Director of Information Security

Georgia Gwinnett College•Lawrenceville, GA

37d

About The Position

Based on industry standards and best practices, the Director of Information Security sets the vision and leads the strategy for a comprehensive enterprise cybersecurity and IT risk management program. The Director will provide direction and oversight to ensure confidentiality, integrity, and availability of data, systems, and services; manage organizational risk; and ensure alignment with GGC's mission, goals, and business needs. This position reports to the Chief Information Officer (CIO) and serves as a member of the IT Leadership Team. The Director is responsible for developing and executing security governance, incident response, and awareness programs, and for fostering a culture of security throughout the college. This position collaborates with colleagues frequently and regularly interacts with internal and external stakeholders. This position leads and develops one or more direct reports. Working outside standard business hours will be required on an as-needed basis.

Requirements

4 Year / Bachelor's Degree in a related field
8+ years of relevant experience
5+ years of supervisory experience

Nice To Haves

Graduate degree in a related field
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or similar credential.
Knowledge of auditing, information security and regulatory standards, best practices, and assessment methodologies.
Experience with service management, project management, change management processes and procedures, and well-honed documentation skills.
Experience directing, leading, and mentoring IT professionals.
Experience working in higher education, preferably a campus in the University System of Georgia.

Responsibilities

Lead and develop a comprehensive information security and IT risk management program that ensures the confidentiality, integrity, and availability of GGC data and infrastructure.
Lead and develop education, training, and awareness programs for all college constituents on institutional policy, guidelines, federal and state laws and regulations, and best practices in information security. Serve as a spokesperson for cybersecurity and provide guidance to college leaders and other stakeholders. Regularly share data, reports, and updates with stakeholders.
Lead the development and implementation of the college's security governance, including policies and procedures, in consultation with IT leadership, technology professionals, and other stakeholders.
Lead security information and event management, security operations, and other related functions. Lead, mentor, and develop security operations staff and related personnel, fostering a collaborative and high-performing team.
Collaborate with ITS, audit, public safety, and academic and business units to comply with USG security policies, regulations, and college standards; collaborate with Legal Affairs and Purchasing to embed risk assessment and data security in supplier agreements and renewals.
Proactively lead incident management and response by systematically detecting, analyzing, containing, and eradicating threats, restoring systems,and coordinating communication and documentation of incidents. Employ a 24/7/365 on-call schedule as needed. Conduct post incident analysis and propose cost-effective solutions to prevent or mitigate future incidents.
Collaborate with colleagues inside and outside IT to embed cybersecurity best practices in technical solutions.
Use standard tools and processes to lead projects to successful completion through effective planning for user experiences, change management, communication, and documentation.
Additional duties as assigned.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume