Director, Information Security Operations

About The Position

Requirements

• Strong understanding of relevant legal and regulatory requirements, including FERPA, FedRAMP, TAC 202, PCI-DSS, and HIPAA.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT as well as those from NIST standards( 800-53 and Cybersecurity Framework).
• Working knowledge of a wide range of technologies and best practices for securing databases, servers, applications, networks, and integrations.
• Expert knowledge of the key concepts in user access controls, authentication mechanisms, and identity management principles.
• Strong knowledge of data privacy regulations, encryption, data security tools, and recovery techniques.
• Familiarity with accounting practices, PMI-based project management, and ITIL-based IT Service Management (ITSM) concepts.
• Proven ability to lead teams effectively, coordinate others’ work, and maintain positive, collaborative relationships.
• Demonstrated experience in IT operations, access management, data protection, and security hardware configuration.
• Skilled in assessing, testing, and reporting vulnerabilities to strengthen organizational security posture.
• Experienced in overseeing external partners for outsourced operations and implementation of new security tools.
• Strong business acumen, conceptual thinking, and planning abilities for driving informed, strategic decisions.
• Self-motivated and detail-oriented with strong communication, organization, confidentiality, and follow-through skills.
• Five (5) years of experience in Information Technology, audit or compliance roles of progressively increasing responsibility.
• Five (5) years of related work experience leading a Cybersecurity organization.
• Bachelor's degree in a technology or Business related field of study such as Computer Science, Information Technology, Business or Business Information Systems.
• Reliable transportation for travel in the Austin area as required.
• Certified Information Systems Security Professional (CISSP) certification.
• ITIL Foundation-level certification or above.
• Unexpired PMP or equivalent PMI-based Project Management certification.

Nice To Haves

• Ten (10) years of experience in Information Technology, audit or compliance roles with progressively increasing responsibility, including at least seven (7) years in information security.
• Seven (7) years of related work experience leading Cybersecurity teams.

Responsibilities

• Provide leadership, coaching, and people management (hiring, performance, development) while fostering a culture of collaboration and continuous improvement.
• Manage day-to-day activities of the Security Operations Center (SOC) to detect, respond to, and mitigate security incidents effectively.
• Lead and coordinate incident response and operational recovery efforts to ensure timely resolution and resilience against cybersecurity events.
• Oversee and enhance key security systems (firewalls, IDS/IPS, endpoint protection, SIEM, etc.) to maintain a strong defense posture.
• Establish and maintain KPIs, and prepare regular reports on incident trends, vulnerabilities, and overall security effectiveness for executive leadership.
• Evaluate emerging technologies, perform regular vulnerability testing, and implement improvements to strengthen security capabilities.
• Partner with internal departments, third-party vendors, and leadership to align on security goals and ensure effective communication.
• Stay current on cybersecurity risks and trends, advising leadership on potential impacts and recommended strategies.

Benefits

• Benefits include medical, dental, life insurance, short- and long-term disability, retirement plans, and AD&D.
• ACC does not participate in Social Security.
• ACC participates in the Teacher Retirement System of Texas (TRS) and the Optional Retirement Program (ORP-Faculty and Administrators Only).
• Hourly employees participate in the ACC Money Purchase Plan (ACCMPP) as a retirement program required by federal law.