Job Title

This job was posted by : For moreinformation, please see: County Community CollegerrPosition: Executive Director ITS/Chief Security OfficerDepartment: Finance & Administrative ServicesType of Position: Full-time SalariedExemption Status: ExemptWork Schedule, Hours per week: Monday-Friday, 40 hours per weekOpportunity for hybrid schedule: YesStarting Salary Range: $117,281-$156,647 and determined based onrelevant years of work experience provided on application and resume.Position Summary: The Executive Director, IT Security serves asJCCC's senior information security leader, functioning as theinstitution's de facto Chief Information Security Officer (CISO).Reporting to the Vice President of Information Services and ChiefInformation Officer (CIO), this position provides strategic directionand operational leadership for all aspects of information security,cybersecurity risk management, identity and access management (IAM),regulatory compliance, and emerging technology governance across thecollege.The Executive Director develops and executes a comprehensive, risk-basedsecurity program that protects college data, systems, and infrastructurewhile enabling JCCC's educational mission. This role leads a team ofsecurity and IAM professionals; oversees security governance, policy,and compliance; and collaborates broadly with academic, administrative,and technical stakeholders to build a culture of security awareness andresilience throughout the college. The position also provides counsel onthe secure adoption of cloud, AI, and other emerging technologies inalignment with institutional priorities.Required Qualifications:- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Business Administration, or a closely related field.- CISM required within 1 year of employment.- Minimum of ten (10) years of progressive experience in information security, cybersecurity, risk management, identity and access management, or a closely related information technology discipline, including 5+ years in a senior leadership or management role with direct supervisory responsibility.- Incumbent will be on-call and have extended work hours occasionally.- Position will be Hybrid per policy.Preferred Qualifications:- Master's degree in Information Technology, Cybersecurity, Business Administration, or a closely related field.- Preferred candidates will hold additional certifications in information security, networking, or cloud platforms (e.g., CISSP, CISM, AWS, Google, Azure, Cisco)- Experience leading information security programs in a higher education or public sector institution.- Demonstrated experience implementing or managing enterprise IAM platforms (e.g., Microsoft Entra ID/Azure AD, Okta, SailPoint, Fischer Identity or equivalent).- Demonstrated experience with cloud security architecture in hybrid or multi-cloud environments.- Familiarity with ITIL or Agile service delivery frameworks and their application to security operations.- Experience presenting to senior leadership, institutional governance bodies, or boards on cybersecurity risk and program performance.- Active participation in professional security communities or information-sharing organizations (ISACA, (ISC), EDUCAUSE, MS-ISAC, InfraGard, or equivalent).Position details include but are not limited to:Strategic Security Leadership and Program Management:- Develop and evolve an institution-wide information security strategy and multi-year roadmap aligned with JCCC's mission and FY2027 priorities.- Serve as the primary security dvisor to the VP of Information Services/CIO and leadership, providing regular reporting on security posture and program effectiveness.- Establish and maintain a cybersecurity governance framework, including a security steering committee and risk tolerance guidelines.- Monitor the external threat landscape and evolving regulatory requirements to adapt the college's security posture proactively.- Integrate AI and emerging technology governance into the security framework, establishing guardrails for institutional adoption.Identity and Access Management (IAM):- Lead the enterprise identity lifecycle program to ensure secure, scalable, and compliant access to institutional data and systems.- Oversee IAM/IDM solutions, including MFA, SSO, PAM, and enterprise directory services.- Collaborate with infrastructure and application teams to embed identity controls into system design and onboarding.- Enforce Role-Based Access Control (RBAC) frameworks aligned with data classification and the principle of least privilege.- Drive continuous IAM improvements to support cloud adoption and hybrid infrastructure.