District Director - Information Security

Tarrant County College District   Fort Worth, TX   Full-time     Information Services / Technology (IT)
Posted on April 11, 2024
Apply Now

Please view posting details below. To apply to this posting, please click the link above.

Position Information

Job Title

District Director - Information Security

Posting Number

F005828

Position Status

Full Time

Assignment Length

This field only applies to Faculty

Grant Funded

No

Category

APT

Class Code

11

Starting Pay

Commensurate with education and experience.

Special Note

Location

District

Department

DT Chief Technology Officer

Job Summary

Reporting to the Chief Information Officer, the District Director of Information Security is responsible and accountable for implementing and monitoring the Colleges' information security and privacy programs. The incumbent must be customer-oriented and adept at working with IT and other College personnel and leaders to strike an optimal balance between security strategies and other priorities to successfully manage reasonably foreseeable internal and external threats to all information assets (electronic, paper and people) across the college. This role requires an engaging, imaginative, communicative, and collaborative leader, and serves as the college's Information Security Officer in accordance with Texas Government Code 2054.136.

Primary Duties and Responsibilities

Essential Performance Requirements*
  • Ensures the college's compliance with Texas Government Code 2054.133, and serves as the primary liaison with legal and regulatory bodies on issues related to information security, ensuring compliance with all relevant laws and regulations; completes all duties as assigned and required by Texas Government Code 2054.136
  • Notifies the Chancellor, the Chief Information Officer, and applicable college administrators of risk-related breaches, discoveries, or noncompliance with state requirements promptly and accurately
  • Collaborates with college administrators to develop and maintain a college-wide information security plan, security policies, and procedures that address the requirements of state statute and the college's information security and privacy risks
  • Partners with the college-community to ensure that controls are utilized to address all applicable requirements of state statute and the college's information security risks
  • Develops and provides training and direction of college personnel with significant responsibilities for information security with respect to such responsibilities by developing education and awareness programs and advising operating units on security and privacy issues, best practices, and vulnerabilities
  • Partners with IT colleagues in a collaborative manner to address concerns and work through security-related challenges and projects
  • Provides guidance and assistance to senior college officials, information-owners, information custodians, and end users concerning their responsibilities under state statute, regulations, policies, and procedures
  • Collaborates with college administrators to develop and manage an incident response plan and team to lead efforts in the event of a security breach, including investigation, mitigation, and coordination with internal and external stakeholders, ensuring:
    • Risk assessments are performed by the information owners and supported by the information-custodians at least biennially for systems containing confidential data and periodically for systems containing college sensitive or public data; and
    • Security assessments are conducted biennially for systems containing confidential data and periodically for systems containing college sensitive or public data
  • Reviews the college's inventory of information systems and related ownership and responsibilities
  • Recommends and collaborates with college administrators to establish policies, procedures, and practices to ensure the security of information and information resources against unauthorized or accidental modification, destruction, access, exposure, or disclosure
  • Coordinates the review of security requirements and specifications, verifies security requirements are identified, and risk mitigation plans are developed, contractually agreed, and obligated prior to the acquisition of new information systems and/or related services and applications
  • Verifies security requirements are identified and risk mitigation plans are developed and implemented prior to the deployment of internally-developed information systems and/or related applications or services
  • Reports regularly, at least annually, to the Chancellor and the CIO the status and effectiveness of the security program and its controls
General Supervision and Management
  • Provides coaching and performance management leadership for assigned personnel
  • Ensures direct reports complete required compliance training annually according to college-wide deadlines
  • Leads and holds assigned personnel accountable for adhering to college policies, procedures, goals, and objectives
Service Excellence
  • Participates on behalf of the College in external community organizations and associations as assigned to support the essential performance requirements
  • Attends the workplace regularly, reports to work punctually, and follows a work schedule to keep up with the demands of the worksite
  • Completes all required training and professional development sessions sponsored through Tarrant County College (TCC)
  • Supports the values of the College: diversity, teaching excellence, student success, innovation, creativity, and service to the College
  • Supports the mission, values, goals, and principles of the College
Supervision
Works under the general supervision of the Chief Information Officer

*Performs Other Related Tasks as Required


The duties listed are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to the position. The job description does not constitute an employment agreement between the employer and employee and is subject to change by the employer as the needs of the employer and requirements of the job change.

Required Minimum Qualifications
  • Bachelor's degree
  • Seven (7) years' working experience related to the essential performance requirements
  • Three (3) years' working experience supervising (e.g., managing and evaluating the performance of others)
  • Certified Information Systems Security Professional (CISSP)
Preferred Qualifications
  • Certified Information Security Manager CISM, GIAC Security Essentials GSEC, or other recognized Security Certification
  • Experience implementing Federal, State and industry security standards such as the Texas Administrative Codes 202.70-77, NIST 800-53 & 800-171, Graham-Leach-Bliley Act (GLBA) Safeguards Rules in a higher education environment
Knowledge, Skills and Abilities
  • Knowledge of local, State (especially Texas Government Code 2054.136), and Federal laws and regulations relevant to information security, privacy, and computer crime; the principles and practices of public administration and management; the limitations and capabilities of computer systems; technology across all network layers and computer platforms; and operational support of networks, operating systems, Internet technologies, databases, and security applications
  • Knowledge of information security frameworks (e.g., NIST, ISO 27001), technology environments, applications, and networking
  • Knowledge of legal and regulatory implications of data breaches
  • Knowledge of applicable practices and laws associated with data privacy and protection
  • Skilled in security incident management and risk assessment including research, analysis and problem solving, especially for evaluating security threats and trends
  • Skilled in excellent interpersonal communication and customer service with diverse populations
  • Skilled using computer applications and enterprise systems, including security tools and software, word processing, spreadsheet, and presentation software
  • Skilled in formulating and updating security policies and procedures
  • Ability to organize and prioritize tasks effectively and efficiently in a high-pressure environment
  • Ability to make prompt decisions in response to security incidents and to think critically to effectively solve and communicate problems in a fast-paced environment where demands for work are varied and unpredictable in scope and volume
  • Ability to educate and train staff on security protocols
  • Ability to work effectively in a collaborative environment and a setting that is diverse and urban
  • Ability to delegate work appropriately to meet College and campus deliverables
  • Ability to direct and organize program activities; to identify problems, evaluate alternative, and implement effective solutions; to develop and evaluate policies and procedures; to prepare reports; to resolve advanced security issues in diverse and decentralized environments; to communicate effectively; and to supervise the work of others
Physical Demands and Work Environment

Physical Demands

The physical demands described here are representatives of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is frequently required to sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; and talk or hear. The employee is occasionally required to stand, walk, and climb or balance. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

Work Environment

The work environment characteristics described here are representatives of those an employee encounters while performing the essential functions of this job. While performing the duties of this job, the employee occasionally works near moving mechanical parts and is occasionally exposed to risk of electrical shock. The noise level in the work environment is usually quiet.

Accommodations

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties and responsibilities.

Special Instructions Summary

Posted

04/10/2024

Posting Contact Summary

Should you have questions specific to this position please contact the following individual

Contact

HR Talent Acquisition

*

hrtalentacquisition@tccd.edu

Applicant Documents
Required Documents
  1. Resume / Curriculum Vitae
  2. Unofficial Transcripts
Optional Documents
  1. Cover Letter
  2. Certification / License
Posting Specific Questions

Required fields are indicated with an asterisk (*).
  1. * Please select the highest level of education you have completed.
    • High School Diploma / GED
    • 60 or more College Credit Hours
    • Associate's Degree
    • Bachelor's Degree
    • Master's Degree
    • Doctorate Degree
    • None of the above
  2. * Are you a Certified Information Systems Security Professional (CISSP)?
    • Yes
    • No
  3. * Please list any certification or licensure you have that is directly related to this position.

    (Open Ended Question)
  4. * How many years of working experience do you have related to the Essential Performance Requirements?
    • Less than 3 years of experience
    • 3 to 6 years of experience
    • 7 to 10 years of experience
    • 11 to 14 years of experience
    • 14 or more years of experience
  5. * Please describe your experience (responses are used to determine eligibility).

    (Open Ended Question)
  6. * How many years of experience do you have supervising employees (e.g., managing and evaluating the performance of others)?
    • None
    • Less than 1 year of experience
    • 1 year of experience
    • 2 years of experience
    • 3 years of experience
    • 4 years of experience
    • 5 or more years of experience
  7. * Please describe your supervisory experience (responses are used to determine eligibility).

    (Open Ended Question)
  8. * How would you rate your level of experience using word processing, spreadsheet and presentation software (i.e. Microsoft Word, Excel, PowerPoint)?
    • Advanced
    • Intermediate
    • Beginner
    • None
  9. * How would you rate your experience with web-based software?
    • Advanced
    • Intermediate
    • Beginner
    • None
  10. * How long have you been in your current role with TCC?
    • Less than 6 months
    • More than 6 months
    • I am not a current TCC employee
    • I am a current TCC student employee

Tarrant County College District

Fort Worth , TX