What are the responsibilities and job description for the Executive Director, Information Security position at Chicago Public Schools?

Chicago Public Schools (CPS) is a district on the rise, serving over 320,000 students in 500 schools and employing over 44,000 people, most of them teachers. CPS has set ambitious goals to ensure that every student, in every school and every neighborhood, has access to a world-class learning experience that prepares each for success in college, career, and civic life. In order to fulfill this mission, we make three commitments to our students, their families, and all Chicagoans : academic progress, financial stability, and integrity. Six core values are embedded within these commitments - student-centered, whole child, equity, academic excellence, community partnership, and continuous learning.

The Department of Information and Technology Services (ITS) works to build the capacity of schools to use information and technology, maintain network infrastructure, security standards, and support other departments to meet district goals. ITS provides innovative technology solutions that improve the quality of education for students, reduce the administrative burden on educators, facilitate parent interaction, increase community engagement, and support CPS' mission of transparency by focusing on the ease and equity of access to information.

Job Summary :

Reporting to the Chief Information Officer, the Executive Director, Information Security is responsible to establish and execute information security program directives, policy development, and policy enforcement as well as overseeing district's network security systems. The Executive Director, Information Security will develop mechanisms to best identify, evaluate, and mitigate district-wide information security risks in a manner that upholds compliance and regulatory requirements, and aligns with the risk posture of CPS. This role leads the information security and operations teams. This is a full-time exempt position that will be paid for time worked on a salary basis.

This Job will be held accountable for the following responsibilities :

Establish and execute strategic, comprehensive enterprise information security program directives and plans, including any and all district-wide information security training efforts to ensure that the confidentiality, integrity, and availability of information is owned, controlled or processed in a manner compliant with the CPS Board Policy and relevant regulatory authorities
Develop and maintain information security policies, standards, guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase district awareness of relevant information security practices
Lead and develop the information security and operations teams
Provide leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans
Provide oversight to the architecture and engineering of new security systems; including the evaluation of technical designs
Ensure that system and application security design is in accordance with CPS Board Policy; consult with IT teams to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications and software
Lead investigations of any actual or potential information security violations and manage escalation of security events; assist with related legal matters associated with such events as needed and make recommendations to correct or prevent future incidents
Monitor external threat environment for emerging threats and advise relevant stakeholders on appropriate courses of action
Provide regular reporting on current state of information security program to the CIO and other senior managers as appropriate
Establish metrics and reporting framework to measure the efficiency, effectiveness, and maturity level of the program
Liaise with relevant CPS business units (such as Internal Audit, Law, Finance, Safety & Security, Risk Management, HR teams), and external agencies as needed to ensure that CPS maintains a strong security posture
Work with system administrators and application developers to audit, monitor and validate their environment's security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks
Other duties as assigned

In order to be successful and achieve the above responsibilities, this position must possess the following qualifications :

Education Required :

Bachelor's degree from an accredited college or university in Computer Science, Information Systems, or other related field

Professional security management certification, such as Certified Information Systems Security Professional (CISSP), or similar credentials, preferred

Master's degree, preferred

Experience Required :

Minimum of seven (7) years experience in the information technology field, including a minimum of five (5) years in an information security role

Minimum of three (3) years experience in large (>

50,000 users) heterogeneous enterprise-level IT organization

Minimum of five (5) years of supervisory experience

Experience with contract and vendor negotiations

Experience designing and managing new and existing security systems

Knowledge, Skills, and Abilities :

Proven track record and ability to develop information security programs, policies and procedures, including successful implementations in large enterprise environments

High degree of initiative, dependability; experience managing multiple, simultaneous, and high-profile information security initiatives and responses

High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgement and maturity

Strong knowledge of common information security management frameworks, such as ISO / IEC 27001, COBIT, NIST, CSA and deep knowledge and understanding of relevant legal and regulatory requirements / standards, including but not limited to : Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act of 1996 (HIPAA), Children's Online Privacy Protection Act (COPPA), Payment Card Industry Data Security Standard (PCI DSS), Illinois School Student Records Act (ISSRA)

Ability to advise infrastructure and applications staff in securing their respective environments

Exhibit strong written and verbal communication skills, interpersonal and collaborative skills

Strong ability to convey security information to non-technical end-users in a way that inspires adoption and adherence to all IT and Board security policies and programs

Conditions of Employment

As a condition of employment with the Chicago Public Schools (CPS), employees are required to :

Establish / Maintain Chicago Residency - Employees are required to live within the geographic boundaries of the City of Chicago within six months of their CPS hire date and maintain residency throughout their employment with the district. The Chicago residency requirement does not apply to temporary / part-time positions, however, all CPS employees must be residents of Illinois.

Apply for this job

Receive alerts for other Executive Director, Information Security job openings

Executive Director, Information Security

What are the responsibilities and job description for the Executive Director, Information Security position at Chicago Public Schools?

What is the career path for a Executive Director, Information Security?

Job openings at Chicago Public Schools

Not the job you're looking for? Here are some other Executive Director, Information Security jobs in the Chicago, IL area that may be a better fit.

We don't have any other Executive Director, Information Security jobs in the Chicago, IL area right now.

AI Assistant is available now!