QUALIFICATIONS:

1. Bachelor’s degree in Computer Science or related field;

2. Professional experience with information security in a large complex organization;

3. A minimum of three (3) years of progressive experience in a combination of information security, risk management, and or IT positions;

4. Experience in the education industry preferred;

5. Certified Information Systems Security Professional (CISSP) preferred in certifications in one or more of the following specialty areas: 

• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Risk and Information Systems Control (CRISC)
• Certified Ethical Hacking (CEH)

SPECIAL KNOWLEDGE/SKILLS

1.   Knowledge of Information Security regulations including FERPA, COPPA, CIPA, and HIPAA;

2.   Knowledge of relevant legal/regulatory requirements and common information security management frameworks such as NIST Cybersecurity Framework, ISO/IEC 27002;

3.   Strong organizational, written and oral communication, and interpersonal skills;

4.   Ability to implement policy and procedures;

5.   Strong understanding of information security and the relationships among threat, vulnerability and information value in the context of risk management;

6.   Possess a strong understanding of appropriate leading-edge technologies;

7.   Proven successful track record in developing information security policies and procedures

8.   Strong executive presence to be able to present analysis and recommendations in a clear and compelling manner to both technical and non-technical audiences, including executive management

9.   Must be a critical thinker, with strong problem-solving skills

10. Thorough understanding of IT Operations and the role and impact of information security

TERMS OF EMPLOYMENT:

Annual Contract 250 days

SALARY:

 Salary (based on experience) as set by the Board of Trustees for the school year 2016-2017 

ESSENTIAL FUNCTIONS:

1.   Oversees the approval, training, and dissemination of security policies, standards and practices.

2.   Develops and enhances an information security management and control framework based on established industry standards.

3.   Implements security improvements by assessing current situation, evaluating trends, anticipating requirements, recognizing problems by identifying anomalies, conducting periodic audits, and reporting violations.

4.   Manages the framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.

5.   Facilitates information security through the implementation of an industry best practice based governance program.

6.   Maintains accountability for information security program governance through the Internet Content Filtering Management Governance Committee.

7.   Creates and oversees the successful execution of the security roadmap including roles and responsibilities ensuring acceptable use policies.

8.   Assesses overall information security risk posture, by measuring compliance with policy to ensure that security procedures are compliant with relevant laws, regulations and industry best practices, and initiates programs to achieve and maintain a successful cyber security posture.

9.   Develops and maintains external and internal relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities such as third-party software data interfaces.

10. Leverages information security investments to enhance District administration and compliance processes.

11. Creates and manages information security and risk management communications, training and awareness programs tailored to the evolving needs of the District.

12. Develop and maintain the cyber security risk assessment process, including the reporting and oversight of treatment efforts to address findings.

13. Provides strategic risk guidance for IT projects and trusted learning environments including the evaluation and recommendation of technical controls and solutions.

14. Works with the appropriate District resources to monitor the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action.

15. Leads the development and management of a comprehensive Threat and Vulnerability Management program.

16. Oversees cyber security incident response capabilities, and directs enhancements to align with industry standards.

17. Performs other duties as assigned.

WORKING CONDITIONS:

Mental Demands/Physical Demands/Environmental Factors:
Tools/Equipment Used: Standard office equipment including personal computer and peripherals
Posture: Prolonged sitting; occasional bending/stooping, pushing/pulling, and twisting
Motion: Repetitive hand motions, frequent keyboarding and use of mouse; occasional
reaching

Lifting: Occasional light lifting and carrying (less than 15 pounds)
Environment: Frequent districtwide travel
Mental Demands: Work with frequent interruptions; maintain emotional control under stress

Deadline for application:

March 28, 2017

All applications will be reviewed

Not all applicants will be interviewed

Hiring Managers may choose to email you regarding this application.  Please monitor your email regularly for any communication.

BECOME AN ADMINISTRATOR WITH CFISD:

http://www.cfisd.net/en/job-seekers/career-opportunities/become-administrator/