Manager, Information Security and Compliance (Full-Time)

Work Location: 837 Chestnut Ridge Road, Morgantown, WV, 26505

Classification: Salary, Non-Classified, Full-Time Benefits, FLSA Exempt

Application Deadline: Open Until Filled.

Job Summary

This position is responsible for the day-to-day monitoring of WVNET’s infrastructure environment, analyzing and responding to events as necessary. Working across the organization, must be able to utilize multiple tools to monitor, analyze and respond to infrastructure threats.  Provides security leadership in support of the enterprise as it relates to IT network security, IT security governance, security monitoring, and security awareness.  Ensures organizational compliance with security policies, standards, and processes.   Works horizontally across the enterprise to solve and prevent problems collectively and leverage the collective expertise contained in the organization.  Assists management in the development and implementation of policies and procedures for monitoring, assessment, analysis, and response.

Duties & Responsibilities

Information Security Operations

  • Participates in incident response activities, including readiness activities and table-top exercises.
  • Monitors for and coordinates response to vulnerabilities in the agency’s on-premise and cloud environments.
  • Responsible for developing and implementation a comprehensive information security program and prioritized roadmap
  • Conducts or coordinates periodic vulnerability scan and penetration tests
  • Manages institution-wide information security governance processes
  • Execute on incident response plans, identify root cause, and drive mitigations to prevent future occurrences
  • Champion projects that improve our security and incident response capabilities
  • Responsible for security event monitoring, management, and response utilizing SEIM toolsets
  • Works horizontally across the organization to provide highly reliable, secure, and cost-effective network security services

Policy and Compliance

  • Leads the implementation of security controls, practices, and policies through collaboration with other WVNET technical staff
  • Assists in risk assessments and gap analysis for compliance to various policies and regulations, including, but not limited to FERPA, HIPAA, PCI, and internal policies
  • Regularly reviews and recommends updates to internal information security policy and procedures

Training / Awareness / Communication

  • Directs the development and delivery of a security awareness training program for employees
  • Develops training related to cybersecurity standards, penetration testing, vulnerability assessments, and accreditation and certification.
  • Engages and educates customers on information security threats and best practices to manage risk
  • Provides regular presentations on information security topics
  • Maintains a current understanding of the IT threat landscape for the industry
  • Keeps current with new or evolving information technology

Experience

  • 5 years – Experience working as an IT technical specialist in networking, systems operations, or similar department of a large IT organization.    
  • 2 years – Experience working in an information security role or department.     
  • Preferred: Experience working in higher education.        
  • Preferred: Professional security certification (e.g., CISSP, CISM/A).

Education

  • Required:  Bachelor’s degree in computer science, information system, information assurance, cyber security, or a technology-related field.
  • Preferred: Master’s degree in the same fields of study.

Knowledge, Skills, & Abilities

  • Strong technical and operational knowledge of general security concepts and methods (vulnerability assessments, privacy assessments, intrusion detection, incident response)
  • A strong understanding of information security regulatory requirements and compliance issues.
  • In-depth understanding of networking protocols, security-related technologies, and end user security issues.
  • Experience with vulnerability scanning and security management platforms
  • Experience with common security and privacy legislation and regulations (e.g. PCIDSS, FERPA, HIPAA, etc.)
  • Familiarity with security standards (NIST, ISO, COBIT)
  • Excellent analytical, troubleshooting and interpersonal skills.
  • Excellent verbal and written communication skills.
  • Organization and attention to detail.

Salary

Starting annual salary of $85,000 – $95,000 and commensurate with experience. Additionally, WVNET offers an excellent benefits package which includes comprehensive health, retirement, and insurance plans as well as generous amounts of vacation, sick, and holiday leave.

Equal Opportunity/Affirmative Action Employer/Veterans/Disabled

The West Virginia Network for Educational Telecomputing (WVNET) is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, or protected veteran status and will not be discriminated against on the basis of disability. WVNET provides a collegial, respectful and inclusive environment that values the diversity, creativity and contributions of its staff.


Apply for Position

  • Drop files here or
    Accepted file types: docx, pdf.
  • Drop files here or
    Accepted file types: pdf, docx.
Scroll Up
Copy link
Powered by Social Snap