Director of Information Technology Security

Position Title: Director of Information Technology Security
Department: Information Technology (INT)
Division: Information Technology (INT)
Employee Status: Full-time
Type: Administration (ADM)
Grade: Q
Salary: ($89,129 - $95,224 annually)
FLSA: Exempt
*Application Deadline September 8th*
_________________________________________________
Reporting Relationships
Reports to: Executive Director of Information Technology
Supervision Exercised: May exercise supervision of exempt, non-exempt, student workers and interns

Job Summary
The Director of Information Technology Security is responsible in building and managing comprehensive IT security, privacy, risk assessment, audit and compliance strategies and programs that support compliance with legal and business requirements. This position reports directly to the Executive Director of IT. Additionally, this position will ensure that all information assets on RVC’s college premises and in the cloud are adequately protected from threats and risks.

Essential Duties and Responsibilities include the following. Related duties may be assigned.
1. Responsible for developing and managing policies and procedures relating to information system security, cloud vendors, privacy, IT risk assessment, auditing and IT compliance.
2. Coordinate the implementation of physical and logical security for institutional systems, servers, computers, IoT devices, network and cloud applications.
3. Serve as the security representative on college-wide projects, advising on data protection, risk mitigation, and regulatory implications.
4. Conduct periodic vulnerability assessments, network assessments and audit of IT infrastructure.
5. Lead the development and refinement of IT incident response procedures and coordinate the institution’s response to security breaches, including investigations and communications with legal or disciplinary bodies disciplinary and legal matters associated with those breaches of security.
6. Provide training and guidance to campus community regarding security best practices, including password management, phishing awareness, and data protection.
7. Oversee implementing and maintaining security tools and technologies, such as intrusion detection systems, SIEM, firewalls, Antivirus software and other endpoint protection solutions.
8. Monitor emerging security threats and vulnerabilities and recommend appropriate countermeasures.
9. Develop and execute social engineering and phishing simulation tests to assess and enhance the awareness of employees and students.
10. Create and maintain cybersecurity documentation, including standards, procedures, and guidelines, to ensure consistent and effective security practices
11. Conduct ongoing research on the latest security best practices, providing insights and recommendations to enhance the organization's security posture.
12. Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
13. Performs other duties as assigned.

Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Minimum Qualifications
1. Bachelor's degree in CIS, IS, IT or other related technical discipline.
2. A minimum of five years of relevant experience within information technology security.
3. Excellent knowledge of cloud-based technologies, Active Directory, networking architecture, multi-factor authentication (MFA), and remote access.
4. Expert knowledge of network security technologies including. Network and web application firewalls, Email and SPAM filters, authentication mechanisms, Virtual Private Network (VPN), intrusion detection and prevention systems, and server hardening.
5. Experience establishing & maintaining relationships with individuals at all levels of the organization, in the business community & with vendors.
6. CompTIA Security+ Certification

Preferred Qualifications
1. Security Certifications: CISSP, CISM, CISA are highly desirable
2. Higher education experience
3. Master’s degree in CIS, IS, IT or other related technical discipline.
4. Knowledge and experience managing projects

Work Environment
While performing the duties of this job, the employee regularly works in an office setting.

Physical Demands
Physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:

While performing the duties of this job, the employee is regularly required to use hands and fingers to handle, feel, or operate objects, tools, or controls and reach with hands and arms. The employee is frequently required to stand, talk, and hear.