Information Security Officer - Information Technology Services
Job Description
JOB DESCRIPTION
BASIC FUNCTION:
Under the direction of a designated administrator, the Information Security Officer develops and implements procedures, policies, strategies, and standards in the management of the College's IT security program and controls. Assesses and recommends strategies to address IT-related risks, threats, and other identified operational deficiencies; develops, coordinates, and leads incident response activities; develops campus-wide IT security plans; monitors systems and ensures compliance with relevant regulatory requirements and standards; and fosters an IT compliance-focused campus culture through end-user education programs. Supervises assigned staff and/or teams.
REPRESENTATIVE DUTIES:
Collaborates with the College's academic and administrative units and relevant ITS support teams to facilitate IT risk assessments. Implements risk management processes and best practices. Identifies location, type, sensitivity, ownership, and access requirements for data being used by the College. Establishes controls and standards in consultation with supervisor, division/department personnel, and other key constituencies as appropriate.
Monitors the external IT environment for emerging threats. Effectively configures and utilizes available systems, alerts, and other sources of information to identify and address security threats and events. Advises supervisor on appropriate course of action. Documents risk analysis of security threats for management review.
Researches, evaluates, and recommends appropriate IT security systems, technology, controls, and solutions (e.g., firewalls, intrusion detection/prevention, and vulnerability scanners.) Provides detailed pros and cons, build vs. buy analyses of options. Ensures plans and designs consider security controls, performance, confidentiality, scalability, access, cost, etc.
Oversees the implementation of security testing projects and other system plans. Validates project adherence to District policies and standards. Ensures regulatory compliance through thorough testing, assessment, and remediation prior to full implementation.
Develops, implements, and manages College-wide IT security incident response processes and procedures. Leads the investigation, coordination, resolution, and closure on security incidents as they are escalated or identified. Generates fact-based reports. Documents incident response processes/protocols and updates as needed.
Develops, implements, and maintains a College-wide IT security plan and obtains plan sign-off from key stakeholders and constituencies, as appropriate. Executes a plan that ensures the integrity and confidentiality of information residing in College workstations, servers, mobile devices, and related computer peripherals.
Maintains an in-depth technical documentation repository of College systems, networks, and core applications.
Leads the planning, testing, and tracking of periodic, College-wide IT security audits. Identifies security gaps and deficiencies through risk assessments and recommends corrective action of identified vulnerabilities and weaknesses. Ensures requisite compliance monitoring is in place to expeditiously identify control weaknesses, compliance breaches, misuse trends, and/or operational loss events.
Serves as a subject matter expert on District strategies for information security processes. Ensures implemented processes align to regulatory Federal, State, and industry requirements and District policies.
Leads the review and formal approval process for policy and procedural updates to meet or exceed industry standards, compliance requirements, and end-user expectations.
Develops, implements, and manages a College-wide IT security awareness and training program that fosters a risk and compliance-focused culture. Ensures training programs align information security activities with regulatory requirements and internal risk management policies. Provides regular guidance, resources, and advocacy on current best practices for information security.
Assists with the development and implementation of business continuity and disaster recovery plans to ensure comprehensive information security and mitigation of risks. Assesses and manages the adequacy of mitigation and remediation plans of known cyber security vulnerabilities and threats.
Serves as a contributing member of the ITS management team in the development, prioritizing, budgeting, and planning of IT security strategies and related initiatives.
Ensures information security risks, recommendations, and mitigation technologies are identified, articulated, and communicated through the District's governance process. Develops and communicates current IT security posture status, IT security strategies, and progress on IT security initiatives to key organizational units, executive management, and the College Board of Trustees, as needed.
Establishes and maintains appropriate network of professional contacts. Collaborates with other colleges and universities to share information or resources, as appropriate. Develops and manages partnerships with IT security vendors and consultants.
Maintains awareness and knowledge of current changes and best practices within legal, regulatory, and technology environments which may affect the security of IT systems, networks, and overall operations. Ensures supervisor and staff are informed of any changes and updates in a timely manner. Attends conferences and trainings as required to maintain IT security management proficiency.
Serves on IT security-related college committees as appropriate.
Performs other related duties as assigned or requested.
JOB QUALIFICATIONS
Education and Experience:
Bachelor's degree in an IT related field.
Five (5) years of experience in IT networks, systems, or security-related positions.
OTHER QUALIFICATIONS:
Licenses or Other Certifications:
CISSP (Certified Information System Security Professional) desirable, but not required.
CISM (Certified Information Security Manager issued by ISACA) desirable, but not required.
CISA (Certified Information Security Auditor issued by ISACA) desirable, but not required.
Valid California driver's license.
Knowledge/Areas of Expertise:
Knowledge of IT environment in higher education or other public/government agency.
Knowledge of information security, governance, risk and compliance practices and standards.
Knowledge of relevant laws/regulations (e.g., FERPA, HIPAA, GLB Act, Sarbanes-Oxley.)
Knowledge of IT risk and control frameworks (e.g., CoBIT, ISO, NIST, ITIL, PCI.)
Knowledge of information security regulatory requirements and standards.
Knowledge of effective IT security systems, network architectures, concepts, techniques, tools.
Knowledge of IT security management industry best practices and standards.
Experience with development of educational programs in the area of security awareness.
Experience with institution-wide networks, systems, and applications.
Experienced in developing and implementing IT security policies and procedures.
Experienced in IT security auditing and monitoring.
Experienced in managing network and system security components (e.g., firewalls, intrusion detection/prevention systems.)
Abilities/Skills:
Ability to identify, prioritize, and communicate impact of IT security risks and exposures.
Ability to maintain compliance with applicable IT security-related laws and regulations.
Skilled at organizing and communicating status on IT security strategies and projects.
Skilled at developing and testing business continuity and disaster recovery plans.
Skilled at analyzing, planning, and organizing.
WORKING CONDITIONS:
May be required to drive to offsite locations; must have reliable transportation.
Extensive computer work.
Use of hands, wrists, and fingers to operate various machines and equipment.
Extensive interaction with a variety of individuals.
Movement from one work area to another.
CLOSING DATE: OPEN UNTIL FILLED
SALARY: Starting salary is $135,867 annually. Generally, new employees start at the first step on the salary schedule. Advanced salary placement may be considered on a case-by-case basis. Salary increases are granted on the first day of the month following each year of service, until Step 6 is reached ($157,517 annually). Employees contribute 8% of their earnings toward the Public Employees Retirement System (PERS).
CONDITIONS OF EMPLOYMENT
This is a full-time, twelve-month classified administrator position subject to a probationary period. The standard work week is 40 hours of scheduled duty per week of not more than five consecutive work days. During the winter recess, all management positions are required to charge three (3) days of accrued vacation between the Christmas and New Year holidays. Excellent fringe benefits include eight 32-hour workweeks during the summer.
Offer and acceptance of employment is subject to verification of all information provided on the employment application, credential(s), and transcripts. Candidates selected for employment must agree to be fingerprinted, submit Certificate of Completion of the Tuberculosis Risk Assessment and/or Examination, provide proof of eligibility for employment in the United States, and present a valid Social Security card upon hire.
INTERVIEW EXPENSES
Only individuals identified for FINAL interviews are eligible to have their expenses paid. Reimbursement will be limited to economy airfare (to and from point of origin) and for meals and lodging. The maximum allocated for meals, lodging and transportation is $600. Candidate must complete a Travel Request and Reimbursement Form and submit it together with all supporting documentation to the Human Resources Department.
BENEFIT HIGHLIGHTS
Health, Life, Dental and Vision Insurance
The College provides a diversified insured benefit program for all full-time employees, including medical, dental, vision and life insurance. Dependent medical, dental and vision insurance is available, toward which both the College and the employee contribute.
Sick Leave and Disability
Paid sick leave is granted equal to one day for each month of service. Sick leave may be accumulated indefinitely. Rather than State Disability Insurance, limited sick leave benefits are available for days beyond the earned sick leave days and are paid at 50 percent.
Retirement
Full-time employees contribute a percentage of their regular salary to either the State Teachers Retirement System (STRS) or to the Public Employees Retirement System (PERS) and Social Security. Previous employment performed in a different public retirement system may allow eligibility to continue in the same retirement system.
Summer Work Hours
During the summer, employees work eight 32-hour work weeks with full pay.
TO APPLY
An applicant must submit the following by the closing date:
1. Online application: http://www.elcamino.edu/jobs
2. Cover letter describing how applicant meets the qualifications.
3. Resume including educational background, professional experience, and related personal development and accomplishments.
4. Pertinent transcripts as stated in the required qualifications. (Unofficial computer-generated academic records/transcripts must include the name of the institution and degrees awarded to be acceptable.) Multiple page transcripts must be loaded as ONE PDF document.
Foreign Transcripts: Transcripts issued outside the United States of America require a course-by-course analysis with an equivalency statement from a certified transcript evaluation service verifying the degree equivalency to that of an accredited institution within the USA. For information on transcript evaluation services, please visit: http://www.ctc.ca.gov/credentials/leaflets/cl635.pdf.
ADA ACCOMMODATIONS
Applicants with disabilities requiring special accommodations must contact the ADA Compliance Officer at least five (5) working days prior to the final filing date: ADA Job Applicant Accommodation Request (maxient.com)
IMPORTANT NOTE: Documents submitted or uploaded for a previous position cannot be reused for other positions. You must submit the required documents for each position you apply for by the closing date. Failure to do so will result in an incomplete application. Applications with an incomplete status will not receive consideration. You may check the status of your application online.
If you need assistance you may call 310-660-3593 Ext. 3807 between the hours of 8:00 a.m. and 4:00 p.m., Monday through Friday or by email at hr@elcamino.edu.
Due to the large volume of calls received on closing dates, we highly recommend that you do not wait until the last day to apply so that we may assist you with questions or technical matters that may arise. Give yourself sufficient time to complete the profile, which may take 45 minutes or more. Positions close promptly at 3:00 p.m. PST (pacific standard time).
JEANNE CLERY ACT COMPLIANT
In accordance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, El Camino College has published an Annual Security Report and all required statistical data. This publications includes Clery crime statistics for the previous three years relevant to El Camino College classes and activities, in addition to institutional policies concerning campus safety and security. The information is also available in printed form in the lobby of the Police Department and in select locations on campus. Upon request, the Campus Police Department can provide or mail out copies of this publication. Contact them at 310-660-3100.
EL CAMINO COLLEGE IS AN EQUAL OPPORTUNITY EMPLOYER
The El Camino Community College District is committed to providing an educational and employment environment in which no person is subjected to discrimination on the basis of actual or perceived race, color, ancestry, national origin, religion, creed, age (over 40), disability (mental or physical), sex, gender (including pregnancy and childbirth), sexual orientation, gender identity, gender expression, medical condition, genetic information, marital status, military and veteran status, or retaliation; or on any other basis as required by state and federal law.
*Please mention you saw this ad on CaliforniaCareers.*