(CSM) is a two-time Aspen Award-winning institution (top 15% of Community Colleges) with academic programs in over 100 disciplines. CSM is
among America’s top 100 producers of Minority Associate Degrees in twenty categories, according to Diverse Issues in Higher Education.
CSM offers excellent health insurance benefits; State Retirement Pension plan; wellness programs; Code Green early closure Fridays in the
summer; college closure for spring break and several major holidays, including the week between Christmas and New Year; and for several days
in March for Spring Break. We are an innovative institution committed to student success and well known for our flexibility to meet student
and community needs.
The Security Operations Director (SecOps Director) is a critical leadership role within the IMT Division
responsible for the day-to-day operation, maturation, and continuous improvement of the College’s cybersecurity program. This position
blends hands-on technical expertise with programmatic oversight to ensure the confidentiality, integrity, and availability of institutional
information assets, technology services, and data entrusted to the College of Southern Maryland (CSM).
The SecOps Director
establishes and leads a campus-wide Security Operations Center (SOC) function, oversees real-time monitoring, incident response,
vulnerability management, and threat intelligence, and drives strategic initiatives aligned to the NIST Cybersecurity Framework, NIST
800-171, FERPA, GLBA, and other relevant regulations. This individual collaborates with IT leadership, academic and administrative units,
and external partners to reduce risk, develop policies, manage security technologies, and promote a culture of cybersecurity awareness
across the institution.
Reports to: Deputy Chief Information Officer (DCIO)
The hiring salary for this position will be from the min to mid-point of the salary range
advertised. This position is open until
filled.
Examples of Duties:
25%Security Operations & SOC
Management
- Design, implement, and manage a 24 × 7 security monitoring capability (internal or managed
service). - Administer and optimize SIEM, EDR, IDS/IPS, firewalls, and log-aggregation platforms.
- Assist with the development,
maintenance, and enforcement of security operating procedures (SOPs), runbooks, and escalation workflows.
20%Incident
Response & Digital Forensics
- Serve as the Incident Commander for cybersecurity events, coordinating containment,
eradication, and recovery. - Conduct post-incident reviews and root-cause analyses; recommend and track remediation
activities. - Maintain and routinely test the Cybersecurity Incident Response Plan and its integration with Business
Continuity/Disaster Recovery plans.
15%Threat Intelligence & Monitoring
- Collect, analyze, and
operationalize threat intelligence relevant to higher education from MS-ISAC, REN-ISAC, CISA, and commercial feeds. - Perform
proactive threat hunting and coordinate purple-team exercises to validate controls. - Correlate intelligence with internal telemetry
to identify and mitigate emerging threats.
10%Vulnerability & Configuration Management
- Manage enterprise
vulnerability scanning, penetration tests, and remediation tracking. - Oversee secure configuration baselines using CIS Benchmarks and
ensure adherence through continuous monitoring. - Evaluate patch management effectiveness and manage risk-exception
processes.
10%Governance, Risk & Compliance (GRC)
- Align security operations with NIST CSF, NIST 800-171,
GLBA, FERPA, PCI-DSS, and state regulations. - Contribute to annual risk assessments, audits, and security metrics; report on program
maturity and gaps. - Maintain evidence repositories and support external audit and accreditation
activities.
5%Security Architecture & Technology Evaluation
- Assess emerging security technologies and
recommend solutions to enhance the College’s security posture. - Lead proofs-of-concept, integrations, and lifecycle management for
new security tools.
5%Security Awareness & Training
- Coordinate campus-wide security awareness campaigns and
phishing simulations. - Deliver targeted training to IT staff, faculty researchers, and executive
leadership.
5%Vendor & Third-Party Risk Management
- Evaluate security controls of vendors, cloud services,
and research partners. - Enforce contractual security requirements and review SOC 2, ISO 27001, and penetration-test
reports.
5%Program Management, Budgeting, Documentation & Reporting
- Develop and manage the annual security
operations budget. - Track software licenses, maintenance contracts, and renewal schedules for security tools.
- Prepare
executive reports, board briefings, and compliance submissions. - Maintain detailed incident logs, investigative evidence, and
knowledge-base articles.
Additional Duties:
- Performs other related duties as
assigned.
Qualifications:
Required Education and Experience:
- Five (5)+ years of
progressive experience in security operations, incident response, or SOC management; three (3)+ years in a supervisory or lead
role. - Demonstrated experience deploying and managing SIEM, EDR, IDS/IPS, firewalls, and cloud-security controls (e.g., Microsoft
365/Azure Security Center, AWS Security Hub). - Hands-on experience with log analysis, scripting (PowerShell, Python, Bash), packet
capture, and forensic tooling. - Experience interpreting and implementing NIST CSF/800-171, FERPA, GLBA, and/or PCI-DSS
controls. - Proven ability to develop policies, procedures, and security awareness programs.
Preferred Education and
Experience:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field
preferred. - Master’s degree in Cybersecurity, Information Assurance, or Technology Management.
- Higher education or
public-sector experience with research data protections (e.g., CUI, ITAR). - Experience integrating security controls into DevOps or
cloud-native environments.
Licenses, Certifications, or Additional Requirements:
- CISSP, CISM,
GIAC-certified (e.g., GCIH, GCIA, GCFA), or equivalent (preferred). - ITIL Foundations or PMP for program/process management is a
plus.
Supplemental Information:
Knowledge, Skills, and Abilities:
- Deep knowledge of
security operations frameworks, incident handling methodologies, and forensic techniques. - Proficiency with SIEM platforms (Splunk,
Sentinel, LogRhythm, etc.), EDR suites (CrowdStrike, Defender), and network security tools. - Familiarity with cloud-security
architectures (Azure, AWS, Google) and Kubernetes/Container security. - Ability to conduct risk assessments, develop mitigation
strategies, and present technical concepts to non-technical stakeholders. - Strong leadership, team-building, and mentoring abilities;
adept at managing cross-functional incident response teams. - Excellent written and oral communication, analytical, and
customer-service skills. - Ability to plan and execute multiple, complex projects concurrently and adapt quickly to changing threat
landscapes.
PHYSICAL DEMANDS:
The work is medium work which requires exerting up to 50 pounds of force
occasionally, and/or up to 30 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.
WORK
ENVIRONMENT
- Standard office environment with occasional data-center access and limited travel (conferences,
training). - Availability to work outside normal business hours, including on-call rotations and emergency incident response.
General Employment Information
The College of Southern Maryland is an Equal Opportunity Employer.
Background Checks
The College of Southern Maryland conducts background checks in order to ensure the safety
and well-being of the College’s staff and students. The final candidate for this position will be subject to the following background
checks: Criminal History Check and Sex Offender Registry Check.
Conflict of Interest policy
No College of
Southern Maryland employee shall engage in or have a financial interest, directly or indirectly, in any activity that conflicts or raises a
reasonable question of conflict with his or her duties and responsibilities. CSM Employees shall not at any time engage in any outside
employment or independent consulting that would adversely affect their employment status or performance as employees at the college, create
a conflict of interest, or, with the exception of constitutionally protected activities, would compromise or embarrass the college, or
adversely affect professional standing. Any full-time college employee who also holds a full-time position or its equivalent in consulting
elsewhere (whether permanent or seasonal) will be deemed to have a conflict of interest and will be asked to resign from one of the
full-time positions. Full-time employees must promptly disclose in writing, on a form available from the Human Resources Office, to the
college all other full-time employment or its equivalent in independent consulting.
Employment Frequently Asked
Questions
Click here to find our frequently asked questions:https://www.csmd.edu/employment/frequently-ask
ed-questions/index.html
Source ⇲
