Cybersecurity Manager
2 months ago
JOB STATUS:
- UNTIL FILLED- POSTING DATE:
- 06/13/2024- POSTING NUMBER:
- 00006604- LOCATION:
- Technical Services- POSITION TITLE:
- Cybersecurity Manager- JOB DESCRIPTION:
**Primary Purpose**
- Evaluates, implements, and maintains the district’s enterprise security posture using security tools, software and infrastructure. Oversees the district’s information security program including information security policies, student safety, and coordination of cybersecurity protection. Leads information security risk assessment efforts to establish a trusted learning environment to ensure privacy of student and staff data, and drive information security awareness and training programs.- RESPONSIBILITIES:
**Major Responsibilities and Duties**
- 1. Develops and carries out information security plans and policies.
- 2. Develops strategies to respond to and recover from a security breach.
- 3. Develops or implements open-source/third-party tools to assist in detection, prevention and analysis of security threats.
- 4. Provides awareness training for district employees on information security standards, policies and best practices.
- 5. Coordinates all security awareness, training and discussions with all district departments.
- 6. Conducts periodic scheduled network scans to find vulnerabilities.
- 7. Conducts penetration testing, simulating an attack on systems to find exploitable weaknesses.
- 8. Reviews findings with security team to determine acceptable levels of risk.
- 9. Monitors networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior.
- 10. Investigates security breaches.
- 11. Leads incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.- 13. Attendance at work is an essential function.
- 14. Other duties as assigned by the supervisor or designee.- EXPERIENCE:
**Minimum Experience**:
- Experience auditing large-scale network infrastructure including experience managing, hardening, and securing Windows Servers and Clients.
- Experience and broad knowledge of databases and data extraction, TCP/IP, Ethernet, ACLs, VLANs, encryption, Windows object permissions/privileges and other network and security protocols/configurations.
- Experience administering, securing and working within a large Microsoft Windows environment.
- Experience planning, researching and developing security policies, standards and procedures
- Experience with Endpoint security solutions, including file integrity monitoring and data loss prevention
- Experience with AWS and cloud platform as a service (PaaS) security
- Experience with automating security testing tools
- Ability to communicate network security issues to peers and management
- QUALIFICATIONS:
**Minimum Education/Certification**:
- Bachelor's degree in Computer Science/Information Technology (IT), or IT security certification (CEH, CISM, CISSP, GSEC, ECSA, GPEN, SCCP, or CISA) required.
- Degree or certification may be substituted for an equivalent combination of applicable education, training, and experience as approved by HR.- Three years related IT Security Administration experience preferred.
- At least one year experience with various enterprise deployment and familiarity with LAN/WAN communication protocols, hardware standards and project management experience, preferred.
**Special Knowledge/Skills**:
- Work experience in education setting especially K-12.
- Knowledge of NIST SP 800-53, FISMA, PCI DSS.
- Understanding of web servers and secure web server configurations.
- Knowledge of Disaster Recovery, computer forensic tools, technology and methods
- Knowledge of risk assessment tools, technologies and methods
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering
- Expertise with malicious code and anti-virus software identification
- OTHER INFORMATION:
**Equipment Used**
Standard office equipment including personal computers and peripherals.**Working Conditions**
**Mental/Physical Demands/Environmental Factors**:
Work is performed in an office environment; frequent on-call and after-hours work; occasional districtwide travel; may be required to be on-call 24 hours a day. Work with frequent interruptions; emotional control under stress- JOB CONTACT INFORMATION:
- APPLY TO:
- The above statements are intended to describe the general purpose and responsibilities assigned to this job and are not intended to represent an exhaustive list of all responsibilities, duties and skills required.- GROUP / GRADE:
- Wage/Hour: Exempt; Reports To: Executive Director of Technology, Date Revised: March 2024- SALARY:
- Pay Grade: 7- DAYS:
- 230
