Sign upLog in

Director, IT Cybersecurity Operations

George Mason University

Fairfax, Virginia

Apply
JOB DETAILS
SKILLS
Analysis Skills, Antivirus, Background Investigation, Business Development, Business Processes, CISSP - Certified Information Systems Security Professional, Cloud Computing, Computer Networks, Computer Security, Endpoint Security, Family Educational Rights and Privacy Act (FERPA), Federal Bureau of Investigation (FBI), Finance, Firewalls, HIPAA (Health Insurance Portability and Accountability Act), Higher Education, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leaching, Leadership, Maintain Compliance, Management of Information Systems/Technology (MIS), Metrics, Network Security, Open Source, Operations Management, PCI-DSS, People Management, Policy Development, Process Improvement, Regulatory Compliance, Regulatory Requirements, Risk, Risk Analysis, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Policy, Service Delivery, Systems Administration/Management, Technical Support, Testing, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Fairfax, Virginia
POSTED
12 days ago
Department: Information Technology

Classification: Administrative Faculty

Job Category: Administrative or Professional Faculty

Job Type: Full-Time

Work Schedule: Full-time (1.0 FTE, 40 hrs/wk)

Location: Fairfax, VA

Workplace Type: On Site Required

Sponsorship Eligibility: Not eligible for visa sponsorship

Salary: Salary commensurate with education and experience

Criminal Background Check: Yes

About the Department:

George Mason's Information Technology Services (ITS) organization provides information technology resources, systems, services, tools, and training to the university community. ITS's mission is to advance George Mason's strategic goals, support learning, enable scholarly endeavors, and improve institutional management by effectively leveraging the resources of ITS's supporting groups. The organization consists of five groups: Enterprise Infrastructure Services; Enterprise Applications; Learning Support Services; IT Security; and Enterprise Service Delivery.

About the Position:

The Director, IT Cybersecurity Operations is responsible for ensuring the daily protection of the Mason enterprise by developing secure business processes, monitoring cyber threats, and responding to security incidents. The Director executes the strategic cybersecurity goals outlined by the Chief Information Security Officer.

Responsibilities:
  • Work with Mason leadership to identify risks to the confidentiality, integrity, and availability of university systems and data;
  • Provide leadership in the enforcement of security and associated policies;
  • Provide leadership to the team in the analysis, discussion, and development of security policy, standards, and practices, and guide the acquisition of advanced security technology;
  • Provide guidance and influence the university with regard to network and computing security needs in selecting hardware and software technologies, choosing between commercial and open source software, and determining whether services should be local or cloud-based;
  • Collaborate with and support IT colleagues to monitor, assess, and test security solutions;
  • Supervise IT Cybersecurity Operations staff;
  • Prepare staff to respond around the clock (24/7/365) to security incidents (as required);
  • Assess risk in proposed, new, or current IT systems;
  • Maintain technology to detect and prevent cyber threats to Mason's business enterprise including network sensors, firewalls, endpoint protection, anti-virus, and security information and event management tools;
  • Lead the Computer Security Incident Response Team (CSIRT);
  • Prepare meaningful cybersecurity and risk metrics to inform the CISO and Chief Information Officer (CIO) and guide future Mason expenditures;
  • Ensure Mason compliance with applicable laws, regulations, and requirements, including: NIST (National Institute of Standards and Technology) 800-171, FERPA (Family Educational Rights and Privacy Act), GLBA (Graham-Leach-Bliley Act), HIPAA (Health Insurance Portability and Accountability Act), PCI-DSS (Payment Card Industry Data Security Standard), and the DMCA (Digital Millennium Copyright Act);
  • Respond to audit findings;
  • Monitor and close assigned security tickets;
  • Research, test, and propose new technology or processes to improve Mason cybersecurity;
  • Communicate with Mason system administrators, faculty, staff, and students within and outside of ITS about cybersecurity issues;
  • Provide cybersecurity advice to senior Mason leadership including the CISO, CIO, and Senior Vice President for Administration and Finance;
  • Brief the Board of Visitors committees (as required);
  • Work with internal and external parties to resolve incidents including University Counsel, Mason Police, and the Federal Bureau of Investigation;
  • Maintain annual Certified Information Systems Security Professional (CISSP) currency;
  • Participate and exchange information with industry and higher education security groups including the Virginia Alliance for Secure Computing and Networking (VASCAN) and Research & Education Networking Information Sharing & Analysis Center (REN-ISAC);
  • Responsible for ensuring Mason's IT security policies are up to date and provide appropriate protections for Mason; and
  • Responsible for ensuring Mason's IT security procedures are up to date and provide appropri

About the Company

G

George Mason University