Primary Purpose:

Responsible for developing, implementing and monitoring strategic, district-wide cybersecurity and IT risk management. Tasks include identifying current threats, mitigating vulnerabilities, and anticipating future cybersecurity challenges.

 

Minimum Qualifications

Bachelor’s degree or equivalent experience in managing enterprise network security

Maintain relevant security leadership certification (i.e., CISSP, CISM) or obtain within six (6) months of employment

Relevant security incident response/forensics certification (i.e., OSCP, GIAC, etc.)

 

Education/Certification

Three years’ experience with network engineering and security management

Experience in providing cybersecurity and risk metrics for reporting

 

Knowledge/Skills

• Knowledge of local, state, and federal laws and regulations relevant to information security,
• privacy, and computer crimes
• Knowledge of the capabilities and limitations of computer systems and technology
• Knowledge of operating systems, Internet technologies, databases, and security infrastructure
• Knowledge of information security controls, procedures, and regulations
• Knowledge of concepts and techniques for enterprise risk management, audits, and risk assessments
• Knowledge of incident response program, practices and procedures
• Skill in quickly resolving advanced security issues in diverse environments
• Knowledge of information technology infrastructure library (ITIL) for security administration and information technology governance in a multi-platform environment
• Strong troubleshooting and electro/mechanical aptitude
• Strong organizational, communication, and interpersonal skills

Major Responsibilities and Duties

(The following statements describe the general purpose and responsibilities assigned and should not be construed as an exhaustive list of all responsibilities, skills, efforts, or working conditions that may be assigned or skills that may be required.)

• Serve as the district Cybersecurity Coordinator in compliance with SB 820.
• Monitor and protect district data from current and emerging internal and external security threats.
• Implement the district’s cybersecurity framework by conducting threat assessments, risk analyses, and system audits.
•  Provide metrics and reports for the IT security-related aspects of the organization’s information and data systems and architecture.
• Develop district security strategies, awareness programs, training opportunities, security architecture, and incident response protocols.
• Implement security designs for hardware, software, data maintenance, and procedures.
• Develop and maintain disaster response protocols and strategic business continuity plans.
• Implement related policies and procedures to ensure service is continuous when a change program is introduced, a security breach occurs, or the disaster recovery plan needs to be triggered.
• Conduct audits, as a continuous assessment of current IT security practices and systems to identify areas for improvement.
• Perform security compliance checks, including network penetration testing, vulnerability scans,and other configuration analysis.
• Develop and present budget recommendations, provide long and short-term planning and establish key performance indicators and targets.
• Ensure accomplishment of all objectives per District policies, procedures, and strategic direction, as well as regulatory standards governing the District.
• Perform other duties as assigned.

Professionalism 

The Educators' Code of Ethics is set forth in Texas Administrative Code to provide rules for standard practices and ethical conduct toward students, professional colleagues, school officials, parents, and members of the community.

• Rule §247.1 Purpose and Scope; Definitions 
• Rule §247.2 Code of Ethics and Standard Practices for Texas Educators

Supervisory Responsibilities

 

• None

Equipment

• Firewalls, servers, switches, workstations and other network equipment.

Working Conditions:

Mental Demands/Physical Demands/Environmental Factors

 

• Work irregular and extended work hours to include holidays and weekends.
• Work with frequent interruptions and maintain emotional control under stress.
• Requires repetitive hand motions.
• May require prolonged use of computer, moderate standing, stooping, bending, and lifting.
• Prolonged use of computer
• Lifting and moving heavy equipment 
• Work on-call and after hours

The foregoing statements describe the general purpose and responsibilities assigned to this job and are not an exhaustive list of all responsibilities and duties that may be assigned or skills that may be required.