Information Security Operations Lead

The Vermont State Colleges System is looking for an Information Security Operations Lead to join the Information Technology team. This person will lead daily operations within the Security Department and work closely with other VSC departments to ensure all critical systems are protected and adhere to security best practices and digital policies and procedures.

Job Description

Information Security Operations Lead                                           GRADE:  15

NON-BARGAINING UNIT                                                                        EXEMPT

BASIC FUNCTION

Lead daily operations within the Security Department and work closely with other VSC departments to ensure all critical systems are protected and adhere to security best practices and digital policies and procedures. 

ESSENTIAL DUTIES & RESPONSIBILITIES

•  Accountable for the efficient operations of the security team including the day-to-day security operations work, prioritizing projects and assignments, providing direction and guidance to the security team and also to the network infrastructure team, as needed.
• Escalation point for events generated by security tools include EDR, Phishing, MFA, SIEM and others.  Provide general management and service direction for these security-based tools.    
• Assists Director of Infrastructure and Information Security to lead Technical Incident Response procedures in the event of an incident. 
•  Lead vulnerability management and reporting. 
• Develop a security and engineering process via available resources.
• Identifies needs and supports the design of security policies and procedures. 
•  Implement and oversee security applications and develop a future roadmap.
• Oversee compliance with regulatory requirements (e.g., FERPA, NIST CSF, PCI DSS if applicable).  
• Responsible for analysis of network traffic, system logs, and other sources using security tools. 
• Work with other groups to ensure security best practices and evaluate security needs and tools. 
•  Lead vendor contract and software and services security reviews.
• Responsible for working with managed services vendors utilized by security team. 
•  Serve on cybersecurity related committees and projects as necessary.   

SUPERVISION RECEIVED

Reports directly to Director of Infrastructure and Information Security

SUPERVISION EXERCISED

Direct supervision of up to 3 staff members is possible.

MINIMUM QUALIFICATIONS 

• Bachelor’s degree in information technology or or combination of education and equivalent work experience   
• Current industry standard certification(s) such as CISSP, CompTIA Security+ or similar.
•  At least 3 years of experience working in the cybersecurity fieldincluding experience managing security systems and tools 
• At least 5 years of technical IT experience, including Windows Server, Active Directory, and Linux/macOS administration. Networking fundamentals (TCP/IP, DNS, VLANs, NAC). 
•  Familiarity with security frameworks and standards (e.g., NIST CSF 2.0, NIST 800-53, 800-171, ISO 27001). 

PREFERRED QUALIFICATIONS

• Experience in an educational setting.  

KNOWLEDGE, SKILLS, & ABILITIES

• Experience working with interdisciplinary groups 
• Good written and verbal communication skills with the ability to engage with a variety of audiences. 
• Good interpersonal and communication skills 
• Ability to support diverse groups and manage resources during a security incident.  

Location: This position may be based on any of the Vermont State College’s centers or campuses. Some remote work is possible.

Physical Requirements: Duties performed cause slight fatigue of eyes, fingers, or other faculties as a result of repetitive motion and/or long periods of standing or sitting. Duties require little physical effort in work with light to moderate (up to 25lbs) easy-to-handle materials. Duties will occasionally require the climbing of ladders.

Working Conditions: Job is performed in a general office or comparable working area with many and frequent distractions such as noise and interruptions. Work schedule may vary during high volume periods. 

This general outline illustrates the type of work which characterizes the job classification. It is not an all-encompassing statement of the specific duties, responsibilities and qualifications of individual positions assigned to the classification. 

VSCS values individual differences that can be engaged in the service of learning. Diverse experiences from people of varied backgrounds inform and enrich our community. VSCS welcomes all qualified applications, including those from historically marginalized and underrepresented populations. VSCS is an equal opportunity employer, in compliance with ADA requirements, and will make reasonable accommodations for the known disability of an otherwise qualified applicant. Please contact Human Resources for assistance with accommodations at CCVHR@ccv.edu. 

All new full-time employees and certain part-time employees will be subject to a criminal background check. Any offer of employment is contingent upon the satisfactory results of this check. 

Application Instructions:
In order to be considered, please submit a complete application package which includes a cover letter, resume/CV, employment application and contact information for three professional references at: www.vsc.edu/employee-resources/job-postings.