Director, IT Security & Technology

Salary: $140,000 - $160,000 (based on experience and education)

Catholic Charities of Baltimore is currently seeking a Director, IT & Security, who will be responsible for designing, implementing, and maintaining the Agency’s cybersecurity strategy, ensuring protection of enterprise technology architecture while supporting business goals and strategies. This senior-level role safeguards sensitive data, systems, and networks from cyber threats, ensures regulatory compliance, and implements best practices to protect data and maintain stakeholder trust. The director provides leadership to manage risk, ensuring alignment with business objectives, governance, and system availability, integrity, and confidentiality in coordination with IT functions, the Agency compliance committee, divisions, and departments. The hybrid work schedule is Monday – Friday, 8:30am – 4:30pm (3 days in the office / 2 days at home).

JOB DUTIES & RESPONSIBILITIES:

• Responsible for ensuring an adequate level of information security protection and risk management including the confidentiality, integrity and availability of Agency data and other information assets with accountability for regularly assessing security controls, ensuring compliance with policies, and holding stakeholders accountable for addressing vulnerabilities and maintaining appropriate safeguards.
• Develop and manage the frameworks, processes, and tools necessary for IT to properly manage security risks and make informed, risk-based decisions, ensuring accountability by regularly monitoring performance, assessing compliance, and holding relevant stakeholders responsible for adhering to security protocols and mitigating risks.
• Conduct regular risk assessments and vulnerability tests to identify potential security threats and develop strategies to mitigate them.
• Manage, monitor, and analyze security incidents, investigating any breaches or security incidents and implementing corrective actions, and proactively addressing vulnerabilities to prevent future incidents as necessary.
• Maintain subject matter expertise of the latest industry trends, threats, and technologies to ensure that the Agency's IT security measures are current and effective.
• Develop and manage the Agency's security policies and procedures. Collaborate with Agency Programs to ensure that security requirements are integrated into the design and implementation of new systems and technologies.
• Develop, implement, and manage security awareness programs to educate employees about security best practices and promote a culture of security within the organization.
• Manage relationships with external vendors and partners to ensure that security controls are effectively implemented and maintained.
• Lead the cybersecurity strategy and technology roadmap assessing existing, new and emerging technologies. Oversee endpoint protection strategy for all Agency computing systems.
• Manage Agency compliance for relevant data privacy regulations, changing laws and industry standards including but not limited to HIPAA, ISO27001, CISA, GDPR, PCI DSS.
• Develop and implement security awareness programs to educate employees about security best practices and promote a culture of security within the organization.
• Prepare and present regular reports to senior management on the Agency's IT security posture, including insights, recommendations, and metrics.
• Lead IT disaster recovery initiatives ensuring they are current and tested as per the IT Disaster Recovery policy/procedures. Develop effective disaster recovery policies and standards to align with company business continuity management program goals.
• Provide technical/security training, knowledge transfer, and mentorship to IT colleagues.
• Co-leads technology architecture decisions across Agency application and network enterprise domains, such as data, application, and security architectures enforcing compliance with architectural standards, avoiding inefficiencies, and managing security risks.
• Perform other duties as assigned.

EDUCATION & EXPERIENCE REQUIREMENTS:

• Bachelor's degree in Computer Science, Information Technology, or a related field.  Combination of education and experience may be considered.
• 5 years’ work experience designing and delivering comprehensive security solutions including technical and non-technical components.
• 10 years’ work experience in IT including infrastructure, cloud/hybrid environments, networking, and end user computing environments.
• Proven experience in an IT security technical leadership role, with a track record of successfully implementing and managing IT security programs.
• Strong knowledge of relevant regulations and standards, such as GDPR, HIPAA, ISO 27001, etc.
• Experience with risk management methodologies and frameworks.
• Familiarity with project management principles and practices.
• Excellent written and verbal communication skills.
• Strong attention to detail and the ability to prioritize and manage multiple tasks simultaneously.

Certification/Licensure:

• Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable.

 REQUIRED SKILLS & ABILITIES:

• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
• In-depth knowledge of IT security principles, best practices, and industry standards.
• Excellent problem-solving and analytical skills, with the ability to identify and mitigate security risks.

• Familiarity with security tools and technologies, such as firewalls, intrusion detection and prevention systems, encryption, antivirus software, etc.

• Strong knowledge of privacy and security frameworks. Experience implementing and managing CIS Top 20 controls a plus.
• Knowledge of network and system administration.
• Proven skills with Microsoft Entra Domain Services, Microsoft 365, SAN, server, networking, VOIP, unified communication, virtualization, and end user computing including end point device management (PCs, tablets, smartphones, and other mobile devices), and helpdesk solutions. 
• Demonstrated knowledge of accounting, payroll, human resources, and information systems, healthcare applications a plus.
• Proficiency in conducting risk assessments and vulnerability testing.
• Familiarity with regulatory requirements and industry standards related to IT security.
• Demonstrated knowledge of Aruba Wireless, ClearPass, and Watchguard technologies a plus.
• Proven working knowledge of technologies such as cloud computing, AI, cybersecurity and data analytics.

• Ability to act with discretion, tact, and professionalism in all situations.
• Requires the ability to utilize computer systems and software necessary to perform position functions. Basic Windows PC, web browsing (i.e., Chrome, Internet Explorer, etc.), and Microsoft Outlook skills required.  Other Microsoft Office application knowledge, such as Word, Excel PowerPoint, Teams, and OneDrive desired.

PHYSICAL REQUIREMENTS & WORK ENVIRONMENT:

• Sedentary work that primarily involves sitting/standing.
• Remaining in a stationary position, often standing or sitting for prolonged periods.
• Communicating with others to exchange information.
• Adjusting or moving objects up to 15# in all directions, regularly throughout the day.
• Repeating motions that may include the wrists, hands and/or fingers.
• Assessing the accuracy, neatness and thoroughness of the work assigned.

We offer a wide range of benefits to meet the ever-changing needs of our employees including but not limited to:

• Health/Dental/Vision
• Vacation/sick/holiday pay
• 403(b) Retirement Plan with a discretionary employer contribution 
• Tuition Advancement
• Paid Parental Leave

Join Catholic Charities of Baltimore where you will be an important member of a trauma-informed care organization that promotes a culture of safety, empowerment, healing, and self-care, and that believes that every person has infinite worth and promise.

Catholic Charities is an equal opportunity employer

Salary : $140,000 - $160,000