Director of Information Security

Viewed 0 times

Job Description

Priority consideration date has been extended to 5:00 pm on Friday, June 7, 2024.

The mission of Pierce College is to create quality educational opportunities for a diverse community of learners to thrive in an evolving world.

Recognized by the Aspen Institute as one of the Top 10 community colleges in the nation (2021), Pierce College is an innovative, mission-driven, data-informed, and equity-minded community college dedicated to helping all students achieve their academic and professional goals, with a focus on racial and social equity and justice.

Reporting to the Vice President of Information Technology and Infrastructure of the Pierce College District, the Director of Information Security will promote a culture of security throughout the District with a clear focus on delivering security measures, tools, and technologies in order to combat and mitigate cyber risks.  This work includes developing and implementing enterprise-wide security capabilities; analyzing and forecasting threats to information security; researching applicable information security laws; developing security policies, procedures, standards and response plans to ensure College compliance with local, state, and federal laws; and providing training and education on safeguarding institutional information.

The Director of Information Security is also responsible for conducting risk analysis and assessments, supporting secure handling, retention, and destruction of both digital and physical data; and coordinating day-to day incident monitoring, response, and reporting activities designed to protect enterprise systems, assets, and employees.

Additionally, this position actively leads, supports, and engages in Pierce College’s goals for equity and inclusion in order to create and maintain a workplace that supports and respects accessibility, equity, inclusion, and diversity. This position requires regular and consistent attendance.

About the District:

The college enjoys a strong presence in the community and participates in numerous partnerships with business, community, government, and educational organizations.

Pierce College at Fort Steilacoom:

Located on a beautiful 140-acre site adjacent to a 340-acre community, recreational park, and Waughop Lake. Want a feel for our District, take a peek with aerial campus views!

Pierce College at Puyallup:

Located on an expansive site with 125-acres of wooded land including modern facilities and beautiful hideaways.

Pierce College at JBLM:

Located at the Joint Base Lewis-McChord military sites, serving many of our military and active-duty families serving our country.

Essential Functions:

The Director of Information Security will be responsible for the following, but not limited to:

Compliance:

  • Ensures that access to systems, storage of college data, and individual technology use comply with college data privacy requirements and the requirements of the information security policies and standards published by the Washington State, Office of the Chief Information Officer (OCIO) and other state agencies.
  • Prepares for and coordinates college and IT (Information Technology) responses for official state information security audit, including the annual review and reporting process.
  • Work with college data governance stewards to meet Washington Privacy Act and GDPR data privacy expectations; work includes researching and developing strategic recommendations for the college based on regulatory expectations.
  • Coordinates with the Finance department to plan, implement, and audit all college networks subject to PCI compliance; responds to PCI documentation/compliance audit.
  • Ensures compliance with OCIO Data Security Standards, including PII, PCI, and physical and data security.
  • Works with IT to establish, monitor, and enforce information security rules and procedures, instigating, and managing adherence to security requirements set forth by federal, state, and local laws, college policies and procedures.
  • Conducts hands-on technical security audit of the college networks, information systems, user devices and related technology resources to support data security management and to ensure compliance with regulatory policies and security standards.

Risk:

  • Works with IT leadership and emergency preparedness to design, implement, and manage a structured disaster recovery plan for responding to unplanned incidents and threats to the information technology infrastructure and systems of the District considering hardware and software, networks, procedures, and people. Regularly tests plan capabilities to ensure effectiveness.
  • Oversees, manages, and implements the assessment and documentation of risk to the reliability, integrity and availability of protected college data that is shared with non-college vendors and entities outside of the college network and systems; uses Data Sharing Agreements (DSA) or Confidentiality and Non-Disclosure Agreement (NDA), as well as other supporting documents.
  • Develops, implements, and performs risk assessments on the technology environment that will identify security risks and mitigations taken to reduce and/or eliminate risk.

Information Security Program Management:

  • Develops, maintains and reviews college information security policies, procedures, and standard operating procedures (SOPs) which comprise the information security program.
  • Ensures a collaborative and communicative environment with the Information Technology security team to plan and support the district infrastructure.
  • Makes security policy interpretations and makes or recommends decisions as appropriate.
  • Grants and documents exceptions with cause.
  • Reviews and recommends policy and procedure changes to ensure college alignment with compliance requirements while ensuring equitable access and abilities of both students and employees within the technology environment.
  • Maintains written records and archives pertaining to the college information security program.
  • Ensures all issues related to information security are represented and addressed in IT work plans.

Training and Technical Support:

  • As needed, administers security permissions for approved access to systems, troubleshoots authentication and authorization issues.
  • Collaborates with Information Technology teams to provide system administrative support, management and troubleshooting for college information system resources and other mission-critical infrastructure-related systems.
  • Assists and advises college technical personnel in the provision, support and management of secure authorization and authentication processes providing access to college systems.
  • Helps troubleshoot and resolve complex computing problems related to information security.
  • Develops, culminates, and delivers both online and in-person training materials and schedules to keep the college community security focused and aware regarding college policies, procedures, standards, best practices, and individual rights and responsibilities.
  • Consults with and advises campus users regarding information security.

Records and Investigations:

  • Provides oversight and guidance regarding digital forensics investigations, vulnerability management, controls selection and implementation, and information systems auditing and evaluation.
  • Conducts or assists with conducting technical and records investigations in response to civil litigation, criminal and ethics investigations, and provides supervisory oversight as directed by supervisor or other campus authority.
  • Works closely with the college Records Officer and other authorized administrators in response to requests for the public disclosure of electronic college records related to data storage, computing system usage, and e-mail history.
  • Works with the Records Officer to interpret State records retention schedules as related to Higher Education and implements record retention policies and best practices on both digital and physical record systems.
  • Coordinates information security matters with external entities, such as the college public safety office, the Title IX office, state auditor’s office and state ethics board.

College Governance:

  • Represents information security and IT interests in various standing campus-level and state-level committees, including Statewide Information Technology Security Council; Technology Council; Risk Management Committee; and Data Governance Committee.
  • Other duties as assigned.

 Qualifications:

Education and Experience Required:

Bachelor’s degree from an accredited college or university in Information Technology, Information Management, Information Security or related field.

Minimum three (3) years of experience with information security technologies and technical processes in the areas of security incident prevention, evaluation, detection, resolution and remediation.

OR

In lieu of a bachelor’s degree: minimum of three (3) years background, education and experience in information systems with a focus on security management.

Minimum three (3) years of experience with information security technologies and technical processes in the areas of security incident prevention, evaluation, detection, resolution and remediation.

Required Competencies:

  • Knowledge of technical and security issues regarding local and wide area networks, e-mail systems, virus scanning, continuity of operations, and audit best practices.
  • A technical understanding of application development practices, systems administration and networking, and current trends in information security and risk analysis.
  • Capable of composing written materials concisely, including policies, procedures, SOPs, and correspondence, all of which clearly articulate complex compliance requirements to both technical and non-technical audiences.
  • Analytical skills demonstrating the ability to define, collect and analyze data, establish facts, draw valid conclusions, and make fact-based decisions.
  • Ability to identify key security issues quickly and the capacity to collaboratively develop effective strategic solutions that are feasible for the campus, while maintaining the integrity of the college’s core mission and values.
  • A commitment to establishing and maintaining a strong information security environment at the college, while preserving and supporting the primary, service-oriented functions of ITS and the college.
  • Proficient at working collaboratively with the disparate needs, skill levels and expectations of campus units and technology users outside ITS; can make timely and informed decisions when working towards goal/task completion.
  • Ability to communicate effectively and comfortably with individuals, and in any group, at all levels in the organization, including executive management; ability to effectively exchange messages in a variety of contexts using multiple methods.
  • Ability to work successfully with a diverse group of staff, managers and administrators having primary responsibility for hands-on management of information security within the ITS units.
  • Demonstrates responsible personal and professional conduct, which contributes to the overall mission and goals; accepts personal responsibility for the quality and timeliness of work; earns, trust, respect and confidence from the College community.

 Application Process:

To be considered for this position, applicants must:

Meet the required qualifications as outlined in this announcement.

Complete the online application profile and apply for the specific job opening at: https://www.pierce.ctc.edu/hr

Upload (attach) a cover letter that addresses how you meet the required qualifications as outlined in this announcement. (Cover Letter)

Upload (attach) detailed résumé of all educational and professional experience.(Résumé)

Transcripts are not required in order to apply for this position; however, if you are selected for an interview, you will be asked to submit copies of unofficial transcripts showing completion of the required level of education. Please upload current copies of your transcripts, if available. Unofficial copies of all college and university transcripts must include degree received and conferral date. International transcripts must include a foreign transcript evaluation. For a list of approved credential evaluation services visit: https://www.naces.org/members (Unofficial transcripts acceptable for application process; official transcripts required upon hire). (Transcripts)

Upload (attach) a list of at least three (3) professional references with names, telephone numbers, and e-mail addresses. One of which must be your current or most recent supervisor. Letters of recommendation will not be accepted. (References)

Provide a response to the following question. (Supplemental Question)

How does this position impact the College’s goal to support all students and to achieve racial and social equity in pursuit of mission?

Please limit your response to a maximum of 500 words.

Please Note:

To ensure consideration, application materials should be received no later than 5:00 p.m. on the closing date. Candidates who apply by 8:00 a.m. on Friday, April 19th will receive priority consideration.

All correspondence regarding your application status will be sent to the email address associated with your NeoEd account. Please make sure to check your spam folder periodically, in the case of an automated, incorrect delivery.

Terms of Employment:

This is a full-time administrative – exempt position. The primary work location will be at the Pierce College Fort Steilacoom campus. Frequent travel to Pierce College campuses or other sites may occur. Standard work hours are between 8:00 am to 5:00 pm, Monday through Friday, with occasional evening and weekend hours required.

Salary & Benefits:

The salary range for this position is $101,785 to $125,932 annually; new hires typically start at $106,026. Your paycheck is just part of the total compensation package. There is an outstanding benefits package which is worth an additional value equivalent to about 30% of your salary. A comprehensive health care benefits package for you and your dependents includes medical, dental and vision insurance. Life and long- term disability insurance plans; vacation, sick and personal leave; reduced tuition; and retirement benefits are also provided. For more information, please visit our Benefits and Leave website at: https://www.pierce.ctc.edu/hr- benefits.

Physical Work Environment:

This position works indoors in an office environment.

Reasonable Accommodation:

Applicants with disabilities who require assistance with the application and employment process will be accommodated to the extent reasonably possible. Requests should be made to the District Human Resources Office by calling 253-964-7342. Persons who are deaf or hard of hearing may dial 711 to place a call through Washington Relay, the state’s free telecommunication access service.

Screening & Interview Process:

Only those candidates who have complied with the application process and meet the required qualifications will be considered. Following the review of application materials, the most qualified candidates will be contacted for an interview. Check the email account you used for the application process for communication regarding the status of your application. Application materials submitted to Pierce College are the property of the College and will not be returned.

Conditions of Employment:

Pierce College is a “fully vaccinated campus” under the state’s higher education guidance, which means that COVID-19 vaccination is highly encouraged for all employees and students.

Prior to the start of employment, the finalist for this position will be subject to a criminal background check as a condition of employment. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant’s suitability and competence to perform in the position.

Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington State Law RCW 28B.112.080.

An offer of employment will not carry with it any responsibility or obligation on the part of the District to sponsor an H-1B visa. In compliance with the Immigration Reform and Control Act of 1986, proof of authorization to work in the United States will be required at the time of hire.

Pierce College has adopted a Drug Free Workplace policy. As a condition of employment, employees must agree to abide by the requirements established in that policy.

Equal Opportunity:

The Pierce College District is an equal opportunity employer. The Board of Trustees and Pierce College District are committed to providing equal opportunity and will not discriminate in terms and conditions of employment and personnel practices. Decisions are made without regard to race, color, national origin, age, perceived or actual physical or mental disability, pregnancy, genetic information, sex, sexual orientation, gender identity, marital status, creed, religion, honorably discharged veteran or military status, or use of a trained guide dog or service animal.

For more information about this position or assistance regarding your application, please contact the Human Resources office at: jobs@pierce.ctc.edu.

Questions regarding equal employment opportunities or discrimination may be directed to the following:

Sean Cooke
Title IX Coordinator
(253) 840-8472

Davi Kallman
ADACO / Section 504 Coordinator
(253) 912-3715

Deena Forsythe
Interim Vice President for Human Resources
(253) 964-6586

Paula Henson-Williams
District Affirmative Action Officer
(253) 864-3229

Job Summary

wave-1-bottom
Lakewood, Washington Location
Full Time Job Type

Similar Jobs

The largest community on the web to find and list jobs that aren't restricted by commutes or a specific location.