Basic Function In this critical time for higher education, we are searching for a hands-on Director of Information Security capable of setting and implementing security strategy for Kern Community College District (KCCD). KCCD has a reputation for being fiscally sound and the cyber security team is recognized as one of the strongest higher education cyber programs in the state.
The Director of Information Security will be directly accountable to the CIO and will collaborate extensively with senior leadership. They will have a seat at the table at the highest levels in addition to setting standards and influencing positive change across the organization. In this critical role, you will create strategic partnerships with internal and external stakeholders and provide guidance related to significant cyber security threats, vulnerabilities, changes in policies and their organizational impact. As they continue to grow and expand further into the cloud, they will lead the technical program and the security team as they set the pace for security innovation for the remaining year and beyond.
Reporting to the Chief Information Officer, the Director of IT Security develops and implements procedures, policies, strategies and standards in the management of the district's IT Security program.
Key Accountabilities Relative to the district's IT Security, the Director of IT Security will be held accountable for the following:
Assessing risks, threats, technologies, architecture (25% of time)
Recommending improvement strategies for identified gaps (25%)
Developing, coordinating and leading Incident Response (5%)
Developing an IT Security Plan and Policies (5%)
Monitoring and compliance (15%)
Implementing an End-user education and awareness program (5%)
*This is the expected percentage of time required to perform each Key Accountability for this job. These percentages may vary over time dependent on the needs of the organization. Note, only 80% of the job's actual work time is used to assign time percentages. It is expected that 20% of the work time will be used for miscellaneous
Representative Duties 1. Work with KCCD academic and business units to facilitate IT risk assessment and risk management processes; this includes identifying location, type, sensitivity, ownership and access requirements for data being used by KCCD
2. Monitor the external threat environment for emerging threats and advise on appropriate course of action
3. Research, identify, coordinate and play key role in the implementation of appropriate IT security systems, technology and controls including firewalls, intrusion detection/prevention and vulnerability scanners.
4. Research and disseminate amongst District Office and campus IT personnel IT security best practices and resource information.
5. Develop, implement and manage district wide IT security incident response processes and procedures
6. Develop, implement and maintain a district wide IT security plan to ensure the integrity and confidentiality of information residing in KCCD workstations, servers, mobile devices and related computer peripherals
7. Develop, implement, maintain, disseminate and oversee enforcement of IT security related policies and procedures
8. Maintain an in-depth technical documentation repository of KCCD systems, networks and core applications
9. Coordinate, report on, document and act on results of periodic (annual) district wide IT security audits
10.Develop and implement strategies for complying with applicable Federal, State and other legal compliance requirements related to IT Security.
11.Develop, implement and manage a district wide IT security awareness and training program
12.Assist with the development and implementation of business continuity and disaster recovery plans
13.Participate as a member of KCCD's IT management team in the development, prioritizing, budgeting and planning of IT security strategies and related initiatives
14.Develop and communicate current IT security posture status, IT security strategies, and progress on IT security initiatives to key organizational units executive management and KCCD's Board of Trustees
15.Collaborate with other colleges and universities to share information or resources, as necessary, and to improve overall security of the higher education sector
16.Keep current with IT security industry research and best practices related to keeping an organization's IT systems and networks appropriately secure. This includes attending conferences and training as required to maintain IT security management proficiency
17.Develop and manage relationships with IT security vendors and consultants and recommend as appropriate solutions and partnerships that would benefit KCCD in its IT security efforts
18.Serve on and chair IT Security related District committees as appropriate
19.Perform other duties as assigned
Bachelor's degree in an IT related field.
Five years of experience in IT Networks, Systems or Security related positions.
Certifications such as CISSP (Certified Information System Security Professional), CISM (ISACA Certified Information Security Manager) or CISA (ISACA Certified Information Security Auditor) are preferred.
Knowledge and Abilities
Ability to identify, analyze, prioritize and communicate impact of IT security risks and exposures.
Understanding of effective IT security system and network architectures, concepts, techniques and tools.
Understanding and experience managing network and system security components such as firewalls and intrusion detection/prevention systems.
Experience in organizing, prioritizing, developing, implementing and communicating status on IT security strategies and projects.
Proficiency in IT security management, industry best practices and standards.
Experience developing and implementing IT security policies and procedures.
Experience in and knowledge of IT security auditing and monitoring.
Knowledge of and experience meeting applicable IT security related laws and regulations.
Ability to develop, learn and implement new concepts, technologies and methods.
Knowledge of and exposure in developing and testing business continuity and disaster recovery plans.
Exposure to the operation of institution wide networks, systems and applications.
Ability to follow-up and follow-through in a coordinating role across multiple constituencies to achieve tactical and strategic goals.
Excellent analytical, planning and organizational skills.
Agility in adapting to and thriving in a dynamic work environment including shifting of project objectives, deadlines, resources and priorities.
Ability to work effectively with administrators, faculty and staff.
Strong commitment to investing in professional development
Stability with strong, long term, family oriented, benefits with time off and flexibility
All nationally recognized holidays plus frequent time off as reflected in the academic calendar
Strong commitment to work/life balance
SALARY RANGE$ 120, 185.51 - $ 157,693.80 annually
First Review of Applications: Complete application packets will be accepted until the position is filled; but those received by November 19, 2021 are assured consideration. The College reserves the right to extend time limits or reinitiate the recruitment/selection process at any point.
Completed application packet must include:
Completed Online Application for Employment form
Letter of interest (Cover Letter)
Copy of legible transcripts, if applicable
List of five (5) professional references - Listed on application form
It is the applicant's responsibility to redact (or remove) any personal information from all documents prior to uploading. This includes Social Security Numbers, Date of Birth, and any photos of the applicant.
Foreign Degree: Applicants with foreign degrees from colleges or universities outside of the United States must have their coursework evaluated by a professional association that is a member of the National Association of Credential Evaluation Services (NACES) or Academic Credentials Evaluation Institute, INC. (ACEI). A copy of the evaluation must be submitted with your on-line application.
Applicants who require reasonable accommodation to participate in the selection process should contact Human Resources to make the necessary arrangements. EEO Plan 2021-2024
Note: The District is strongly committed to achieving staff diversity and the principles of equal employment opportunity. The District encourages a diverse pool of applicants and does not discriminate on the basis of national origin, religion, age, gender, gender identity, gender expression, race or ethnicity, color, medical condition, genetic information, ancestry, sexual orientation, marital status, physical or mental disability, pregnancy, or because he/she is perceived to have one or more of the foregoing characteristics, or based on association with a person or group with one or more of these actual or perceived characteristics or any other characteristic protected by federal, state or local law, in any of its policies, procedures or practices. Discrimination Free Work Environment The District does not provide sponsorship for authorization to work in the United States. Work authorization should be established at the time of application submission.