Cybersecurity Engineer - Instructional Support Facility

Job Title: Cybersecurity Engineer

FLSA Exemption Status: Exempt

Classification Group: Professional Technical

Supervising Position: Cybersecurity Manager or designee

Pay Plan: Professional Technical

Pay Range: Range 06

Last Updated: 09/18/2024

Pay Information

Benefits Information

 

JOB SUMMARY: Maintain a comprehensive cybersecurity program within the Cherry Creek School District by analyzing and gathering data. Safeguard sensitive information, manage and respond to security incidents, and ensure compliance with national frameworks and cyber insurance requirements. Collaborate with Information Technology (IT) staff, educators, and administrators to create a secure computing environment that protects the District’s technology infrastructure, data, staff, students, and families.

ESSENTIAL DUTIES AND RESPONSIBILITIES: The subsequent duties outline the fundamental operations of the position and exemplify the nature of the tasks carried out. They do not encompass a comprehensive inventory of the obligations and responsibilities fulfilled in this role. The approximation of frequencies and time allocation percentages are flexible and subject to the requirements of the organization. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Job Task Descriptions Frequency Percentage of Time

1.

Incident response and management – Participate in the investigation, analysis, resolution and documentation of cybersecurity incidents.  Analyze patterns, determine root cause, and recommend remediation efforts. 

Daily 20%

2.

Security Infrastructure Management – Assist in the maintenance of security technologies, including firewalls, endpoint protection, vulnerability assessments, disaster recovery and business continuity. Perform updates and security patches implementation.

Daily 20%

3.

Cybersecurity Monitoring and performance - Maintain incident response plan, address and mitigate cybersecurity incidents. Assist with coordination efforts and documentation.

Daily 20%

4.

Compliance and Reporting – Ensure compliance with relevant frameworks, regulations, standards, cyber insurance and district standards.  Collaborate with internal and external stakeholders.   

Daily 10%

5.

Security Awareness and training – Assist with cybersecurity awareness training programs for staff, students and stakeholders.

Daily 10%

6.

Asset Management – Assist in the maintenance of the district’s hardware and software lifecycle policies, standards, equipment and processes. 

Daily 10%

7.

Vendor Management – Assist with cybersecurity practices of third-party vendors providing services to the district.  Establish and maintain security requirements for vendors.

Daily 5%

8.

Perform other duties as assigned or requested.

Daily 5% TOTAL 100%

REPORTING RELATIONSHIPS: This job has no direct supervisory responsibilities.

• N/A

MINIMUM QUALIFICATIONS: The minimum prerequisites of formal education, professional work experience, certifications, licenses, endorsements, designations, trainings, and other criteria that a candidate must fulfill to be considered for a position. It is essential that certifications, licenses, endorsements, designations, and trainings are fulfilled, valid, and not expired.

• Criminal background check and fingerprinting required
• Associate's degree
• Two (2) years of professional work experience
• Proven experience in a cybersecurity program in an educational institution
• Knowledge of regulatory compliance such as FERPA, COPPA, CIPA and other relevant state and federal statutes regarding cybersecurity, safety, and privacy
• Knowledge of Cybersecurity Frameworks (NIST), Cyber insurance requirements and their application in a K-12 setting
• Knowledge of enterprise cybersecurity technologies involving cybersecurity including SIEMs, forensic tools, firewalls, and monitoring systems
• Knowledge of authentication technology such as SSO, SAML, Windows, Google and LDAP systems
• Experience with hardware and software lifecycle programs, standards, and processes
• Experience with performing cybersecurity analysis and risk assessments of technology infrastructures
• Excellent interpersonal, problem solving, critical observation, conflict resolution and communications skills

PHYSICAL REQUIREMENTS AND WORKING CONDITIONS: The physical demands, mental functions, cognitive capacities, and work environment factors required to perform a position’s essential functions. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Light work strength level (lifting or carrying up to 25 pounds)
• Primarily works indoors
• Typically a quiet noise level
• Work location is subject to change to meet the requirements of the organization

DESIRED QUALIFICATIONS: Formal education, professional work experience, certifications, licenses, endorsements, designations, trainings, and other qualifications relevant to the position that are strongly preferred but not mandatory for a candidate to be considered.

• Experience working in the public sector
• Experience working directly with people from diverse racial, ethnic, and socioeconomic backgrounds
• Racially conscious and culturally competent with the skill, will, capacity, and knowledge to commit to a culture of continuous improvement
• CISSP, CompTia Network+, or equivalent certification
• Experience working in a K-12 school district or educational setting