Strategies, Plans and Procedures
1. Contributes as a member of the IT management team; assists in developing strategies, plans and procedures pertaining to the service delivery model. Implements standards, processes, tools, and metrics to ensure development and establishment of an innovative IT team that provides support across VCC. Ensures IT Security activities are aligned with Information Security and IT strategies, and College strategic plans.
Operations and Finance
2. Manages IT security activities and allocated resources; supervises technical staff and contractors.
3. Accountable for assigned resources, including funds, facilities, and staffing; ensures funds are used in accordance with the College policies, and operates within allocated budgets.
4. Creates and manages internal financial budgets and acquisitions as related to IT security activities.
Leadership
5. Manages staff, overseeing and participating in selection, coaching, mentoring, development and performance management. Provides effective leadership and technical direction fostering a collaborative and service-oriented culture to ensure a positive customer experience.
6. Provides direct and indirect leadership on IT security, and direction and expertise on projects to teams and departments in the College, and to end users.
Implementation and Administration of IT Security Programs
7. Implements cyber security technologies for use across college academic and administrative units which protect IT services delivered to faculty, staff, students, and stakeholders of the College.
8. Plans, leads and executes risk assessments to determine the security of the College’s data and infrastructure for existing systems, and those being considered for purchase or implementation.
9. Manages security related events including detecting and responding to security alerts and incidents.
10. Leads cyber incidents response including coordinating mitigation activities, performing high-level forensic analysis, and engaging with external cyber security vendors for detailed forensic checks.
11. Manages security of VCC data and systems in a cloud environment. Designs cloud aware security architecture and implements appropriate cloud security tools.
12. Collaborates with IT teams and end-users to design and develop security processes.
13. Develops relevant operational reports and KPIs; analyzes data produced by security systems; and ensures timely deliveries of reports and KPIs to designated audience.
14. Manages and leads vulnerability management process: stays current with new vulnerabilities, performs vulnerability assessments, analyses findings, establishes priorities, and coordinates remediation activities.
15. In collaboration with the Director, Information Security, develops College-wide IT security policies; develops, documents, tests, implements, and executes IT security processes, methodologies, and controls in relevant areas.
16. Monitors enforcement of cyber security policies and practices to ensure the confidentiality, integrity, and availability of College’s information resources.
17. Maintains proper configuration of security tools and supports overall system hardening.
Training and Customer Service
18. Designs and delivers information security awareness training and exercises.
19. Maintains quality service by administering quality and customer service standards; analyzing and resolving quality and customer service problems; identifying trends; and recommending system improvements.
20. Manages escalated support issues and provides leadership and direction for resolution of issues.
Other
21. Ensures compliance with FOIPPA and other privacy and security requirements.
22. Supports secure Identity and Access Management processes.
23. Manages vendors in the delivery of security services to VCC.
24. Remains current with cyber landscape and threats, analyzes industry trends and determines potential impact on VCC systems. Recommends approaches and application of new technology to assist the College and stakeholders meet their academic and administrative objectives.
25. Performs other related duties as assigned.
