Manager Information Security

JOB SUMMARY
Oversees the districts cybersecurity strategy to ensure the confidentiality integrity and availability of all information systems. This role ensures compliance with federal state and local regulations including FERPA and COPPA while leading efforts to identify risks establish policies and implement technical solutions to safeguard the districts technology infrastructure. The Manager directs all cybersecurity operations oversees identity and access controls and ensures secure integration of emerging technologies. Responsibilities include coordinating risk assessments cybersecurity compliance reporting developing and maintaining incident response plans developing and maintaining IT disaster recovery and business continuity plans incident commander for cybersecurity and disaster recovery events and monitoring cybersecurity threats. The position also provides staff training promotes a culture of cybersecurity awareness and collaborates with IT leadership to align security strategies with district goals. This role requires strong leadership technical expertise and the ability to communicate effectively with diverse stakeholders in a K12 educational environment.

Additional Work Days/Hours
Based on the assignment the following additional work days and/or hours may be required as needed:

• Ability to work flexible schedules
• Emergencies
• Evenings/Nights
• Extended hours
• Holidays
• Inclement weather conditions
• On call
• Outside of normal business hours
• Overtime as needed
• Peak season
• Weekends

ESSENTIAL DUTIES/RESPONSIBILITIES

• Develops and executes the organizations cybersecurity strategy aligning it with business goals and risk tolerance; collaborates with executive leadership to define cybersecurity policies standards and procedures; leads cross-functional teams to implement cybersecurity initiatives and drives continuous improvement; oversees the implementation of security controls risk assessments and vulnerability management.
• Oversees day-to-day security operations including incident response threat detection and vulnerability management and managed Security Operations Center services; coordinates with security administrators and specialists to maintain a secure IT environment; ensures compliance with industry standards (e.g. ISO 27001 NIST CIS State of Maryland Minimum Cybersecurity Standards etc. ) and other regulatory requirements in all current and proposed IT systems vendor contracts and related operational functions.
• Leads incident response efforts during cybersecurity breaches or incidents; works with external partners law enforcement and forensics teams; develops and tests incident response plans to minimize organizational IT impact recovery point and recovery time objectives.
• Serves as project manager for all IT Cybersecurity projects; ensures effective communication with all stakeholders across all levels including detailed development and operational communications; identifies and manages project dependencies.
• Leads all IT Change Management processes for the district; ensures all operational changes incidents work orders and tasks are tracked in the district-approved ITSM system.
• Collaborates with business units legal compliance and IT teams to integrate security into project lifecycles and business best practices; communicates security risks and requirements to senior management and board members; fosters a security-aware culture through training and awareness programs and available communication channels.
• Performs other related duties as assigned within the same classification or lower.

MINIMUM QUALIFICATIONS
To perform this job successfully an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge skills and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education

• Bachelors Degree in Computer Science or related field of education from a regionally accredited college or university required.
• Masters Degree in related field of education from a regionally accredited college or university preferred.

Experience

• Five (5) years professional experience in cybersecurity required; and
• Three (3) years experience in a supervisory or management role required.

Knowledge Skills Abilities and Other Characteristics

• Proven track record of successfully leading security programs and projects.
• Experience with regulatory compliance and audit processes.
• Familiarity with cybersecurity tools and NIST special publication documentation.
• Experience with cloud technology database security and cybersecurity principles.
• Previous experience supporting transition/handover of data gathering enrichment storage and usage.
• Collaboration with cybersecurity teams and existing application development teams.
• Budget preparation and oversight.
• Demonstrated experience performing confidential IT security-related investigations and audits.
• Demonstrated ability to work effectively within a team environment.
• Demonstrated project management experience.
• Ability to organize and manage multiple assignments with concurrent time sensitive deadlines.
• Ability to maintain confidentiality in all security-related matters.
• Strong knowledge of network security encryption and access controls.
• Excellent oral and written communication skills.
• Experience with regulatory compliance and audit processes.
• Proficiency in risk assessment threat modeling and security frameworks.
• Demonstrated ability to effectively work and communicate with diverse populations
• Demonstrated proficiency with business technology applications (e.g. Video/Web Conferencing Microsoft Office Suite -Word Excel Outlook and/or PowerPoint preferred).

Licenses and Certifications
Employee must retain active licenses certifications and enrollment as a condition of employment.

• Hold or be eligible for Certified Ethical Hacker (CEH) issued by EC-Council preferred.
• Hold or be eligible for Project Management Professional (PMP) Certification issued by Project Management Institute (PMI) preferred.
• Hold or be eligible for Certified Information System Security Professional (CISSP) issued by (ISC)² preferred.
• Hold or be eligible for RIMS-Certified Risk Management Professional (CRMP) issued by Risk Management Society (RIMS) preferred.
• Hold or be eligible for Drivers License (DL) Class C Non-Commercial issued by Maryland or State of Legal Residence (MVA/DMV) required; and
• Daily access to reliable transportation.

Driving Requirements

• Driving is required to conduct bona fide Board business that is within the scope of employment in this position.
• Personal Vehicle

LEADERSHIP ROLE

• First level supervisor

People Management

• This position acts as the manager for 1 to 5 direct staff.
• This position acts as the manager for indirect staff.
• This position manages 1 to 2 departments.

Management Duties/Responsibilities

• Interviews selects and trains employees.
• Sets/adjusts pay rate and work hours.
• Directs the work of employees.
• Maintains records for use in supervision.
• Assess employees performance (productivity/efficiency) to make promotional recommendation/other status changes.
• Handles employee complaints/grievances.
• Disciplines employees.
• Plans the work.
• Determines the techniques to use.
• Apportions the work among the employees.
• Determines the type of materials supplies machinery equipment or tools to be used of materials or merchandise to be brought stocked and sold.
• Controls the flow and distribution of materials or merchandise and supplies.
• Provides for the safety and security of the employees or the property.
• Plans and controls the budget.
• Monitors and implements legal compliance measures.

PHYSICAL DEMANDS/WORKING CONDITIONS
The physical demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Physical Demands

• Standing: over 2/3 of the time
• Walking: over 2/3 of the time
• Sitting: under 1/3 of the time
• Using hands to handle or feel: between 1/3 and 2/3 of the time
• Pinching (fine motor skills): under 1/3 of the time
• Wrist deviation: between 1/3 and 2/3 of the time
• Keyboarding: under 1/3 of the time
• Pushing: under 1/3 of the time
• Pulling: under 1/3 of the time
• Reaching (with hands and/or arms): between 1/3 and 2/3 of the time
• Climbing (Ascend/Descend): between 1/3 and 2/3 of the time
• Balancing: between 1/3 and 2/3 of the time
• Stooping: between 1/3 and 2/3 of the time
• Kneeling: under 1/3 of the time
• Crouching: under 1/3 of the time
• Crawling: under 1/3 of the time
• Bending: between 1/3 and 2/3 of the time
• Twisting: between 1/3 and 2/3 of the time
• Squatting: under 1/3 of the time
• Talking: under 1/3 of the time
• Hearing: under 1/3 of the time
• Smelling: under 1/3 of the time
• Repetitive Motions: between 1/3 and 2/3 of the time
• Eye/Hand/Foot Coordination: between 1/3 and 2/3 of the time
• Driving: under 1/3 of the time
• As required by the duties and responsibilities of the position.

Vision
The vision demands with correction described here are representative of those that must be met to successfully perform the essential functions of this job.

• No special vision requirements

Work Environment
Location

• Office school or similar indoor environment: over 2/3 of the time
• Outdoor environment: under 1/3 of the time
• Street environment (near moving traffic): under 1/3 of the time
• Confined space: under 1/3 of the time

Exposure

• Outdoor weather conditions: under 1/3 of the time
• Extreme cold (below 32 degrees): under 1/3 of the time
• Work near moving mechanical parts: between 1/3 and 2/3 of the time
• Work in high precarious places: between 1/3 and 2/3 of the time up to 40 feet on vertical ladder/scaffolding
• Fumes or airborne particles: between 1/3 and 2/3 of the time
• Toxic or caustic chemicals substances or waste: under 1/3 of the time
• Risk of electrical shock: under 1/3 of the time
• Vibration: under 1/3 of the time

Noise Level

• Moderate: between 1/3 and 2/3 of the time

Weight & Force
Lifting and carrying requirements

• Up to 50 pounds: under 1/3 of the time

Travel Requirements

• 10% day travel within the county

JOB INFORMATION

ORGANIZATION

HR JOB INFORMATION

VR# 26085

Required Experience:

Manager