Logo
Georgetown University

Director of Information Security Operations

Georgetown University, Washington, District of Columbia, us, 20022


Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.RequirementsLocated in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.The Director of Information Security Operations will utilize industry standard methodologies to effectively manage the Georgetown's Cybersecurity Operations teams. S/he maintains close contact with the Office of Internal Audit, external auditors, Legal Counsel, the Office of Emergency Management, and the Georgetown University Police Department. The incumbent has regular contact throughout the university, and nationally and internationally with professionals holding similar positions, with vendors of security applications and/or devices, and other experts as necessary and appropriate. Reporting to the Chief Information Security Officer (CISO) and interacting with senior IT managers within UIS and throughout the entire university, additional duties include but are not limited to:Evaluation, Assessment, and OversightAssess the security of GU's computers, networks, and data as well as personal workstations that access and/or store data, reviewing existing security mechanisms.Maintain regular contact with Local Information Security Personnel and department liaisons to advocate and enforce "best practices" regarding security of data and systems.Direct efforts for including data security safeguards at the development stages of new automated information systems, recommending and enforcing the implementation of security practices and procedures.Work with UIS Management, the university Audit Office, Georgetown University Police Department investigators, University Counsel, other high-level university representatives, and local information security Personnel to establish, implement and maintain an information security program that supports the academic and administrative use of information technologies in a distributed environment.Exercise leadership regarding the formation and promulgation of campus wide standards for security, and review relevant policies and procedures in the context of these standards.Coordinate the selection, installation, implementation, testing, and administration of information security software packages that will protect and monitor the integrity of data, application programs, computer operating systems, and communications networks.Security Incidents, Emergencies, and EducationDevelop procedures to handle routine and crisis situations, including both operational, day-to-day 'Incident' response activities as well as unique, critical emergencies.Organize a task force when necessary and act as technical lead in investigations, working with campus security, safety personnel, and law enforcement agencies, if necessary, to investigate security breaches.Promote security awareness to administrators, department heads, and groups representing students, especially in regard to local, State, and Federal regulatory conditions and changes affecting the university.Advise senior university representatives with timely intelligence on security issues and/or events.Maintain regular contact with GU's Police Department investigators and Legal Counsel to advise and train on technical aspects of security.Oversee the periodic reviews of existing security awareness programs to ensure desired effectiveness.Sponsor and conduct security lectures and training programs for the purpose of raising the awareness of responsibility by clients to safeguard data entrusted to them, writing position papers pertaining to data security.Planning & AuditConsult with the university community to learn and understand the spectrum of current and future university security requirements to assist in security needs assessment of data and systems, coordinating effective centralized and distributed responses for these needs.Perform risk analysis of new technologies, developing plans and budgets to meet these needs and requirements.In conjunction with the Internal Audit & Management Department and external auditors, perform periodic audits to assure that security policies and standards are being complied with, and recommend enhancements in such areas as personnel, communication networks, data access, and confidentiality.Grant access to any and every system on the network when needed, responding to complaints and auditing individual workstations using established procedures.Keep abreast of changes to existing and proposed Local and Federal legislation and regulatory laws pertaining to information system security and privacy.Keep management aware of the regulatory changes that will affect information privacy, information processing security standards, and techniques.Requirements and QualificationsBachelor's degree or equivalent with relevant course work in computing, information technologies or related field(s); Graduate degree highly desirable5-10 years' experience in IT, with experience in cybersecurity - Master's degree may substitute for experienceExperience leading teams and coordinating in a team atmosphereExperience and expertise with NIST CSF, 800-53, 800-171 and industry best practices in the areas of Incident Response, Digital Forensics, and Cyber IntelligenceA deep understanding of security architecture, networks, and IT, along with developing and managing a budgetCISSP with knowledge of and experience with local, state and federal regulationsExperience with Splunk, Phantom, End-point Detection and Response, and Firewall Rules (to include cloud-based solutions)Ability to work outside the usual business hours of Georgetown University and carry a department issued cell phonePreferred Qualifications Experience implementing technical controls like firewalls, data leakage protection systems, patching, encryption, vulnerability scanning, and pen testingNetworking and digital forensic experienceExperience managing a unified incident command structure during incident response events.Experience with NIST 800-171Other cybersecurity certifications: CCSP, SANSMaster's degree in IT, Cybersecurity, or Engineering fieldExperience in higher education a plusFamiliarity with local, State, and Federal regulations is a plusWork Mode DesignationThis position has been designated as Telework. Please note that work mode designations are regularly reviewed in order to meet the evolving needs of the University. Such review may necessitate a change to a position's mode of work designation. Complete details about Georgetown University's mode of work designations for staff positions can be found on the Department of Human Resources website: https://hr.georgetown.edu/mode-of-work-designation.Pay Range: The projected salary or hourly pay range for this position which represents the full range of anticipated compensation is:$103,723.00 - $202,778.93Compensation is determined by a number of factors including, but not limited to, the candidate's individual qualifications, experience, education, skills, and certifications, as well as the University's business needs and external factors.Current Georgetown Employees:If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.Submission Guidelines:Please note that in order to be considered an applicant for any position at Georgetown University you must submit a resume for each position of interest for which you believe you are qualified. Documents are not kept on file for future positions.Need Assistance:If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or ideaa@georgetown.edu.Need some assistance with the application process? Please call 202-687-2500. For more information about the suite of benefits, professional development and community involvement opportunities that make up Georgetown's commitment to its employees, please visit the Georgetown Works website.EEO Statement:Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.Benefits:Georgetown University offers a comprehensive and competitive benefit package that includes medical, dental, vision, disability and life insurance, retirement savings, tuition assistance, work-life balance benefits, employee discounts and an array of voluntary insurance options. You can learn more about benefits and eligibility on the Department of Human Resources website.