Detailed Job Description
The Information Security Director is responsible for developing and leading a comprehensive information security management program for the college. Under the guidance of the CTO, the director works closely with senior administration, academic leaders, and the campus community and is an advocate for the Institution's comprehensive information security needs. The director leads the development and implementation of a security program that leverages collaborations and college-wide resources, facilitates information security governance, and advises senior leadership on security direction and resource investments. The director is responsible for developing appropriate policies to manage information security risk.
The director plays a critical role in addressing institutional issues related to information security policy and practice, data governance, risk assessment, and business continuity as well as the compliance requirements that span the institution as the result of regulatory frameworks such as PCI, HIPAA, FERPA, and identity theft prevention practices.
Bachelor's degree in computer science or related field required.
A minimum of seven (7) years of progressive experience in information technology including five (5) years of applicable information security expertise.
Broad knowledge of computer security issues, requirements, and trends. Knowledge of common information technology management frameworks, such as NIST, ISO, and COBIT.
Knowledge and understanding of relevant legal and regulatory requirements, such as FERPA, HIPAA, Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standards.
Strong interpersonal and communication skills. The ability to achieve goals through influence, collaboration and cooperation and communicate security and risk-related concepts to technical and nontechnical audiences.
Skilled in developing policy and procedure in a complex, and mission-oriented environment
Experience providing education and training programs on security policies and practices to a range of technical and non-technical constituents.
The ability to establish, implement, maintain, and modify computer and data security guidelines and procedures to achieve the compliance objectives of an organization in harmony with the principles of academic freedom.
The ability to evaluate security software products, oversee their installation and implementation, and interpret findings for practical use by law enforcement, legal counsel, and senior management as applicable.
Experience in evaluating and providing guidance on the information-security elements of software and hardware acquisitions, IT services, cloud-based solutions, mobility, and other present and emerging dimensions of IT solutions and services in a complex environment.
Demonstrated integrity and high standards of personal and professional conduct.
Master's Degree in Information Security preferred.
Relevant professional credentials such as the CISSP (Certified Information Systems Security Specialist) or CISO certification highly desirable.
Experience in higher education is preferred.
Special Instructions to Applicants
Resume and cover letter are required
As a condition of employment and in connection with your employment application process, Anne Arundel Community College shall conduct a background check on all candidates selected for employment. The information contained in such background reports shall be used for job relevant employment purposes. All offers of employment are contingent upon the favorable results of a background check screening
While we appreciate your interest in employment with Anne Arundel Community College, we regret that we are unable to sponsor employment Visas for job applicants at this time.