Director, Information Security
Company: Milton Hershey School
Location: Hershey
Posted on: September 1, 2024
|
|
Job Description:
Description:
Milton Hershey School (MHS) plays a special role in the lives of
our students-far different from that of any other pre-K through
12th-grade school in the world. When chocolatier Milton S. Hershey
and his wife, Catherine, founded the school in 1909, they did so
with the intention of giving children with less more-more hands-on
learning, more access to daily needs, and more opportunities to
enrich their lives. More than a century later, the school has
graduated almost 12,000 students.
MHS is one of the world's best private schools, where students from
qualifying families looking for greater opportunity can explore
their individual interests to the fullest-with all costs covered.
From our career-focused education to character and leadership
development, we nurture students from lower-income backgrounds to
prepare them to enter the world equipped to thrive as
self-sufficient adults.
MHS is seeking a full-time on-site Director, Information Security.
This position reports to the Associate Sr. Director IT, and is
responsible for the design, implementation, management, and
oversight of the organization's information security practices as
defined within the MHS Cyber-Security Framework. The Information
Security team oversees several key security programs which
include:
Security Awareness - (ex: Annual and supplemental student and
employee Training, Phishing Competitions, and ongoing programs,
etc.)
Security Incident Response and Investigations (ex: Breaches,
Disclosures, Staff and Student technology investigations,
Litigation Hold eDiscovery, etc.)
Vulnerability Management and Remediation (ex: Vuln. Scanning,
analysis, and closure, annual Penetration Test engagements and
remediation)
Security Risk Management (ex: Disaster Recovery, Business
Continuity Planning, Enterprise Risk Management, Assessments,
etc.)
Technical and Administrative Security Controls (Device and System
Baseline hardening, Ongoing MDM controls, Internal and
Organizational Security Policies, etc.)
Governance and Compliance (ex: Data Destruction, Application,
Hardware, and Account Lifecycles, etc.)
The starting compensation range for this position is $132k - $176k
plus a competitive benefits package. This is an on-site position in
Hershey, PA.
Responsibilities:
Collaborate with senior IT management to create and implement an
overall strategic vision for Information Security.
Serve as the lead for information security incident response
planning, management, and tracking which also includes all
technology related investigations.
Maintain and enhance the MHS enterprise information security stance
through policy, architecture, technical controls, training, and
awareness. Collaboration on and recommendations of appropriate
security solutions to protect the organization.
Collaborate with other areas within the IT department as well as
with leaders throughout the MHS community to share the
organization's security vision and to solicit their involvement in
achieving higher levels of enterprise security.
Serves as the school's HIPAA Security Officer and work with the
HIPAA Privacy Officers and HIPAA Committee to ensure ongoing
management of information security policies, procedures, and
technical systems for all healthcare information systems to
maintain the confidentiality, integrity, and availability of all
organizational Protected Health Information (PHI).
Supervise the Information Security team and 3rd party
contractors.
Ensure all work, both operational and project work, is prioritized
and completed in an organized, professional, and timely manner.
Ensure the team communicates and collaborates effectively within
other areas of the IT department, and across the school.
Ensure proactive monitoring of existing systems to identify and
resolve security issues and concerns in an efficient and
professional manner.
Ensure preventative maintenance is being performed on existing
systems to remediate security concerns.
Ensure approved technology solutions are designed and implemented
in a professional, secure, and timely manner.
Assist with the design and implementation of application, system,
and infrastructure technology to ensure security controls are in
place with the rollout of new, or upgrades to existing,
technology.
Maintain all required service and support contracts.
Create and maintain accurate information security systems and
policies documentation.
MHS is a 24x7x365 campus which requires after-hours support for
critical systems and security incidents. This position ensures
appropriate levels of support are provided by the team to respond
in a timely manner.
Assists with annual operating and capital budget planning for
systems, services, and projects within the Information Security
team.
Qualifications:
Bachelor's degree in information technology related field or
commensurate years of experience.---
Current CISSP or GISP Certification.
8+ years' experience overseeing and securing technology systems and
services.
Experience overseeing an IT Security Team.
Project management experience.
Demonstrated exceptional customer service skills.
Keywords: Milton Hershey School, Harrisburg , Director, Information Security, Executive , Hershey, Pennsylvania
Click
here to apply!
|