Executive Director-Information Security

Since 1911, City Colleges of Chicago has been connecting students from across Chicago’s neighborhoods to economic opportunity. By offering a quality education at an unprecedented value, City Colleges provides our students and alumni with a pathway to upward mobility. City Colleges of Chicago is the city’s most accessible higher education engine of socioeconomic mobility and racial equity—empowering its students to take part in building a stronger and more just city. As Illinois’ largest community college system, City Colleges is comprised of seven colleges and five satellite sites across Chicago.

PRIMARY OBJECTIVE

Reporting directly to the Chief Information Officer (CIO), the Executive Director - Information Security is accountable for protecting City Colleges of Chicago (CCC) against harm from unauthorized or unintended actions or events.  Position directs, coordinates, plans, and organizes information security activities throughout the organization.

The Executive Director - Information Security also develops, implements, and maintains a district-wide IT risk management program that identifies, analyzes, evaluates, and prioritizes risks to CCC’s infrastructure and information assets.  Perform related duties as required.

ESSENTIAL DUTIES

Core Duties

·       Establishes and directs the design, development, testing, and implementation of Information Security strategies, plans, products, and other systems.

·       Implements security standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of information.

·       Oversees IT risk management, including the identification, analysis, and measurement of risks; monitoring and reporting on IT risks and disposition of risks; serve as CCC’s internal auditor for IT processes.

·       Designs, performs, and/or oversees penetration tests and vulnerability assessments of CCC systems and networks. Evaluate associated risks and threats and provides countermeasures.

·       Establishes and maintains a threat management and intelligence analysis program to track and report on emerging vulnerabilities and prevent known indicators of compromise from impacting CCC.

·       Creates and maintains technical security standards and ensure proper configuration of security technologies, such as firewalls, anti-malware, and data encryption systems.

·       Manages the reporting, investigation, and resolution of security incidents. Monitors logs, traffic, and other sources for unusual or suspicious activity.

·       Establishes and oversees formal incident response processes to mitigate risk to CCC. Oversees digital forensic and eDiscovery activities while maintaining appropriate chain of custody.

·       Establishes and executes on comprehensive security awareness program.

·       Implements strategic and operational objectives related to business continuity and disaster recovery.

·       Develops, implements, maintains, and oversees enforcement of policies, procedures and associated plans for system security administration and user system access based on industry standard best practices.

·       Provides guidance and expert opinion to senior management on security-related issues. 

IT Portfolio Status Updates

·       Provides monthly reports on the IT portfolio, highlighting project progress, risks, and key performance indicators.

·       Maintains communications to ensure clear visibility into ongoing initiatives and resource allocation.

·       Reviews and updates key project updates and financials on a monthly basis.

Budget and Financial Oversight

·       Monitors the fiscal year budget, ensuring alignment with projected and actual expenditures.

·       Tracks monthly payments and financial trends to maintain transparency and accountability in OIT spending.

·       Proactively addresses any discrepancies or overruns and escalates unresolved issues promptly.

Board Report Management

·       Prepares comprehensive reports for the Board, ensuring all data is thoroughly reviewed and validated.

·       Compiles and provides data to the CIO or designee prior to the Chancellor's Preview meetings.

·       Reviews procurement contracts and related documents and provides revisions in a timely fashion to Procurement Department and the Board Office prior to official Board meetings.

·       Ensures all board materials are accurate, concise, and aligned with institutional priorities.

·       Collaborates with cross-functional teams to gather necessary information and insights.

·       Maintains a high standard of accuracy and clarity in all documentation.

·       Adheres to CCC customer service excellence standards.

·       Performs other related duties as assigned.

REPORTING RELATIONSHIPS

Reports To                       Chief Information Officer (CIO)

Direct Supervision          Information Security Analyst; Information Security Administrator  

QUALIFICATIONS

·       Bachelor’s Degree from an accredited college or university in Computer Science, Information Technology or a related field

·       Seven years of work experience in information security management requiring related information technology skills (e.g., risk management, information auditor)

·       An equivalent combination of education, training, and experience may be considered at the discretion of management

·       Project management experience with proven project management skills

·       Demonstrated experience in security processes such as IT risk management, threat and vulnerability management, IT compliance, identity, and access management, and /or security awareness

·       Knowledge and understanding of security management and/or compliance frameworks

·       Knowledge and understanding of enterprise, network, systems/endpoint, application and data protection issues and security risks

·       Proven ability to enhance and/or implement an enterprise-wide information security education and awareness program

·       Excellent interpersonal, verbal, and written communication skills

·       Strong leadership, organization, and team management skills

·       Strong analytical and problem-solving skills  

·       Ability to handle all situations with tact, persuasiveness, and diplomacy

·       Ability to work within a culturally diverse environment

·       Proficiency in Microsoft Office 365 (Word, Excel, PowerPoint, Outlook, Teams)

Salary Range: $115,542 - $150,000

Offered salary will be determined by the applicant's education, knowledge, skills and abilities, as well as other factors such as internal equity.

Benefits information is found at https://www.ccc.edu/departments/Benefits/

WE OFFER: Excellent health and welfare benefit package and long-term savings and investment programs including 403(b) & 457(b) Investment Plans and a pension plan with the State University Retirement System (SURS) Plan. Generous vacation, holiday, personal and sick days, and tuition reimbursement. For a more detailed overview of benefits, please visit the benefits page of our website.

We are an equal opportunity and affirmative action employer. Chicago residency is required for all full-time employees within 6 months of hire. Thank you for your interest in CCC!