Job No. 154524
- Job Title:
- Chief Information Security Officer
- Employer:
-
Austin Community College District
- Location:
-
Austin , TX
- Posting Date:
- 03-Jan-2025
- Description:
-
Austin Community College is a public two-year institution that serves a multicultural population of approximately 41,000 credit students each Fall and Spring semester. We embrace our identity as a community college, as reflected in our mission statement. We promote student success and community development by providing affordable access, through traditional and distance learning modes, to higher education and workforce training, including appropriate applied baccalaureate degrees, in our service area.
As a community college committed to our mission, we seek to recruit and retain a workforce that:
Values intellectual curiosity and innovative teaching
Is attracted by the college's mission to promote equitable access to educational opportunities
Cares about student success and collaborates on strategies to facilitate success for populations including; first generation college students, low-income students, and students from underserved communities.
Focused on student academic achievement and postgraduate outcomes
Welcomes difference and models respectful interaction with others
Engages with the community both within and outside of ACC
Job Posting Title:
Chief Information Security Officer
Job Description Summary:
Reporting to the CIO, the Chief Information Security Officer (CISO) is a key role on the leadership team of the college’s IT department. This position is responsible for the security of the college’s data and information assets, including all student, financial and employee datasets. This role has purview over the operational day-to-day measures used to secure the college’s data, applications and infrastructure. This role also owns the strategic initiatives undertaken to continually enhance the college’s information security posture.
The CISO will be responsible and accountable for the successful implementation of well-defined security related projects, and the college’s operational practices related to information security.
Job Description:
Description of Duties and Tasks
Leading and successfully completing projects aimed at improving the college’s security posture with minimal supervision. Success means full scope of work completed on time, within budget and aligned with established acceptance criteria.
Building out and maintaining an information security team that is able to satisfy the cybersecurity needs of the college.
Mitigating risks associated with data breaches and data leaks.
Establishing, maintaining and continuously testing infrastructure aimed at operational recovery from outages related to cybersecurity incidents.
Continual testing of the college’s environment for security vulnerabilities.
Staying current on risks and trends in the world of cybersecurity and reporting on such to the college’s leadership team.
Providing overall day-to-day direction to a team of information security professionals and 3rd party providers.
Contributing to the development of the college’s technology roadmap.
Partnering with peers, both within and outside of the IT department to accomplish shared goals.
Defining goals for the teams reporting to the CISO based on the goals of the broader IT organization.
Ensuring team goals are met and work is successfully completed (teams are meeting established operational targets)
Defining the operating model for the information security team using the ITIL framework and ITSM tools.
Reporting data in various formats showing the performance of the information security team and making recommendations for changes/improvements as needed to enhance performance.
Providing leadership and coaching for InfoSec team members as needed.
Establishing and managing relationships with 3rd party product and service providers as needed to accomplish defined goals.
Acting as technical sponsor for all projects within your areas of responsibility.
Ensuring information security project requirements, scope, budgets and timelines are well-defined.
Ensuring security projects are well-managed and are being executed as per established expectations.
Administrative aspects of people management for the InfoSec team including, but not limited to absence approval, performance management, hiring and termination.
Managing the operating budget for the InfoSec team as well as budgets for cybersecurity related projects.
Establishing and/or maturing formal standards and practices in the following areas:
Identity & Access Management (IAM)
Secure data capture
Secure data storage, transfer and retrieval
Data security policy development, training and risk management
Other related duties as assigned.
Knowledge
Strong working knowledge of various data security frameworks, including NIST, ISO and SOC.
Working knowledge of a wide range of technologies and best practices in securing them, including working knowledge of key concepts in:
Database encryption
Integration security
Server security and patch management
Firewalls and network security
Application security
Mitigating common infrastructure vulnerabilities
Expert knowledge of the key concepts in user and identity access management.
Working knowledge of security governance risk and compliance (GRC).
Working knowledge of the concepts of data privacy regulations, including FERPA requirements or similar regulated data classifications.
Knowledge of best practices in security training and awareness.
Strong knowledge of tools and techniques for data security and data recovery.
Working knowledge of technology budget planning and budget management concepts is critical.
Knowledge of standard accounting practices.
Knowledge of formal PMI-based project management practices.
Knowledge of ITIL-based IT Service Management (ITSM) concepts.
Skills
Extremely strong people management skills are required
Demonstrated expertise in IT project planning, development and implementation. Must be able to own multiple initiatives as a project sponsor and see them through to completion.
Highly skilled at vulnerability assessment, testing and reporting.
Managing external partners in the completion of project work as well as outsourced operational work.
Strong business and financial acumen.
Demonstrated expertise is various aspects of data security including access management, data obfuscation and data breach avoidance.
Excellent analytical, conceptual thinking and strategic planning skills.
Influencing skill, including the ability to show the business value of technical initiatives or extrapolate conceptual technical solutions for business problems such that non-technical audiences can see that value.
Excellent presentation skills.
Must be a self-starter who can not only operate with minimal direction, but who can also bring new ideas to the table and successfully lead and complete approved initiatives with minimal supervision.
Maintaining an established work schedule.
Effectively using interpersonal and communications skills.
Effectively using organizational and planning skills with attention to detail and follow-through.
Maintaining confidentiality of work-related information and materials.
Establishing and maintaining effective working relationships, including the ability to coordinate the work of others.
Required Work Experience
Five years of experience in Information Security roles of progressively increasing responsibility.
Five years of related work experience leading a Cybersecurity organization.
Five years experience in a technology leadership role where both project and operational budgeting was a key component of the job.
Preferred Work Experience
Fifteen years of experience in IT roles of progressively increasing responsibility with at ten of those years being in information security.
Seven years of related work experience leading Cybersecurity teams.
Five years experience leading a security team in a highly regulated industry such as healthcare or finance.
Required Education
- Contact information:
- Austin Community College District
- Austin, TX 78752
- United States
- Employer's Website:
-
Visit Employer's website