Note: You must formally submit an application by going to: https://www.applitrack.com/d91/onlineapp/JobPostings/view.asp?FromAdmin=true&AppliTrackJobId=5529
Position Type:
Technology
Date Posted:
12/11/2024
Location:
Administration Office
Date Available:
Immediately
Closing Date:
Open until filled
Title: IT Cyber Security Manager (Exempt)
Job Summary:
As the School District IT Cyber Security Manager, you will play a pivotal role in protecting the digital infrastructure, sensitive data, and overall cyber environment of our educational institution. This position requires a proactive, detail-oriented professional with a deep understanding of cyber security principles, risk management, and regulatory compliance. You will collaborate closely with the Systems and Network Team to design, implement, and maintain a secure technological framework, ensuring the district’s technology supports educational excellence.
Qualifications:
Bachelor’s degree in computer science, information technology, cyber security, or a related field; advanced degree or certifications (e.g., CISSP, CISM, CEH) preferred.
Minimum of 3 years’ experience in cyber security roles, focusing on network security, risk management, and incident response.
Proficiency in working with systems and networks, including configuring and securing firewalls, intrusion prevention systems, and monitoring tools.
Deep understanding of encryption, authentication, access control, and security architecture.
Familiarity with regulations such as FERPA, CIPA, COPPA and HIPAA.
Experience with penetration testing, vulnerability assessment, and risk mitigation techniques.
Strong communication skills for collaboration with cross-functional teams and presentation of technical concepts to non-technical audiences.
Leadership abilities to coordinate with the Systems and Network Team and manage priorities effectively.
Commitment to continuous professional development in cyber security and IT.
Essential Duties and Responsibilities:
Cyber Security Strategy and Policy Development:
Develop and enforce comprehensive cyber security policies, standards, and procedures aligned with industry best practices and regulatory requirements. Work closely with the Systems and Network Team to integrate security measures across all IT operations.
Risk Assessment and Mitigation:
Conduct regular risk assessments to identify vulnerabilities and threats within the district’s network and systems. Collaborate with the Systems and Network Team to develop and implement mitigation strategies to address identified risks effectively.
Network Security Collaboration:
Partner with the Systems and Network Team to manage and monitor the district’s security infrastructure, including firewalls, intrusion detection systems, and virtual private networks (VPNs). Work together to enhance the security of critical systems and respond to vulnerabilities.
Shared Responsibility: Data Loss Prevention (DLP):
Work collaboratively with the SysNet Administrator, Systems Administrator and Network Manager to design and implement robust data loss prevention (DLP) strategies. This includes:
Identifying sensitive data across systems, such as student records, financial information, and internal communications.
Establishing mechanisms to monitor data access and usage, ensuring that sensitive information is not improperly accessed, shared, or exfiltrated.
Setting up security controls and alerts to detect and prevent unauthorized data transfers or breaches.
Coordinating with the Systems Administrator to ensure that server configurations, storage solutions, and data backups are aligned with DLP policies.
Collaborating with the Network Manager to configure network-level protections, such as encryption protocols, secure data transmission methods, and monitoring tools that safeguard against external and internal data threats.
This joint effort ensures the district’s digital ecosystem is fortified against data breaches, accidental data loss, and unauthorized disclosures while enabling swift remediation when incidents occur
Incident Response Planning and Execution:
Develop and maintain robust incident response plans. Lead coordinated efforts with the Systems and Network Team to handle security incidents such as data breaches, malware infections, and denial-of-service attacks promptly and effectively.
Cyber Security Awareness Training:
Design and conduct cyber security training programs for district staff, students, and stakeholders to foster a culture of security awareness and compliance with established protocols.
Vendor Risk Management:
Collaborate with the Systems and Network Team to evaluate and manage the security posture of third-party vendors with access to the district's systems or data. Implement measures to mitigate vendor-related risks.
Monitoring, Analysis, and Reporting:
Utilize advanced security tools to monitor network activity for suspicious behavior or breaches. Analyze data with the Systems and Network Team to address issues and minimize risks. Provide regular updates and reports to senior leadership on the district’s cyber security status.
Regulatory Compliance Oversight:
Ensure compliance with FERPA, CIPA, and other relevant cyber security and data privacy regulations. Work with the Systems and Network Team to adapt protocols in response to emerging threats or regulatory changes.
Collaboration with Systems and Network Team:
Regularly engage with the Systems and Network Team to ensure the seamless integration of security measures across all district systems. Contribute to the design, implementation, and ongoing management of network security projects.
Documentation and Reporting:
Maintain accurate records of security incidents, assessments, and remediation efforts. Prepare actionable insights and presentations for leadership, the board of education, and stakeholders.
Additional Responsibilities:
Demonstrate regular and predictable attendance.
OTHER DUTIES AND RESPONSIBILITIES:
Performs all other duties as assigned.
TERMS OF EMPLOYMENT:
This is currently a full-time Exempt position scheduled for 8 hours per day, 254 days per year. Benefits will be in accordance with approved Board policy. Wages will be in accordance with the Classified Salary Schedule range of a Grade 14-15 ($26.92 - $30.75/hr) DOE.
This is an “at will” position in that the employer or employee may terminate employment at any time or for any reason consistent with applicable state or federal law. The “employment at will” policy cannot be changed verbally or in writing, unless the change is specifically authorized in writing and expressly approved by the Board of Trustees of District 91.
EVALUATION:
Performance of this position will be evaluated annually by the Director of Technology in accordance with the provisions of the Board’s policy on the evaluation of classified personnel.
