IT Security Manager
James Madison University IT Security is accepting applications for a qualified individual to fill the position of IT Security Manager.
The IT Security Manager coordinates the IT organizations technical activities to implement and manage security infrastructure, provides status updates to management and completes work assigned to the security engineering team as a technical resource. The IT Security Manager must be able to translate the IT risk requirements and constraints of the business into technical control requirements and specifications. They must be able to provide leadership skills to manage a highly technical staff and lead team projects. They must also have technical security skills and be able to perform the work assigned to the security team.
Part-time telecommuting is available.
- Experience providing leadership, supervision, performance evaluation, guidance and encouragement to the security team.
- Ability to work effectively within IT, and also with customers and vendors.
- Ability to interact with JMU employees, build strong relationships at all levels and across all business units and organizations.
- Ability to recommend, design and implement new technologies that improve security.
- Experience monitoring and analyzing the security of IT systems.
- Understanding of information security concepts, protocols, industry best practices and strategies.
- Working knowledge of Security Information Event Management (SIEM) systems.
- Knowledge of and experience working with enterprise firewalls and VPN appliances.
- Proficient with Linux, macOS, and Windows operating systems.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Coordinates and/or assists with incident response and event handling needs.
- Ability to respond to requests for IT Security assistance after standard work hours.
- Ability to work with minimal supervision.
- Experience with common information security management frameworks, such as ISO 2700x, NIST SP 800 series.
- Familiarity with applicable legal and regulatory requirements, including, but not limited to: FERPA, HIPAA, GLBA, PCI-DSS.
- A strong understanding of the business impact of security tools, technologies and policies.
- Experience securing cloud applications.
- Experience securing Microsoft O365.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
- Project management skills and experience in creating and managing project plans, including budgeting and resource allocation.
- Experience working with legal, audit and compliance staff.
- Experience developing and maintaining policies, standards, and procedures.
- SANS, GSEC, CISSP, CEH or similar cybersecurity certifications desired.
- A bachelor’s degree in information systems is preferred; an M.B.A. or M.S. in information security is also preferred.
James Madison University is an equal opportunity employer committed to creating and supporting a diverse and inclusive work and educational community that is free of all forms of discrimination. This institution does not tolerate discrimination or harassment on the basis of age, color, disability, gender identity or expression, genetic information, national origin, parental status, political affiliation, race, religion, sex, sexual orientation or veteran status.