Director of Information & Security (DOIS)

About The Position

Requirements

• Ability and willingness to work on-site at the Irvine, California campus on a full-time basis.
• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, or related field.
• 7+ years of progressive IT leadership experience with direct responsibility for infrastructure, cybersecurity, and enterprise systems.
• Strong experience managing enterprise networks, cloud infrastructure, endpoint security, and identity management systems.
• Working knowledge of web application architecture, API integrations, authentication protocols (SSO, SAML, OAuth), and cloud-hosted enterprise applications.
• Experience with cybersecurity frameworks, risk management, and compliance standards.
• Demonstrated experience leading incident response and security remediation efforts.
• Experience managing vendors, technology procurement, and operational budgets.
• Strong understanding of Microsoft enterprise environments, virtualization platforms, cloud services, and network security architecture.
• Excellent leadership, communication, documentation, and organizational skills.

Nice To Haves

• Master’s degree in Cybersecurity, Information Systems, Business Administration, or related field.
• Higher education or regulated-environment experience strongly preferred.
• Industry certifications such as CISSP, CISM, CEH, Security+, AWS Security Engineer, CCNA, or similar.
• Experience supporting LMS platforms, educational technologies, or academic technology ecosystems.
• Experience with compliance audits and governance programs.
• Familiarity with AI governance, cloud security architecture, and zero-trust security models.

Responsibilities

• Lead the university’s enterprise cybersecurity strategy, roadmap, and operational security posture.
• Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Oversee vulnerability management, endpoint security, threat detection, SIEM monitoring, patch management, penetration testing, and incident response activities.
• Direct security investigations, remediation efforts, forensic coordination, and breach response procedures when necessary.
• Conduct regular security risk assessments and recommend mitigation strategies across infrastructure, applications, and third-party systems.
• Manage identity and access management (IAM), multi-factor authentication (MFA), privileged access controls, and account governance.
• Ensure cybersecurity awareness and training initiatives are implemented across faculty, staff, and administrative departments.
• Maintain disaster recovery and business continuity strategies, including testing and recovery validation.
• Oversee enterprise infrastructure operations including servers, networking, virtualization, storage, wireless environments, cloud services, and telecommunications systems.
• Lead infrastructure modernization initiatives and lifecycle planning for enterprise systems and hardware.
• Ensure reliability, scalability, uptime, and performance of university technology systems.
• Direct backup, redundancy, and recovery operations to minimize operational risk.
• Oversee Microsoft 365, Azure/AWS environments, directory services, device management, and institutional enterprise systems.
• Monitor system performance, capacity planning, and infrastructure optimization initiatives.
• Manage vendor relationships, service providers, licensing, and technology contracts.
• Maintain governance frameworks and operational standards across departments.
• Ensure compliance with applicable regulations and standards, including FERPA, HIPAA (where applicable), GLBA, PCI-DSS, and cybersecurity best practices relevant to higher education.
• Develop and maintain institutional IT policies related to acceptable use, access controls, data retention, incident response, and information security.
• Ensure institutional technology platforms support WCAG 2.1 accessibility standards and incorporate OWASP security best practices throughout application and infrastructure environments.
• Support accreditation and audit activities by maintaining accurate documentation, controls, and compliance evidence.
• Partner with institutional leadership to evaluate and mitigate operational and cybersecurity risks.
• Maintain asset management and technology inventory governance processes.
• Lead and mentor IT infrastructure and security personnel, fostering accountability, technical excellence, and continuous improvement.
• Develop departmental goals, operational KPIs, and strategic technology initiatives aligned with university priorities.
• Collaborate with academic leadership to support instructional technologies, simulation environments, and campus innovation initiatives.
• Participate in budgeting, forecasting, and technology investment planning.
• Provide executive-level reporting on cybersecurity posture, operational performance, incidents, risks, and strategic initiatives.
• Serve as an escalation point for critical infrastructure and security incidents.
• Promote a service-oriented IT culture focused on responsiveness, professionalism, and institutional partnership.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k)
• Exciting university events
• Seasonal motivational health and wellness challenges
• Work/Life Balance initiatives
• Onsite wellness program / Staff Chiropractor
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)