Cyber Security Specialist

Job Summary The Cybersecurity Specialist reports directly to the Chief Information Security Officer (CISO) and assists with the design, deployment, and oversight of the College’s Information Technology Cybersecurity Program to ensure all aspects are complete, current and in adherence with regulatory requirements and institutional objectives. The cybersecurity program will include development of security policies, guidelines, templates and other documentation, ongoing risk assessments to include the identification and potential remediation of assessed risks, performing an annual policy review and retaining all evidence of reviews as performed. This position will assist the CISO to gather information, monitor systems, research solutions, identify risks and recognize problems. Essential Duties and Responsibilities • Assists with the development and implementation of a robust Information Technology Cybersecurity Program inclusive of state-of-the-art policies and processes that enable the organization to establish consistent, effective information security practices and minimize risk.
• Participates in projects and priorities for all information security issues and supports short- and long-range business action plans to achieve the execution of the best practice vision designed by the CISO to secure the institution technical resources and critical data.
• Assists the CISO regarding the identification of current and future IT security issues and security program developments. Provides updates to the CISO that may include written and/or in-person presentations on relevant information security topics, results of security risk assessments, and progress against approved corrective action plans.
• Attends meetings regarding Critical Incident Management Plans as required by the CISO
• Assists the CISO to monitors the institution’s Cybersecurity Program end-user training and testing plans
• Assists the CISO to educate employees regarding policies, and best practices. Provides training to staff, faculty and students regarding security protocols and procedures as required.
• Monitors and analyzes network security traffic, firewall-based security traffic, email-based security traffic, Internet security traffic, cloud-based security traffic, end-user security traffic, web-based security traffic, application and server-based security traffic, intrusion detection/prevention systems, data loss prevention systems, and security information and event-management systems and provides reports, recommendations and action plans as required under the direction of the CISO.
• Promotes the institution’s information security policies designed to ensure the confidentiality, integrity and availability of IT systems and data.
• Interacts with the Information Technology department (internal and outsourced personnel) and other departmental leadership to acquire information, operational processes, workflows and documentation regarding the institution’s security posture, preparedness, strengths and weaknesses to provide recommendations regarding action plans, documentation, reporting and potential software, hardware and other acquisitions to improve the security posture of the organization under the direction of the CISO.
• Assists the CISO conduct internal security audits to ensure compliance with industry regulations and standards, state requirements and institutional objectives.
• Stays current on emerging security threats, solutions and technologies in the cybersecurity field.
• Monitors and evaluates system security backup and recovery procedures as directed by the CISO and the VP of Information Technology.
• Pursues professional development by taking security related courses, classes, certifications, webinars offered by the College, the State of Texas and/or professional development organizations as directed by the CISO
• Participates collegially in discipline-specific activities developed for the Information Technology department as required.
• Attends the workplace regularly, reports to work punctually and follows a work schedule to keep up with the demands of the worksite (which may be on campus or at an off-site location).
• Safeguards information system assets and maintains confidentiality of security concerns
• Reports violations of security policy or best practice to the CISO in the course of business
• Assists the CISO complete security audits as required.
• Assists the CISO complete security reports as required.
• Performs vulnerability scans under the supervision of the CISO as required.
• Updates information security and response plan documentation as required.
• Familiarizes themselves with the College technology ecosystem as it relates to security information as required.
• Attends department meetings and supervisory meetings as required.
• Displays superior customer service skills.
• Working hours may include evenings or weekends.
• Support the values and institutional goals as defined in the College’s Strategic Plan.
• Complete duties and responsibilities in compliance with college standards, policies and guidelines. Required Knowledge and Skills To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
• Strong, demonstrated commitment to the mission of the community college.
• A relatively high level of analytical ability is required. Ability to solve problems requiring analysis regarding relatively complex administrative systems and programs.
• Work generally consists of activities, projects, or assignments where decision-making input is expected.
• Skill in working effectively in a team environment with a customer service focus.
• Ability to use technology as required in the information security field.
• Ability to establish and maintain positive and effective working relationships with students, college employees, executive leadership and the public.
• Ability to communicate effectively, both orally and in writing; define problems, collect data, establish facts, and draw valid conclusions; and effectively present information.
• High level of energy and good sense of humor with the capacity for extraordinary time and effort demands.
• Ability to work in a fast-paced environment.
• General understanding of cloud-based technologies. Required Education and Experience To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the education and experience required.
• Bachelor’s degree in Computer Science, Information Security, Cybersecurity or a related field from an accredited college or university.
• Minimum of 2 years of experience in information technology/security, with a focus on higher education or public sector environments a plus.
• Experience with security architecture, incident response, and risk management.
• Experience with security assessment tools and techniques such as vulnerability scanning, penetration testing and threat intelligence analysis.
• Experience in collaborating with colleagues across an organization in the construction and continuous improvement of measurable information security outcomes.
• Demonstrated excellent communication and interpersonal skills and the ability to work independently.
• Ability to handle sensitive and extensive confidential data.
• Proficient in the use of email, word processing, spreadsheet and presentation software and use of the Internet to access data, maintain records, generate reports, and communicate with others. Preferred Education and Experience • Preferred Industry certifications such as CISSP, SANS GIAC or similar security professional specific training and certification
• Knowledge of industry security & privacy regulations (e.g., ISO, SOC2, HIPAA, PCI, GDPR)
• Higher degree in Computer Science, Information Security, Cybersecurity or a related field from an accredited college or university. Certificates and Licensures • None required Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand. The employee is occasionally required to walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl; talk or hear; and taste or smell. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. While performing the duties of this job, the employee occasionally works near moving mechanical parts. The noise level in the work environment is usually moderate.