical knowledge of information technology infrastructures, network operating environments and applications
  • Knowledge of system development and information security management programs, best practices, and standards
  • Thorough understanding of internal controls for information systems
  • Understanding of an organizations risk management plan
  • Strong communication and presentation skills
  • Ability to travel within the Commonwealth as needed (ideally not more than 50% travel, but negotiable depending on tools available and e-communication capabilities)


If you are interested or know someone that may be interested, please call me at 404-551-5098 or email me at Relocation assistance is available.