Jobbörse

Located 45 minutes from the Nation's Capital, nestled in a history-rich community of southern Maryland, The College of Southern Maryland (CSM) is a two-time Aspen Award-winning institution (top 15% of Community Colleges) with academic programs in over 100 disciplines. CSM is among America's top 100 producers of Minority Associate Degrees in twenty categories, according to Diverse Issues in Higher Education. CSM offers excellent health insurance benefits; State Retirement Pension plan; wellness programs; Code Green early closure Fridays in the summer; college closure for spring break and several major holidays, including the week between Christmas and New Year; and for several days in March for Spring Break. We are an innovative institution committed to student success and well known for our flexibility to meet student and community needs. The Cybersecurity Operations Director is a critical leadership role within the IMT Division responsible for the day-to-day operation, maturation, and continuous improvement of the College's cybersecurity program. This position blends hands-on technical expertise with programmatic oversight to ensure the confidentiality, integrity, and availability of institutional information assets, technology services, and data entrusted to the College of Southern Maryland (CSM). The Cybersecurity Operations Director establishes and leads a campus-wide Cybersecurity Operations Center function, oversees real-time monitoring, incident response, vulnerability management, and threat intelligence, and drives strategic initiatives aligned to the NIST Cybersecurity Framework, NIST 800-171, FERPA, GLBA, and other relevant regulations. This individual collaborates with IT leadership, academic and administrative units, and external partners to reduce risk, develop policies, manage security technologies, and promote a culture of cybersecurity awareness across the institution. Reports to: Deputy Chief Information Officer (DCIO) The hiring salary for this position will be from the min to mid-point of the salary range advertised. This position is open until filled.

25% Security Operations & SOC Management

• Design, implement, and manage a 24 7 security monitoring capability (internal or managed service).
• Administer and optimize SIEM, EDR, IDS/IPS, firewalls, and log-aggregation platforms.
• Assist with the development, maintenance, and enforcement of security operating procedures (SOPs), runbooks, and escalation workflows.

20% Incident Response & Digital Forensics

• Serve as the Incident Commander for cybersecurity events, coordinating containment, eradication, and recovery.
• Conduct post-incident reviews and root-cause analyses; recommend and track remediation activities.
• Maintain and routinely test the Cybersecurity Incident Response Plan and its integration with Business Continuity/Disaster Recovery plans.

15% Threat Intelligence & Monitoring

• Collect, analyze, and operationalize threat intelligence relevant to higher education from MS-ISAC, REN-ISAC, CISA, and commercial feeds.
• Perform proactive threat hunting and coordinate purple-team exercises to validate controls.
• Correlate intelligence with internal telemetry to identify and mitigate emerging threats.

10% Vulnerability & Configuration Management

• Manage enterprise vulnerability scanning, penetration tests, and remediation tracking.
• Oversee secure configuration baselines using CIS Benchmarks and ensure adherence through continuous monitoring.
• Evaluate patch management effectiveness and manage risk-exception processes.

10% Governance, Risk & Compliance (GRC)

• Align security operations with NIST CSF, NIST 800-171, GLBA, FERPA, PCI-DSS, and state regulations.
• Contribute to annual risk assessments, audits, and security metrics; report on program maturity and gaps.
• Maintain evidence repositories and support external audit and accreditation activities.

5% Security Architecture & Technology Evaluation

• Assess emerging security technologies and recommend solutions to enhance the College's security posture.
• Lead proofs-of-concept, integrations, and lifecycle management for new security tools.

5% Security Awareness & Training

• Coordinate campus-wide security awareness campaigns and phishing simulations.
• Deliver targeted training to IT staff, faculty researchers, and executive leadership.

5% Vendor & Third-Party Risk Management

• Evaluate security controls of vendors, cloud services, and research partners.
• Enforce contractual security requirements and review SOC 2, ISO 27001, and penetration-test reports.

5% Program Management, Budgeting, Documentation & Reporting

• Develop and manage the annual security operations budget.
• Track software licenses, maintenance contracts, and renewal schedules for security tools.
• Prepare executive reports, board briefings, and compliance submissions.
• Maintain detailed incident logs, investigative evidence, and knowledge-base articles.

Additional Duties:

• Performs other related duties as assigned.

Required Education and Experience:

• Five (5)+ years of progressive experience in security operations, incident response, or SOC management; three (3)+ years in a supervisory or lead role.
• Demonstrated experience deploying and managing SIEM, EDR, IDS/IPS, firewalls, and cloud-security controls (e.g., Microsoft 365/Azure Security Center, AWS Security Hub).
• Hands-on experience with log analysis, scripting (PowerShell, Python, Bash), packet capture, and forensic tooling.
• Experience interpreting and implementing NIST CSF/800-171, FERPA, GLBA, and/or PCI-DSS controls.
• Proven ability to develop policies, procedures, and security awareness programs.

Preferred Education and Experience:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field preferred.
• Master's degree in Cybersecurity, Information Assurance, or Technology Management.
• Higher education or public-sector experience with research data protections (e.g., CUI, ITAR).
• Experience integrating security controls into DevOps or cloud-native environments.

Licenses, Certifications, or Additional Requirements:

• CISSP, CISM, GIAC-certified (e.g., GCIH, GCIA, GCFA), or equivalent (preferred).
• ITIL Foundations or PMP for program/process management is a plus.

Knowledge, Skills, and Abilities:

• Deep knowledge of security operations frameworks, incident handling methodologies, and forensic techniques.
• Proficiency with SIEM platforms (Splunk, Sentinel, LogRhythm, etc.), EDR suites (CrowdStrike, Defender), and network security tools.
• Familiarity with cloud-security architectures (Azure, AWS, Google) and Kubernetes/Container security.
• Ability to conduct risk assessments, develop mitigation strategies, and present technical concepts to non-technical stakeholders.
• Strong leadership, team-building, and mentoring abilities; adept at managing cross-functional incident response teams.
• Excellent written and oral communication, analytical, and customer-service skills.
• Ability to plan and execute multiple, complex projects concurrently and adapt quickly to changing threat landscapes.

PHYSICAL DEMANDS:

The work is medium work which requires exerting up to 50 pounds of force occasionally, and/or up to 30 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.

WORK ENVIRONMENT:

• Standard office environment with occasional data-center access and limited travel (conferences, training).
• Availability to work outside normal business hours, including on-call rotations and emergency incident response.

General Employment Information

The College of Southern Maryland is an Equal Opportunity Employer.

Background Checks

The College of Southern Maryland conducts background checks in order to ensure the safety and well-being of the College's staff and students. The final candidate for this position will be subject to the following background checks: Criminal History Check and Sex Offender Registry Check.

Conflict of Interest policy