Information Security Officer
SALARY: $97,074.00 Annually
OPENING DATE: 10/30/19
CLOSING DATE: 11/27/19 04:00 PM
Please be aware that this recruitment closes at 4:00 p.m. PST. The application process will not be available after this time. To ensure consideration make sure your application is completed and submitted as soon as possible. Applications will only be accepted prior to 4:00 p.m. on the closing date.
The Community Colleges of Spokane is seeking a highly motivated and qualified individual for the position of Information Security Officer in the Information Technology Systems Division.
Reporting to the District Director of Information Systems for the Community Colleges of Spokane (CCS), the Information Security Officer (ISO) is charged with developing and managing IT and data management practices to protect the integrity, availability and confidentiality of CCS electronic data and safeguard CCS IT resources. This key position serves as an IT cyber security expert and ambassador throughout the district and trains others on essential IT security and data protection protocols; establish key policies and procedures for IT Security and Data Protection; recommend actions to protect CCS information and IT infrastructure from external and internal threats; and, assure that CCS complies with statutory and regulatory requirements regarding information access, use, security and privacy. This position also serves as designated back-up to the District Director of Information Systems as needed and will be a project management resource in broad IT project implementations.
CHARACTERISTIC DUTIES AND RESPONSIBILITIES
- Oversee the development, implementation and maintenance of districtwide IT security policies, procedures, standards and guidelines. Continuous evaluation and progress toward compliance with the Washington State OCIO's IT security standards. Document and address issues of non-compliance. Active participate as a CCS representative to the Information Technology Commission's IT Security Council. *
- Work with technology users, authorizing officials, key IT offices, data custodians, IT governance groups and CCS executives to establish a process that identifies and evaluates risk, potential threats, vulnerabilities and impacts to CCS operations, systems, and personnel as a result of the use of IT systems. Assists in developing solutions. *
- Conduct reviews to ensure that IT systems have current, effective and quality security documentation in place, including: IT security plans integrated into all stages of the system life cycle; qualitative risk assessments; annual reassessments; and tested contingency plans. *
- Conduct periodic IT Security Self-Assessments throughout CCS to evaluate the effectiveness of existing security controls and compliance with established policies and procedures. Examples of such self-assessments include but are not limited to penetration tests, vulnerability tests and system code analysis. *
- Ensure a comprehensive independent IT security audit is performed once every three years in accordance with program and state IT security standards. *
- Monitor and track key security initiatives and establish standards such as virus protection, security monitoring, intrusion detection, access control to facilities, and remote systems access. Coordinate resolution of security breach incidents including system intrusions and abuse. *
- Work with the Desktop Support Group to select and coordinate the support of virus protection software for common platforms in use throughout CCS. Investigate and identify solutions to viral infestation and damage. *
- Work with the DET (desktop engineering team) group to establish a process to identify, track, and report on security patch management. *
- Develop districtwide information security awareness and training programs for all CCS personnel to encourage greater system security and awareness of risks. *
- Act as the CCS central point of contact for all information security incidents/threats, develop incident handling procedures and report incidents to CCS leadership, Campus Security or other law enforcement as appropriate. *
- Provide guidance to ensure that IT and information security is addressed in the development and acquisition process of information systems, security related products and services, and database management. *
- Work with Technology Services and Human Resources on the collection of confidential and sensitive data regarding personnel investigations, litigation records holds and other related matters. *
- Provide leadership in project management of IT projects as needed. *
- Support and advance the CCS strategic plan, and perform other duties as assigned. *
'*' Indicates this is an essential duty
COMPETENCIES & OTHER REQUIREMENTS:
REQUIRED COMPETENCIES (MINIMUM QUALIFICATIONS)
- Bachelor's degree in Computer Science, Information Management, Business Administration, Engineering, Project Management, or a related field from an accredited institution. Or an equivalent mix of education and experience that demonstrates the candidate meets all competency requirements for this position.
- Five years relevant work experience designing, implementing and maintaining IT systems.
- Five years management experience in IT services.
- Three years relevant IT security work experience demonstrating a strong understanding of IT security processes, technologies, standards, and best practices.
- Current security/ cybersecurity certification in one of the following:
- Security + Certificate
- Certified Information Systems Security Professional (CISSP)
- GIAC Security Essentials Certificate (GSEC)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Privacy Manager (CIPM)
- (Relevant experience in excess of five years beyond the minimum required experience may be substituted for certification.)
- Knowledge of network and server hardware, software and security tools.
- Working knowledge of current information security laws and accepted industry practice.
- Commitment to learning and applying best practices to ensure electronic and technology work products and tools are accessible to all people, including those with disabilities.
- Acceptance of the responsibility to promote the welfare and best interests of students at all times.
- A demonstrable understanding and acceptance of the mission, values, goals and objectives of CCS.
- The ability to perform assigned duties in a manner consistent with applicable laws, regulations and goals of the institution, and community and technical college system.
- Demonstrated commitment to fostering and supporting a teaching, learning and working environment that honors diversity, equity and inclusion.
PREFERRED COMPETENCIES (DESIRED QUALIFICATIONS)
- Master's degree or higher in Computer Science, Information Management, Business Administration, Engineering, Project Management or related field from an accredited institution.
- Experience in higher education compliance auditing.
- Working knowledge of pertinent law and the law enforcement community.
CONDITIONS/TERMS OF EMPLOYMENT:
* TOTAL COMPENSATION: $121,366 - $125,781. Total compensation is an estimate based upon base compensation, current employer-paid health and related benefit contribution rates and median retirement fund contributions. The actual total will vary depending upon each employee's enrollment choices.
Person hired must be able to provide acceptable documentation of U.S. Citizenship or lawful authorization to work in the United States. This is an absolute condition of employment. An offer of employment will not carry with it any responsibility or obligation on the part of the District to sponsor an H1-B visa. In addition, the Community Colleges of Spokane maintains a drug-free work environment and prohibits all smoking in the college buildings and state-owned vehicles. Must be able to successfully work in and promote a multicultural work and education environment. Prior to a new hire, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position.
- Work is performed in a normal, temperature controlled office environment.
- Work is sedentary in nature.
- Frequent use of computer and exposure to terminal screens.
- Work directly with students/clients.
- Work involves constant interruptions and requirement to answer on demand questions by phone, in person, or electronically.
- Frequent repetitive hand/wrist motions and finger manipulation.
- Frequent oral and auditory communication with others.
CONDITIONS OF EMPLOYMENT
- Contract 12 month.
- This position is overtime ineligible.
- Criminal background check required.
- Requires local or regional travel. If using personal vehicle proof of driver's license and car insurance required.
REQUIRED APPLICATION MATERIALS:
To qualify for consideration, applicants must meet required competencies and submit a complete application packet, which includes the following:
- CCS online application.
- Cover letter addressing your qualifications as applied to the responsibilities of this position. *
- Comprehensive resume. *
- Names, addresses, and telephone numbers of three professional references.*
- College transcript(s) if applicable - unofficial/copies of transcripts are acceptable for initial application, official copies must be submitted upon acceptance of job offer.
NOTE: All of the above are required to ensure your consideration for this position. The item(s) marked with an asterisk are required attachments to your application prior to submission.
Community Colleges of Spokane does not discriminate in its programs, activities and employment on the basis of race, creed, color, religion, national or ethnic origin, age, sex, marital status, pregnancy, parental status or families with children, status as a mother breastfeeding her child, AIDS/HIV or hepatitis C, honorably discharged veteran status, sexual orientation, gender identity or expression, disability, use of trained guide dog or service animal by a person with disability, genetic information or any other legally protected category. Please direct all inquiries regarding compliance with access, equal opportunity and/or grievances to the Chief Administration Officer, Community Colleges of Spokane, 501 N. Riverpoint Blvd., PO Box 6000, MS 1004, Spokane WA 99217-6000 or call 509-434-5037; WA Telecommunication Relay Services (TRS) 1-800-833-6384 or 7-1-1.