Manager, Information Security

Title: Manager, Information Security

Department: Infrastructure Svcs

Campus Location: Arnold/Main Campus

Salary Range: $119,676 - $149,595

Work Mode: This position requires some regular in-person presence on campus or at alternative locations, depending on business needs of the office.

Hours Per Week: 40

Work Schedule: 

Position Type: Full-Time Staff,  Exempt

Position Summary

Reporting to the Director of Information Security and Infrastructure within the Information and Instructional Technology Division, this position is responsible for managing and controlling all areas of Information Security in a Hybrid Cloud environment within the Information Security team for the college. This position involves planning and implementing security procedures to secure the college’s data and information against malicious attacks, unauthorized access, corruption, and theft. The manager is also responsible for analyzing information databases and applications for potential security risks, developing new or enhancing current security procedures, overseeing implementation of new policies and procedures, monitoring security systems to identify new threats or needs for updates, and training faculty, staff and students on security awareness and new procedures.

Information and Instructional Technology team members must be dedicated to fostering a culture of excellence. Successful candidates will help IIT build our culture by enabling frictionless service, valuing feedback, and embracing continuous improvement and learning. To support this foundation, IIT has established five pillars. These pillars create a collaborative, supportive, and inclusive professional culture. Successful candidates will be skilled technologists who value AACC’s community and people. They will also be empathetic to the challenges faced by our students, faculty, and staff.

Our Characteristics of Excellence are the guiding principles of our Division, empowering our teams to deliver exceptional results and drive success. Successful candidates will treat people with respect, dignity, and fairness, consistently delivering quality results and following through on commitments and responsibilities. They will cultivate teamwork and collaboration, embrace opportunities for improvement and innovation, and maintain open and honest communication with integrity. Additionally, they will appreciate the value of simple, efficient solutions, recognize the importance of building positive relationships, and respect others' time.

Anne Arundel Community College (AACC) is committed to enriching the educational experience it offers through the diversity of its faculty, administrators, and staff members. The college seeks to recruit and support a broadly diverse team who will contribute to the college's excellence, diversity of viewpoints and experiences, embrace concepts of equity and inclusiveness, and support the equal rights of all people by advancing the understanding and appreciation of differences including age, race, gender, ability, religious convictions, socio-economic status, ethnic heritage, or sexual orientation.

While we appreciate your interest in employment with Anne Arundel Community College, applicants must be currently authorized to work in the U.S. on a full-time basis. Employment-based visa sponsorship (including H-1B sponsorship) is not available for any position.

Pay dates occur on the 7th and 22nd of each month. If those dates fall on a weekend, the pay date occurs on the Friday prior to the 7th and 22nd. As an employee of the college, you are eligible for a comprehensive benefits package.

In the best interest of the College, only individuals who are residents of Maryland or one of the following states will be eligible for employment at the college: Delaware, Pennsylvania, Virginia, West Virginia or the District of Columbia. The college will annually review this restriction and, if appropriate, expand the list of states of employment eligibility.

Job Duties and Responsibilities

Develop, implement, and maintain information security policies, procedures, and standards in a Hybrid Cloud environment

Lead the information security team, providing direction and support

Conduct risk assessments and vulnerability assessments to identify and mitigate security risks.

Monitor and respond to security incidents and breaches, conducting thorough investigations and implementing corrective actions many times acting as the Incident Response Lead.

Ensure compliance with relevant laws, regulations, industry standard & frameworks (e.g., GDPR, PII, HIPAA, NIST CFS 2.0, NIST 800.171 & NIST 800.53).

Collaborate with IIT and other departments to integrate security measures into all aspects of the organization’s operations.

Conduct research and make recommendations on products, services, protocols, and standards in support of all infrastructure procurement and development efforts.

Conduct regular security awareness training for employees.

Stay current with the latest security trends, threats, and technology solutions.

Prepare and present reports on the status of the information security program to senior management.

Perform effective supervision of staff including job definition and responsibilities, goal setting, coaching, employee communications and performance appraisals.

Develop individual training plans, goals and objectives for personnel to ensure appropriate skill sets are maintained. Document and communicate a career path for individuals. Creates a positive, supportive environment where staff are motivated and accountable.

Works to ensure all digital content and IT solutions promote a secure, inclusive, and accessible digital environment (current WCAG standards)

Required Qualifications:

Bachelor's degree required and five years related experience to include two years in a managerial role.

Candidate may be eligible for position with an associates degree by substituting two years of additional related experience in lieu of a bachelors degree for a total of seven years minimum related experience including two years in a managerial role.

Strong knowledge of information security frameworks, standards, and best practices.

Experience with security technologies such as firewalls, intrusion detection/prevention systems, and encryption. ie. Microsoft Azure, Fortinet, Barracuda, Microsoft Purview, Defender, etc…

Excellent problem-solving and analytical skills.

Strong communication and leadership abilities.

Preferred Qualifications:

Relevant industry certifications such as CISSP, CISM, CISA.

Cloud related security certifications, ie. Azure Security Engineer, Azure Security Expert.