The Colorado Community College System (CCCS) is the state’s largest institution of higher education and consists of 13 colleges and over 40 locations across the state, educating approximately 120,000 students annually. In addition, we train more than 4,000 Coloradans each year through various other programs. Our mission is to provide an accessible, responsive learning environment where our students can achieve their educational, professional and personal goals in an atmosphere that embraces academic excellence, diversity and innovation. We are an organization that encourages individuals to bring their whole selves to work.

We are hiring a Manager of Information Security to join our Information Technology team. In this position you’ll create and maintain the CCCS Cyber Security procedures and incident response plan and participate in strategic planning for security-related issues. CCCS offers generous time off, excellent benefits, and flexible work environments. If you’re an infosec leader who can guide and teach others best practices in cybersecurity, this position may be for you!

As the Manager of Information Security, you’ll lead incident response activities for significant IT security incidents, direct vulnerability scanning activities for CCCS System Office and colleges, and create/maintain procedures related to IT Security. The person in this position provides customer support and expertise to properly maintain Information Technology systems security operations. They monitor application/system software and hardware operations, routine/high priority system problem identification, and high priority corrective action. The Manager acts as a liaison with users to identify unique and/or common difficulties and prepares plans for their resolution. In this position you’ll perform and oversee systems and network security administration responsibilities and ensure compliance with electronic and physical security procedures and standards.

Duties Include:

• Monitoring the dynamic landscape of state, federal, and international laws and regulations relevant to the security and privacy of information stored and processed at CCCS and deciding when and how to update security procedures and security controls to maintain compliance.
• Providing oversight and enforcement of security directives, orders, standards, plans, and procedures at CCCS.
• Notifying IT leadership immediately of any security violations, attempts to gain unauthorized access to information, virus infections or other IT Security breaches that may affect users, network, or systems, then deciding the appropriate response and assisting with investigation and incident report creation.
• Deciding how CCCS will implement threat and vulnerability controls during annual assessments and in real time as new threats are discovered.
• Providing guidance to CCCS leadership and IT governance bodies on emerging threats and the evolving landscape of protective technologies.
• Contributing to the strategic design and accurate systems documentation for CCCS’s computer and network environment.
• Overseeing the creation of security education and awareness activities for all faculty and staff. You’ll also work with the CCCS colleges to assist in the creation of security education and awareness for students.

Required Qualifications:

• Bachelor’s degree in a technology-related field (Relevant education and experience in the appropriate technical and management areas may be considered as a substitute for formal education.)
• At least three years of network security administration or management. CISSP certification is not required but highly desirable.

Attributes that will contribute to success in this position:

• Practiced in using public key infrastructure, firewalls, encryption techniques, virus detection and intrusion detection systems to secure enterprise information systems.
• Practiced in developing system security plans, performing risk analyses, conducting security test and evaluations, and developing and testing contingency plans.
• Familiarity with state, national and international laws and regulations (such as HIPAA, FERPA, GDPR, PCI, FISMA/CUI, and SOX).
• Familiarity with different standards and ability to practically apply them to improve security posture (such as NIST 800, SAS70, ISO 27002).
• Understanding of Cisco Firepower Firewalls, Cisco ISE, Cisco VPN.
• Practiced in creating and maintaining cyber security procedures for large complex educational institutions.
• Knowledge of how to support enterprise 24x7 environments.
• Excellent interpersonal, oral communication, and negotiation skills.
• Ability to establish and maintain effective and cooperative relationships with faculty committees, campus and college administrators, campus departmental stakeholders, permitting agencies, budget and funding authorities, architectural and engineering consultants, contractors, and suppliers.
• Ability to initiate and maintain cooperative relationships with people from diverse backgrounds, including college personnel and the public.

Work Location/Travel Expectations:

• Occasional in-state travel and out-of-state travel, along with conference attendance, is required.

To apply: https://schooljobs.com/careers/cccs/systemoffice

All employees of the System Office have a choice to submit a copy of their vaccination card or to agree to weekly COVID-19 testing.

CCCS offers the options of alternative work arrangements (remote work/adjusted schedules).  Work must be completed within the state of Colorado.

CCCS recognizes the importance of a workforce that is reflective of our diverse student community which consists of 24.1% Hispanic, 5.6% Black/African American, 3.8% Asian/Pacific Islander, 0.7% American Indian/Alaskan Native, 54.6% White, 58.3% Female, 41.7% Male, and 8.1% Veterans. As such, we are interested in selecting the best candidate from a diverse applicant pool.