Information Security Officer

Plan, organize, and coordinate the implementation, operation, and maintenance of the college’s information security practices to support the achievement of institutional objectives. Coordinate and oversee the security of college information systems including but not limited to file, print, application, database and email systems as well as local and wide area network infrastructures and network management systems. Provide reporting services and make recommendations on the overall security of information technology resources. Work with Chief Information Security Officer, Information Security Officer, internal and external organizations and entities regarding all aspects of SLCC information security.

Design, configure install and maintain security infrastructure components, their associated telecommunications services, personal computer applications and software, printer operations, server maintenance, router maintenance, switch maintenance, interfacing with the SLCC Telecommunications department (as well as other OIT and non-OIT departments) and the associated vendors and service providers.
Collect, analyze and report on pertinent security, system and network and utilization statistics.
Develop understanding of and aid, where necessary, in the development of policies and procedures and the implementation of such for the Office of Information Technology. Develop standards for the access and acceptable use of SLCC computing resources with specific regard to operational security mechanisms toward ensuring the availability and integrity of these resources.
Communication with other departments to report and resolve related information security issues. Consult with other departmental managers in an effort to improve the security of SLCC information technology.
Research and evaluate new technologies.
Negotiate contracts with vendors and service providers.
Other Duties as Assigned.

Preferred Experience: 
Knowledge of Nessus Vulnerability Scanner, Identity Finder DLP, Wireshark, TCP Dump, NetFlow, Forensic Tools, Web Application Firewalls, Palo Alto Technologies, Pen Testing, Splunk, DUO Muli-Factor Authentication and Cisco ASA Firewalls

Preferred Certifications:
Work Experience in Higher Education
CISSP, SSCP, Security +, CCNA Security, GIAC

Bachelors Degree in Computer Science or related field required.

Minimum five (5) years of direct, paid, full-time network administration experience and/or server administration.

The individual must be able to perform each listed duty satisfactorily, as listed here. These requirements represent knowledge, skills and/or abilities required for the position. Reasonable accommodations can be made to enable individuals with disabilities to perform essential functions.

The individual must be able to read, analyze and interpret common journals, reports and documents relating to industry practice. The individual must demonstrate the ability to respond to inquiries and complaints from service customers, governance bodies, etc. The individual should be able to effectively present information to management and service constituents.

The individual should be able to understand problems, define them and relate them to others through collecting relevant information and drawing valid conclusions.

This individual will be involved with special technology/information requests regarding terminations, request for public records, any request for retrieval of information (including email and phone records),interface with law enforcement and inquiries regarding the utilization of information technology resources. Some of these responsibilities may include the interviewing and hiring process, the training of other employees and provide, upon formal request, information regarding adherence to the acceptable use of college computing resources.

In depth knowledge of Microsoft Windows products including client and server operating systems.

Working knowledge of data risk management and disaster recovery planning, business continuity planning, including documentation, system configuration backup and data backup.

Working knowledge of user and service account management, user environments, file structures and their related security components.

Working knowledge of Multi-Factor authentication.

Working knowledge of OSCP.

Working knowledge of software and applications related to supporting file, print, dynamic network addressing, name resolution and other related services.

In depth knowledge of Linux/Unix server operations and open source packages for network administrative functions.

Working knowledge of enterprise patch management software.

Working knowledge of IDS/IPS and firewalls.

Working knowledge of Vulnerability Scanners

Knowledge of network systems analysis and design.

Working knowledge of multi-vendor WAN/LAN, wired and wireless, network infrastructure components with heavy emphasis in the operation, maintenance and planning using Cisco equipment.

Working knowledge of and maintenance of current expertise regarding HIPAA, PCI and FERPA guidelines.

Working knowledge of ISO 27001 framework and NISST standards.

Ability to communicate effectively with a broad range of diverse people, ability, culture, ethnic background, to maintain good working relationships across the College. Ability to work with all groups in a diverse academic, socioeconomic, cultural and ethnic background of community college students, faculty and staff, including those with disabilities.

Participation on institutional and state-wide committees related to management information issues and various other activities as required.

Salt Lake Community College will perform background check on selected finalist.