- Establish IT security standards for network infrastructure, applications, servers, data, desktops/laptops/tablets and mobile devices.
- Perform periodic (semiannual or annual) penetration testing and vulnerability scans.
- Establish a formal IT forensics program to ensure proper security investigative activities are performed based on best practices.
- Responsible for development, management and compliance of an enterprise-wide cyber security awareness program to drive desired security behaviors across the District.
- Partner with Homeland Security, the FBI and other appropriate agencies to develop and implement cyber security and IT risk management programs.
- Develop policies, procedures, communications and training for cyber security and IT risk management programs.
- Perform audit and security compliance checks, including technical configuration analysis, testing of controls for SOC1, SOC2 and other compliance activities.
- Develop and maintain Acceptable Use and Internet Safety policies for staff and students.
- Maintain up-to-date knowledge and understanding of technology trends, security threats, infrastructure vulnerabilities, and business dependencies that could impact the District's risk profile.
- Develop threat models and security risk assessments, and recommend mitigations and countermeasures to address risks, vulnerabilities and threats.
- Lead and direct support of all IT security audits (e.g., federal, state and internal).
- Track and mediate security audit findings and security vulnerabilities detected from scans.
- Develop and maintain a disaster recovery plan and procedures. Conduct periodic disaster recovery drills/exercises with key stakeholders and Service Providers.
- Have responsibility for security monitoring and alerting, identity and access management, internet content management and privileged account management.
- Responsible for the investigation and reporting of cybercrimes, including identity theft, ransomware attacks, etc.
- Responsible for ensuring appropriate governance over Managed Service Providers managing and maintaining information security technologies.
- Partner with key stakeholders such as Facilities and Safety and Security to develop, document and test plans for emergency response and to ensure appropriate staff awareness.
- Knowledge of federal, state, and local cyber and information security regulation and legislation specifically HIPAA, FERPA, as well as industry frameworks, such as NIST, ISO 27001/27002 and COBIT).
- Knowledge of identity and access concepts and technologies to secure computing environments and end-user access, such as SSO and SAML.
- Knowledge in Security Operations Center (SOC) service delivery and management
- Demonstrated understanding of comprehensive security programs, including technologies and tools, architectures, network and application design, including an understanding of the business impact of related technology risks.
- High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Understand current and emerging cyber security risks, and innovative risk management methods
- Ability to interpret and apply security policy, standards, and controls definitions across a large complex business environment, with third-parties, and multiple cloud service providers.
- 8+ years of IT leadership experience.
- 5+ years' experience implementing layered security practices for network, host, applications, data and access to IaaS, PaaS and SaaS services in a hybrid deployment environment.
- Experience implementing and operating security technologies and processes in a hybrid cloud environment, such as Amazon AWS or Microsoft AZURE and customer on-premise.
- Experience in implementation and management of hardware and software firewalls, user content management devices, IDS/IPS and DDOS platforms.
- Bachelor's Degree in Computer Science, Information Systems or related field.
- Possess one or more advanced professional security certifications related to chosen discipline (CISSP, CCSP, CISM, CISA or SANS) preferred but not required.
- While performing the duties of this job, the employee is exposed to a normal office environment
- Some travel may be required for training/meetings
-
Operational Risk Manager
3 weeks ago
Knewin Cleveland, United StatesTitle : Operational Risk Manager – Quantitative Risk and Capital Planning@ Cleveland, OH / REMOTE · Terms of Hire: Full Time · Job description: · The Quantitative Risk and Capital Planning Manager position resides in the 2ndLine of Defense within the Enterprise and Operational R ...
-
Operational Risk Manager
6 days ago
Key Bank Cleveland, United StatesOccupation: Banking, Mortgage, Investment · Specialty: Area Manager · Location:127 Public Square - Cleveland, Ohio 44114ABOUT THE JOBThe Operational Risk Manager – Payment Card Oversight has overall responsibility for second line oversight of Key Bank's Payment Card offerings, in ...
-
Operational Risk Manager
4 days ago
Cedent Consulting Cleveland, United StatesTitle · : Operational Risk Manager – Quantitative Risk and Capital Planning · @ Cleveland · , · OH · / REMOTE · Terms of Hire: Full Time · Job description: · The Quantitative Risk and Capital Planning Manager position resides in the 2nd Line of Defense within the Enterprise ...
-
Clinical Risk Manager
2 weeks ago
Cleveland Clinic Cleveland, United StatesJoin the Cleveland Clinic team, where you will work alongside passionate caregivers and provide patient-first healthcare. Cleveland Clinic is recognized as one of the top hospitals in the nation. At Cleveland Clinic, you will work alongside passionate and dedicated caregivers, re ...
-
Operational Risk Manager
6 days ago
KeyCorp Cleveland, United StatesOperational Risk Manager - Payments Risk page is loaded · Operational Risk Manager - Payments Risk · Apply · locations · Remote, United States · time type · Full time · posted on · Posted 5 Days Ago · job requisition id · R-23821 · Location: · 127 Public Square - Cleve ...
-
Market Risk Analytics Manager
6 days ago
Key Bank Cleveland, United StatesLocation: · 127 Public Square - Cleveland, Ohio 44114 · ABOUT THE JOB (JOB BRIEF) · Market Risk Management team, under the guidance of the Chief Market Risk Officer, within the Risk Management organization is responsible for the second line of defense independent risk manageme ...
-
Market Risk Analytics Manager
5 days ago
KeyBank Cleveland, United States Full timeLocation: · 127 Public Square - Cleveland, Ohio 44114 ABOUT THE JOB (JOB BRIEF) · Market Risk Management team, under the guidance of the Chief Market Risk Officer, within the Risk Management organization is responsible for the second line of defense independent risk management ...
-
EY - Ernst & Young Global Limited Cleveland, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture Manager, Business, Technology, ...
-
EY Cleveland, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...
-
EY Cleveland, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. · At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the ...
-
EY Cleveland, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the be ...
-
Ernst & Young Advisory Services Sdn Bhd Cleveland, United StatesPress Tab to Move to Skip to Content Link · Location: · Cleveland · Other locations: · Primary Location Only · Date: · 7 May 2024 · Requisition ID: · 1503380 · EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate the ...
-
Reputation Risk Management Specialist Sr
4 days ago
Huntington Bancshares, Inc. Cleveland, United StatesThe Reputation Risk Management Specialist Sr will assist with the independent oversight of reputation risk by collaborating with various business units and analyzing data to identify, measure, monitor, control, and report reputation risk. Reputation Risk, Management, Specialist, ...
-
Technology Risk Senior Group Manager
2 weeks ago
PNC Cleveland, United StatesPosition Overview · At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our em ...
-
2024 Risk Management Rotational Analyst
3 weeks ago
Key Bank Cleveland, United StatesLocation: · 127 Public Square - Cleveland, Ohio 44114 · ESSENTIAL JOB FUNCTIONS · •Assess risk across risk disciplines · •Data analytics and reporting · •Work with various systems · •Communicate with Risk Management and other line of business professionals · •Practical exp ...
-
Finance Manager- SOX Risks and Controls
3 days ago
Sherwin-Williams Cleveland, United StatesResponsibilities · The 'Manager - SOX Risks and Controls' position is a key member of the Global Finance Policy and Controls Team within the Global Accounting Center of Excellence. The SOX Risks and Controls team is primarily responsible for working with global finance teams and ...
-
Controller for bank control and risk management
2 weeks ago
Apex Dynamics Moreland Hills, United StatesAbout VR Bank Starnberg-Herrsching-Landsberg eG: · Our values - a unique promise that you can measure us by every day · These lived values also shape the relationship with our employees and among employees. · Our corporate values have grown out of the long-standing tradition o ...
-
EY Cleveland, OH, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...
-
Suncaptech Cleveland, United StatesThe Manager of Enterprise Risk Resilience's primary role will be to manage all Enterprise Risk strategy and operational functions for Enterprise Risk throughout the organization. The Manager will assist in building, maintaining, and optimizing a best-in-class Enterprise Risk Mana ...
-
Cleveland Metropolitan School District Cleveland, United StatesExecutive Director, Cyber Security and IT Risk Management page is loaded · Executive Director, Cyber Security and IT Risk Management · Apply · locations · East Professional Center · time type · Full time · posted on · Posted Yesterday · job requisition id · R · Positio ...
Executive Director, Cyber Security and IT Risk Management - Cleveland, United States - The Cleveland Metropolitan School District (CMSD)
Description
Position Type:Administration and Professionals
Date Posted:
Location:East Professional Center
INTRODUCTION: CONTEXT AND MISSION
The Cleveland Metropolitan School District (CMSD) serves approximately 37,000 students in 100+ schools. Over the past several years, the Greater Cleveland community has united behind the collective goal of ensuring every child in Cleveland attends a high-quality school and every neighborhood has a multitude of great schools from which families can choose. The Cleveland Plan defines CMSD's approach to the reinvention of public education and holds our community accountable for the success of Cleveland's schoolchildren. The Cleveland Plan is supported by Ohio House Bill 525, which provides much-needed flexibility and autonomy for the district and its schools. Our schools have autonomy over human and financial resources in exchange for accountability for
performance. The principal has primary responsibility and accountability for establishing his or her school as a high-quality, high-expectations academic center with a focus on personalized instruction, professional support for teachers, and school-wide practices that lead to measurable results.
The Cleveland Metropolitan School District has developed standards of excellence that the district applies to all parts of the organization inclusive of schools, principals, school leadership teams, networks, and central office. Alignment between Standards of Excellence (SoE) and the district's Theory of Action helps ensure that principals are able to focus on scholar achievement and that central office supports are timely and effective.
Our Vision for Learning in a Post-Pandemic World:
In our pursuit of a more fair, just, and good system of education, we want each of our learners, both each of our scholars and each of their educators, to be individually and collectively presented with academically / intellectually complex tasks that are worthy of their productive struggle and allow them authentic opportunities to demonstrate their work and their learning of academic content and transferable skills in a joyful and adventurous environment.
THE OPPORTUNITY:
Location: Administration
Reports To: Chief Information Officer
FLSA Status: Exempt
Salary Band: 16
Compensation: $ 91,800. - $ 128,520.
The Executive Director, Cyber Security and IT Risk Management is responsible for the security of the District's information technology resources, digital assets, user identity, and data privacy. This role will identify current threats, mitigate vulnerabilities, and anticipate future cybersecurity challenges. Utilize new technologies to increase the security of the District's existing and emerging IT infrastructures, systems, and information. Manages the reporting, investigation, and resolution of information security incidents. Works with and consults with executive/senior leaders such as the Legal Department on potential information breaches. Perform audit and security compliance checks, including network penetration testing, vulnerability scans, and other configuration analysis. Provides strategic leadership in the development and execution of a comprehensive strategy/ roadmap for cyber security and IT risk management programs and architecture. Establish relationships with Homeland Security, the FBI, and other security agencies to establish cyber security and security response best practice processes and procedures. Responsible for establishing a formal cyber security awareness program and conducting phishing campaigns.
ESSENTIAL DUTIES & RESPONSIBILITIES
Knowledge, Skills and Abilities
The characteristics listed below are representative of the work environment typically encountered by an individual while performing the essential duties of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.
Education
To Apply
Please submit your resume and application using Workday, our online human capital management system. Please note that an offer of employment will be subject to the successful completion of an FBI/BCI background check and drug screen.
EEO Statement
We believe that equity and inclusion at CMSD is an essential call to action, a catalyst to ensure value and appreciation among all our employees, so we may be fair and welcoming now and in the future. CMSD provides equal opportunities for employment, retention and advancement of all personnel by administering all terms and conditions of employment regardless of race, color, ethnicity, ancestry, national origin, sex, disability or genetic information, age, citizenship status, military status, sexual orientation or expression, socio-economic status, title, other dimensions of identity, or any other characteristic protected by law.
The District's Policy Prohibiting Discrimination, Discriminatory Harassment, and Sexual Harassment and the District's Title IX grievance procedures, including information on how to report or file a complaint of discrimination, how to report or file a formal complaint of sexual harassment, and how the District will respond, may be accessed on the District's Civil Rights Notices webpage, available at The District's Title IX Coordinator / Director of Equal Employment Opportunity may be reached at:
1111 Superior Avenue East, Suite 1800
Cleveland, Ohio 44114