Job Summary
The Cybersecurity Specialist reports directly to the Chief Information Security Officer ( CISO ) and assists with the design, deployment, and oversight of the College’s Information Technology Cybersecurity Program to ensure all aspects are complete, current and in adherence with regulatory requirements and institutional objectives. The cybersecurity program will include development of security policies, guidelines, templates and other documentation, ongoing risk assessments to include the identification and potential remediation of assessed risks, performing an annual policy review and retaining all evidence of reviews as performed. This position will assist the CISO to gather information, monitor systems, research solutions, identify risks and recognize problems.
Essential Duties And Responsibilities
Assists with the development and implementation of a robust Information Technology Cybersecurity Program inclusive of state-of-the-art policies and processes that enable the organization to establish consistent, effective information security practices and minimize risk. Participates in projects and priorities for all information security issues and supports short- and long-range business action plans to achieve the execution of the best practice vision designed by the CISO to secure the institution technical resources and critical data. Assists the CISO regarding the identification of current and future IT security issues and security program developments. Provides updates to the CISO that may include written and/or in-person presentations on relevant information security topics, results of security risk assessments, and progress against approved corrective action plans. Attends meetings regarding Critical Incident Management Plans as required by the CISO Assists the CISO to monitors the institution’s Cybersecurity Program end-user training and testing plans Assists the CISO to educate employees regarding policies, and best practices. Provides training to staff, faculty and students regarding security protocols and procedures as required. Monitors and analyzes network security traffic, firewall-based security traffic, email-based security traffic, Internet security traffic, cloud-based security traffic, end-user security traffic, web-based security traffic, application and server-based security traffic, intrusion detection/prevention systems, data loss prevention systems, and security information and event-management systems and provides reports, recommendations and action plans as required under the direction of the CISO . Promotes the institution’s information security policies designed to ensure the confidentiality, integrity and availability of IT systems and data. Interacts with the Information Technology department (internal and outsourced personnel) and other departmental leadership to acquire information, operational processes, workflows and documentation regarding the institution’s security posture, preparedness, strengths and weaknesses to provide recommendations regarding action plans, documentation, reporting and potential software, hardware and other acquisitions to improve the security posture of the organization under the direction of the CISO . Assists the CISO conduct internal security audits to ensure compliance with industry regulations and standards, state requirements and institutional objectives. Stays current on emerging security threats, solutions and technologies in the cybersecurity field. Monitors and evaluates system security backup and recovery procedures as directed by the CISO and the VP of Information Technology. Pursues professional development by taking security related courses, classes, certifications, webinars offered by the College, the State of Texas and/or professional development organizations as directed by the CISO Participates collegially in discipline-specific activities developed for the Information Technology department as required. Attends the workplace regularly, reports to work punctually and follows a work schedule to keep up with the demands of the worksite (which may be on campus or at an off-site location). Safeguards information system assets and maintains confidentiality of security concerns Reports violations of security policy or best practice to the CISO in the course of business Assists the CISO complete security audits as required. Assists the CISO complete security reports as required. Performs vulnerability scans under the supervision of the CISO as required. Updates information security and response plan documentation as required. Familiarizes themselves with the College technology ecosystem as it relates to security information as required. Attends department meetings and supervisory meetings as required. Displays superior customer service skills. Working hours may include evenings or weekends. Support the values and institutional goals as defined in the College’s Strategic Plan. Complete duties and responsibilities in compliance with college standards, policies and guidelines.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand. The employee is occasionally required to walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl; talk or hear; and taste or smell. The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.