Duties and ResponsibilitiesJob Summary
Reporting directly to the Chief Information Officer (CIO), the Executive Director – Information Security is accountable for protecting City Colleges of Chicago (CCC) against harm from unauthorized or unintended actions or events. Position will direct, coordinate, plan, and organize information security activities throughout the organization. Position will also develop, implement, and maintain a District-wide IT risk management program that identifies, analyzes, evaluates and prioritizes risks to CCC’s infrastructure and information assets. Perform related duties as required. 
Essential Duties

• Establish and direct the design, development, testing, and implementation of Information Security strategies, plans, products and other systems.  
• Implement security standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of information. 
• Oversee IT risk management, including the identification, analysis, and measurement of risks; monitoring and reporting on IT risks and disposition of risks; serve as CCC’s internal auditor for IT processes. 
• Design, perform, and/or oversee penetration tests and vulnerability assessments of CCC systems and networks. 
• Evaluate associated risks and threats and provides countermeasures. 
• Establish and maintain a threat management and intelligence analysis program to track and report on emerging vulnerabilities and prevent known indicators of compromise from impacting CCC. 
• Create and maintain technical security standards and ensure proper configuration of security technologies, such as firewalls, anti-malware, and data encryption systems. 
• Manage the reporting, investigation, and resolution of security incidents. Monitor logs, traffic, and other sources for unusual or suspicious activity. 
• Establish and oversee formal incident response processes to mitigate risk to CCC. 
• Oversee digital forensic and Discovery activities while maintaining appropriate chain of custody. 
• Establish and execute on comprehensive security awareness program. 
• Implement strategic and operational objectives related to business continuity and disaster recovery. 
• Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry standard best practices. 
• Provide guidance and expert opinion to senior management on security-related issues.

REPORTING RELATIONSHIPS Report to: Chief Information Officer Direct Supervision: IT Security Administrator

QualificationsEducation, Training and Experience 

• A Bachelor’s Degree from an accredited college or university in Computer Science, Information Technology or a related field 
• Five to seven years of work experience in information security management requiring related information technology skills (risk management, information auditor) 
• Demonstrated experience in security processes such as IT risk management, threat and vulnerability management, IT compliance, identity and access management, and /or security awareness 
• Proven ability to enhance and/or implement an enterprise-wide information security education and awareness program 
• Knowledge and understanding of relevant regulatory requirements such as the Family Education Rights and Privacy Act (FERPA) 
• Advanced computer skills. 
• Proficiency in Microsoft Suite (Work, Excel, PowerPoint)The following generally describes the Knowledge, Skills and 
• Abilities required to enter the job and/or be learned within a short period of time to successfully perform the assigned duties 

Knowledge, Skills and Ability 

• Knowledge of the principles of information security and information auditing 
• Knowledge and understanding of technical IT security controls 
• Knowledge and understanding of security management or compliance frameworks 
• Knowledge and understanding of enterprise, network, systems/endpoint, application and data protection issues and security risks 
• Excellent interpersonal and communication skills 
• Strong business writing skills 
• Strong organizational skills 
• Solid project management skills 
• Ability to work effectively within a culturally diverse environment 
• Ability to exercise discretion and diplomacy in working with different levels of staff 
• Ability to work independently and with a high degree of professionalism 

Working Conditions 

• General office environment 
• Standard office equipment including personal computers and associated equipment 

Physical Requirements  

• Primarily sedentary with intermittent standing, walking, bending and stooping. Some lifting or carrying of objects of light weight may be required. 

Worker Characteristics 

• Leadership – Demonstrates willingness to lead, take charge, and offer opinions and direction 
• Adaptability/Flexibility – Works effectively in an environment in which the parameters may change daily; adjusts behavior to meet the needs of different people and situations 
• Initiative – Demonstrate willingness to take on responsibilities and job challenges 
• Attention to Detail – Pay careful attention to detail and thoroughness in completing work tasks. 
• Dependability – Demonstrate reliability, responsibility, and dependability and fulfill obligations. 
• Technology Savvy – Capable user of technology who understands the role of technology in the institution and who will guide and support its efficient and effective use.

Chicago residency is required for all full-time employees within 6 months of hire.

We are an equal opportunity and affirmative action employer.

Thank you for your interest in City Colleges of Chicago. 

Job: Information Technology
Primary Location: District Office
Job Posting: Mar 28, 2019, 11:49:08 AM