We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
San Jacinto College jobs

Cybersecurity Specialist - GRC

San Jacinto College
remote work
United States, Texas, Pasadena
May 10, 2025

Cybersecurity Specialist - GRC - District Office

FUNCTION: Supports governance, risk, and compliance programs as part of SJC's overall information security strategic plan and program. Assist with the development and management of the information security risk register and assist stakeholders in managing risk and documentation of risk decisions. Aid in the development, monitoring, and enforcement of security policies, procedures, standards, and guidelines in support of industry best practices and compliance requirements. Supports incident management processes and related activities. Reviews effectiveness of controls to ensure the safeguard of college information resources against accidental or unauthorized modification, destruction, or disclosure.
Essential Job Functions:
  • Supports the development, maintenance, and administration of a College-wide information security plan and program, including governance, risk, and compliance functions, as required by Texas Administrative Code Chapter 202, NIST Cybersecurity Framework, FERPA, PCI-DSS, GLBA, and other applicable state and federal requirements.
  • Assist in the development and maintenance of information security policies, procedures, standards, and guidelines that address regulatory requirements, best practices, and the College's information security risks.
  • Support and ensure annual information security risk assessments, controls review, and related audits are performed and documented by information-owners.
  • Reviews effectiveness of controls to ensure the safeguard of college information resources against accidental or unauthorized modification, destruction, or disclosure.
  • Support application security assessment processes, including identiting security requirements and risk mitigation plans, prior to the purchase or introduction of information technology hardware, software, and systems development services for any new high impact computer applications or computer applications that receive, maintain, and/or share confidential data.
  • Aid in the development of information technology disaster recovery and business continuity plans and incident response procedures.
  • Support the review and classification of College's inventory of information systems, data, and related ownership and responsibilities in conjunction with data management office.
  • Collaborate and advise information-owners, information custodians, and end users concerning their information security responsibilities under applicable regulations and SJC policies and procedures.
  • Supports IT Security incident response processes, procedures, and related activities.
Knowledge, Skills and Abilities:
  • Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies
  • Ability to interpret and articulate security technologies and regulatory requirements into college-specific policies, procedures, guidelines, and practices
  • Evidenced experience designing, implementing, and executing cybersecurity governance solutions, tools, and technologies across complex, large-scale environments, all the way from project initiation to the desired end state of operationally healthy and sustainable services
  • Proficient knowledge of cybersecurity standards (NIST Cybersecurity Framework, NIST 800-53, ISO, COBIT) and compliance requirements, including but not limited to TAC 202, FERPA, GLBA, GDPR, and PCI-DSS
  • Excellent communication skills - providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
  • Flexible and adaptable - capable of changing direction where required and showing flexibility to meet new demands
Required Education:
  • Bachelor's degree in computer science or related field; or equivalent combination of education and experience
Preferred Education:
  • Master's degree in business administration or related field
Required Experience:
  • 5 years of experience in IT security or directly related subject matter
  • Demonstrated experience with developing and maintaining information security policies, procedures, and practices
  • In depth knowledge and practical experience with implementing or auditing risk frameworks, e.g. NIST 800 series, NIST CSF, ISO 27001, CIS Top 18, and CMMC
Preferred Experience:
  • 6 years of experience in IT security
  • Technical knowledge of operating systems, defense-in-depth concepts, networks, security related technologies, security configurations, and application security best practices
  • Knowledge of common GRC tools such as LogicManager, RSA Archer, ISORA, HECVAT, or ServiceNow Governance Risk and Compliance
Required Licenses/Certifications (one of the following):
  • Certified Information Systems Auditor (CISA)
  • Certified Cloud Security Professional (CCSP)
  • Certified Risk and Information Systems Control (CRISC)
Preferred Licenses/Certifications:
  • Certified Information Systems Security Professional (CISSP)
Note: This position has opportunity for remote work arrangements with appropriate approvals and in accordance with the policies, procedures, and needs of the College.

Salary Grade: 123

Salary is based on the Board-approved salary schedule for the current fiscal year. See Salary Schedule

Requisition Number: req5715

Posting Close Date: 5/19/2025 at 6 pm CST

Applied = 0
MORE JOBS LIKE THIS

(web-7fb47cbfc5-n2jr4)