OneMain Financial Jobs

This job was posted by https://www.kansasworks.com : For more information, please see: https://www.kansasworks.com/jobs/13539204

r

rJohnson County Community College

r

rPosition: Executive Director ITS/Chief Security Officer

Department: Finance & Administrative Services

Type of Position: Full-time Salaried

Exemption Status: Exempt

Work Schedule, Hours per week: Monday-Friday, 40 hours per week

Opportunity for hybrid schedule: Yes

Starting Salary Range: \$117,281-\$156,647 and determined based on relevant years of work experience provided on application and resume.

Position Summary: The Executive Director, IT Security serves as JCCC\'s senior information security leader, functioning as the institution\'s de facto Chief Information Security Officer (CISO). Reporting to the Vice President of Information Services and Chief Information Officer (CIO), this position provides strategic direction and operational leadership for all aspects of information security, cybersecurity risk management, identity and access management (IAM), regulatory compliance, and emerging technology governance across the college.

The Executive Director develops and executes a comprehensive, risk-based security program that protects college data, systems, and infrastructure while enabling JCCC\'s educational mission. This role leads a team of security and IAM professionals; oversees security governance, policy, and compliance; and collaborates broadly with academic, administrative, and technical stakeholders to build a culture of security awareness and resilience throughout the college. The position also provides counsel on the secure adoption of cloud, AI, and other emerging technologies in alignment with institutional priorities.

Required Qualifications:

• Bachelor\'s degree in Information Technology, Computer Science, Cybersecurity, Business Administration, or a closely related field.
• CISM required within 1 year of employment.
• Minimum of ten (10) years of progressive experience in information security, cybersecurity, risk management, identity and access management, or a closely related information technology discipline, including 5+ years in a senior leadership or management role with direct supervisory responsibility.
• Incumbent will be on-call and have extended work hours occasionally.
• Position will be Hybrid per policy.

Preferred Qualifications:

• Master\'s degree in Information Technology, Cybersecurity, Business Administration, or a closely related field.
• Preferred candidates will hold additional certifications in information security, networking, or cloud platforms (e.g., CISSP, CISM, AWS, Google, Azure, Cisco)
• Experience leading information security programs in a higher education or public sector institution.
• Demonstrated experience implementing or managing enterprise IAM platforms (e.g., Microsoft Entra ID/Azure AD, Okta, SailPoint, Fischer Identity or equivalent).
• Demonstrated experience with cloud security architecture in hybrid or multi-cloud environments.
• Familiarity with ITIL or Agile service delivery frameworks and their application to security operations.
• Experience presenting to senior leadership, institutional governance bodies, or boards on cybersecurity risk and program performance.
• Active participation in professional security communities or information-sharing organizations (ISACA, (ISC), EDUCAUSE, MS-ISAC, InfraGard, or equivalent).

Position details include but are not limited to:

Strategic Security Leadership and Program Management:

• Develop and evolve an institution-wide information security strategy and multi-year roadmap aligned with JCCC\'s mission and FY2027 priorities.
• Serve as the primary security dvisor to the VP of Information Services/CIO and leadership, providing regular reporting on security posture and program effectiveness.
• Establish and maintain a cybersecurity governance framework, including a security steering committee and risk tolerance guidelines.
• Monitor the external threat landscape and evolving regulatory requirements to adapt the college\'s security posture proactively.
• Integrate AI and emerging technology governance into the security framework, establishing guardrails for institutional adoption.

Identity and Access Management (IAM):

• Lead the enterprise identity lifecycle program to ensure secure, scalable, and compliant access to institutional data and systems.
• Oversee IAM/IDM solutions, including MFA, SSO, PAM, and enterprise directory services.
• Collaborate with infrastructure and application teams to embed identity controls into system design and onboarding.
• Enforce Role-Based Access Control (RBAC) frameworks aligned with data classification and the principle of least privilege.
• Drive continuous IAM improvements to support cloud adoption and hybrid infrastructure.

\<