Cybersecurity Specialist

GENERAL RESPONSIBILITIES:

Responsible for the operational and strategic management of the division’s information security risk management program.  Provides leadership in the development, implementation and management of initiatives to protect student, staff and division-wide data from cybersecurity risks.

ESSENTIAL DUTIES:

(These are intended only as illustrations of the various types of work performed. The omission of specific duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position.)

• Develop and manage division-wide information security strategy including security architecture, awareness programs, and incident response protocols.

• Evaluate and recommend technical controls for technology projects as related to information security.

• Communicate with technology department and division leadership regarding security risk and management strategies.

• Develop and maintain security-related policies and procedures, including training and communication to end users as appropriate.

• Maintain up to date knowledge of technology trends, and new information security threats in order to recommend appropriate security controls.

• Evaluate potential security incidents, coordinate response, recommend and subsequently implement resolution steps.

• Provide ongoing status updates to division leadership regarding potential security incidents, using language accessible to non-technical professionals.

• Develop process to assess new and existing applications and system setup to reduce security risks.

• Coordinate with third-party vendors serving division to ensure security of division data.

• Maintain and analyze relevant data and reporting as needed and requested by division leadership.

• Perform related work as required.

KNOWLEDGE, SKILLS AND ABILITIES:

Proven project management skills, experience with information security risk management, proven ability to develop and execute a strategic plan; proven ability to operate in a collegial environment; demonstrated conceptual and problem solving capabilities; demonstrated ability to articulate a vision and motivate people to act with a shared vision; demonstrated style that is decisive and direct as well as, collegial and approachable.

EDUCATION AND EXPERIENCE:

Required: Bachelor’s Degree in Information Systems or related subject or five (5) years of relevant field experience.  Proven experience managing projects of varying scope. A minimum of two (2) years in a leadership capacity in the Information Technology field. 

Preferred: Masters Degree. Advanced certification in cybersecurity.

A comparable amount of training and experience may be substituted for the minimum qualifications. 

New 10/2023; Hanover County Public Schools assures Equal Employment Opportunities and equal education opportunities for employees and students as required by Federal and State Orders and Laws.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential tasks. This job description is intended to accurately reflect the position activities and requirements.  However, management and administration reserves the right to modify, add, or remove duties and assign other duties as necessary.  It is not intended to be and should not be construed as an all-inclusive list of all the responsibilities, skills, or working conditions associated with the position.

PHYSICAL CONDITIONS:

Must have the use of sensory skills in order to effectively communicate and interact with other employees and the public through the use of the telephone and personal contact.  Physical capability to effectively use and operate various items of office related equipment, such as, but not limited to a, personal computer, calculator, copier, and fax machine. Requires some stooping, kneeling, crouching, reaching, walking, pushing, pulling, lifting, grasping, and repetitive motions. No significant climbing. Requires the ability: to lift ten (10) pounds unassisted; to sit or stand for extended periods of time and to work at a computer for extended periods of time.