Information Security Administrator

The Information Security Administrator is responsible for helping safeguard the confidentiality, integrity, and availability of the College’s electronic information systems, networks, and data. This position develops, implements, and maintains cybersecurity practices and procedures designed to protect institutional information assets and reduce organizational risk. The Information Security Administrator works collaboratively with the Information Technology department and campus stakeholders to identify vulnerabilities, monitor emerging threats, respond to security incidents, support regulatory compliance efforts, and promote security awareness throughout the College community.

This position also provides training and guidance regarding cybersecurity best practices for faculty, staff, and students.

Any combination of experience and training that would likely provide the required knowledge and abilities is qualifying. A typical way to obtain the knowledge and abilities would be:

• Assist the IT Director with strategic planning related to information and network security, including plans to safeguard institutional data from accidental or unauthorized access, modification, destruction, or disclosure.
• Assist in developing, documenting, implementing, and maintaining information security policies, procedures, standards, and testing protocols.
• Collaborate with Information Technology staff to evaluate security risks, identify vulnerabilities, and implement appropriate mitigation strategies and security controls.
• Conduct regular risk assessments, vulnerability reviews, and security audits to identify potential threats and ensure effective protection of institutional systems and data.
• Monitor system, network, and security logs to identify suspicious activity, attempted intrusions, or indicators of compromise.
• Assist with the implementation and maintenance of firewalls, encryption methods, endpoint protection, multifactor authentication, and other cybersecurity technologies and safeguards.
• Monitor cybersecurity trends, threat intelligence, and industry best practices to assess potential impact on College systems and recommend appropriate responses.
• Lead information security incident response activities, including investigation, containment, remediation, recovery efforts, documentation, escalation, and reporting.
• Assist with internal and external notifications related to cybersecurity incidents in accordance with applicable laws, regulations, policies, and institutional procedures.
• Generate reports, documentation, and recommendations to support institutional leadership, compliance requirements, audits, and continuous improvement efforts.
• Provide cybersecurity awareness training and educational resources to faculty, staff, and students regarding phishing, social engineering, password security, data privacy, and related topics.
• Receive, prioritize, document, and respond to information security requests and tasks received through ticketing systems, project management systems, department communications, and other official channels.
• Lead and facilitate regular departmental meetings related to information security initiatives, trends, priorities, goals, and ongoing projects; prepare agendas, track progress, and provide written updates to leadership.
• Maintain current professional knowledge and technical expertise through ongoing training, professional development, and industry certifications.
• Collaborate effectively with internal departments, external vendors, auditors, regulatory agencies, and technology partners as needed.
• Support compliance with applicable federal and state regulations, accreditation standards, and College policies related to information security and data protection.
• Perform other duties as assigned.

Bachelor’s degree in Information Security, Cybersecurity, Information Technology, Computer Science, Management Information Systems, or a related field preferred. Equivalent combinations of education, technical training, certifications, and directly related experience may be considered.

At least five years of combined education and work experience in information technology,…