USACares Jobs

Job Information

Cochise College Director of Information Security Compliance - Anticipated opening starting July 1, 2020 in Sierraista, Arizona

This job was posted by : For more information, please see: Position Summary: The Director of Information Security Compliance is responsible driving a culture of information security compliance by reviewing and auditing cyber security related compliance, ensuring technology infrastructure, operations, services, and processes are managed according to college policy and state and federal regulatory requirements.Essential Functions: As defined under the Americans with Disabilities Act, may include any of the following tasks, knowledge, skills, and other characteristics. This list is ILLUSTRATIVE ONLY, and is not a comprehensive listing of all functions and tasks performed by incumbents of this class.Note: Cochise College requires a post offer, pre-employment background screening of all employees. Position is open until filled with applications reviewed upon receipt and may close at any time. Duties and Responsibilities: Within the scope of college policies and procedures, this position:Develops and executes information compliance risk management activities in accordance with college policy and state and federal regulations, including creation, maintenance, analysis and dissemination of compliance reports.Creates recommendations for process improvement to address changes in compliance requirements. Performs internal audits of compliance related activitiesProvides guidance to the college to ensure documents, projects, processes or technology initiatives comply with applicable regulatory and legal requirements and college policySynthesizes analyses, identifies root cause(s) of potential compliance risk, provides recommendations that influence business solutions and validates resolutionResponsible for participation on project teams to assure security compliance requirements are considered and included for new technology related implementationsMaintains compliance expertise, keeping current with applicable compliance requirementsPerforms other related duties as assignedGeneral Expectations: Employees are expected to accomplish assigned duties in an efficient, effective and competent manner and to strive for improvement and excellence in all work performed. Additionally, employees must understand the comprehensive role of the community college and cooperate and work harmoniously with students, faculty and staff, and the public. Employees will follow all college policies, rules, regulations and guidelines as they relate to this position.Education and Experience; Knowledge, Skills and Abilities:Education and Experience Requirements:Bachelor's degree in cybersecurity or related field from a regionally accredited institution of higher learning recognized by the US Department of EducationThree years' experience in information security, compliance, risk, audit, or related areaPreference may be given to individuals with CISA, CISM, or similar certification An equivalent combination of education and/or experience from which comparable knowledge, skills and abilities has been achieved may be considered. Knowledge, Skills and Abilities:Knowledge of and ability to follow college policies and proceduresKnowledge of Microsoft Office suiteKnowledge of regulatory requirements (GLBA, FERPA, etc.)Knowledge of IT Security Frameworks (NIST, IHECF, etc.)Skill communicating technical information to non-technical audiences both verbally and in writingSkill in project management, time management, and initiation and execution of tasksSkill in presenting ideas and concepts orally and in writingAbility to communicate effectively, verbally and in writing, and to relate to others in a professional, helpful mannerAbility to assess cybersecurity policies, standards, and procedures for key cybersecurity concep ts (access to programs and data, changes to programs and data, IT operations, etc.) in order to identify gaps with regulatory requirements (GLBA, FERPA, etc.) and information security frameworks (NIST, IHECF, etc.)Ability to assess IT dependencies (system integrations, reports, segregation of duties, automated application controls, etc.) within information systemsAbility to communicate the impact of cybersecurity control effectiveness on business processes to nontechnical stakeholdersAbility to communicate gaps in cybersecurity control design to control owners and make meaningful recommendationsAbility to communicate effectively, verbally and in writing, and to relate to others in a professional, helpful mannerAbility to relate to a diverse population and to maintain composure when faced with difficult situationsAbility to multi-task and organize, prioritize, and follow multiple projects and tasks through to completion with an attention to detailAbility to work independently while contributing to team environmentAbility to analyze problems, identify solutions, and take appropriate action to resolve problems using independent judgment and decision-making processesAbility to establish and maintain effective working relationships with other department staff, faculty, students and the public Work Environment & Physical Requirements:Work Environment: Work is primarily performed under general supervision. Incumbent generally perf