Senior Director of IT Security
Montgomery County Community College, Blue Bell, Pennsylvania, us, 19424
Salary:
$99,000.00 - $111,000.00 Annually Location :
Blue Bell Job Type:
Regular Full-Time Job Number:
202600084 Division:
Administrative Services Department:
Information Technology Opening Date:
01/30/2026 Closing Date:
3/1/2026 12:00 AM Eastern FLSA:
Exempt Job Level:
19 Reports To:
Chief Information Officer - Information Technology Classification:
Administrator
BASIC PURPOSE *This position has college-wide responsibilities and requires travel between all campuses but will be based at the Blue Bell campus. **This position has been approved for a flexible work option arrangement. Flexible work options can be ended at any time by the College, Cabinet, and/or supervisors based on employee performance and/or as institutional needs change. The Senior Director of IT Security serves as the College's Information Security Officer (ISO) and is the College's lead for cybersecurity strategy, governance, and risk management. This is a role for someone who likes complexity, who can see the big picture, and who is willing to dive into the details when the moment calls for it. The Senior Director sets the direction for a secure and resilient technology environment, leads the development and execution of the College's IT Security Program, and works closely with senior leaders to align security priorities with academic and administrative needs. The Senior Director reports to the Chief Information Officer and plays a central role in strengthening the College's overall security posture and shaping a campus culture that values awareness, responsibility and shared stewardship.
The position is responsible for building and evolving the College's security strategy in a way that matches the institution's mission and operational realities The Senior Director leads a small but dedicated security team of two full-time employees, providing mentorship, structure and day-to-day guidance. The role balances strategic planning with hands on technical work and requires someone who is comfortable guiding staff while also stepping in to solve complex challenges directly. The Senior Director advises institutional leadership on emerging threats, recommends appropriate responses, and drives projects and initiatives that reduce risk to the College. The successful candidate brings sound judgment, technical depth, and the ability to translate security needs into clear and actionable decisions for the institution.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Lead the development and execution of the College's Cybersecurity and Information Security Program and multi-year roadmap. Maintain an enterprise view of technology and data risks and recommend mitigation strategies. Provide direction for security architecture and key security technologies, including identity and access management, network security, endpoint security, and cloud security. Lead risk assessments, security audits, business continuity, and disaster recovery planning. Maintain situational awareness of emerging threats and advise leadership on institutional exposure. Communicate new threats and trends to the executive team in a manner that facilitates appropriate prioritization and resource allocation of IT security initiatives. Advise senior leadership on cyber risk, regulatory obligations, and required investments. Oversee vulnerability management, configuration management, and incident response programs to identify and mitigate risks. Champion a campus culture of security awareness and shared responsibility. Guide team members in day-to-day hands-on activities, while maintaining the ability to personally assist with complex or critical issues when necessary. Actively participate in IT security organizations and maintain professional relationships that facilitate effective and up-to-date management of the IT security program and awareness of current global IT security threats. Oversee and continuously improve incident response and recovery efforts. This includes leading the forensic investigation of security breaches and assisting with disciplinary and legal matters as necessary. Manage vendor relationships and third-party risk reviews. Other duties as assigned. ESSENTIAL KNOWLEDGE AND SKILLS 1. Education/Training/Work Experience
Bachelor's degree in information technology or related field required. Master's Degree preferred. 8 years of progressive information technology and/or cybersecurity experience with at least 5 years of supervisory experience. Experience building, leading, or maturing an institutional security program is preferred. CISSP, CRISC, CISM, CISA or equivalent senior level cybersecurity certification is preferred. Hands on experience in security infrastructure systems. Experience managing partnerships with 3rd party vendors. Ability to communicate security priorities and risk impacts to technical and non-technical audiences. Experience in mentoring and developing staff members. Strong understanding of NIST CSF, risk management practices, and regulatory frameworks relevant to higher education (e.g., FERPA, HIPAA, GLBA, and PCI-DSS). 2.Specialized Knowledge & Skills:
Advanced understanding of technical and business process controls that ensure the confidentiality, integrity and availability of technology and data. Execution of risk assessments, security audits, business continuity, vulnerability, and penetration testing. Ability to work autonomously and make quick and effective decisions. Implementation of IT security best practices. Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community. Maintains availability during off-hours, as needed, to provide leadership and decision-making during cybersecurity incidents or other critical events.
Montgomery County Community College is committed to assuring equal opportunity to all persons and does not discriminate on the basis of race, color, religion, religious creed, sex, pregnancy, ancestry, national origin, age, affectional or sexual orientation, genetic information, gender identity, gender presentation, veteran's status, marital status or disability in its educational programs, activities, or employment practices as required by Title IX of the Educational Amendment of 1972, section 504 of the Rehabilitation Act of 1973, and other applicable statutes.
Inquiries concerning Title IX relating to equal opportunity on the basis of sex should be referred to: Title IX Coordinator, Mikiba W. Morehead, Ed.D., TNG, LLC, at
All other equal opportunity inquiries, including those based upon disability, should be referred to: The Director of Equity, Diversity & Belonging, at or 215-619-7383. We offer a complete benefits package to full-time employees including health care, dental, vision, retirement, flexible spending accounts, life insurance, holidays, vacation, and sick leave. To learn more details, visit our benefits page. 01
Do you have a bachelor's degree (or higher) in information technology or related field?
Yes No
02
Do you have at least 8 years of progressive information technology and/or cybersecurity experience with at least 5 years of supervisory experience?
Yes No
03
Do you have an approved industry Security Certification (e.g., CISSP, CISM, or similar)?
Yes No
Required Question
$99,000.00 - $111,000.00 Annually Location :
Blue Bell Job Type:
Regular Full-Time Job Number:
202600084 Division:
Administrative Services Department:
Information Technology Opening Date:
01/30/2026 Closing Date:
3/1/2026 12:00 AM Eastern FLSA:
Exempt Job Level:
19 Reports To:
Chief Information Officer - Information Technology Classification:
Administrator
BASIC PURPOSE *This position has college-wide responsibilities and requires travel between all campuses but will be based at the Blue Bell campus. **This position has been approved for a flexible work option arrangement. Flexible work options can be ended at any time by the College, Cabinet, and/or supervisors based on employee performance and/or as institutional needs change. The Senior Director of IT Security serves as the College's Information Security Officer (ISO) and is the College's lead for cybersecurity strategy, governance, and risk management. This is a role for someone who likes complexity, who can see the big picture, and who is willing to dive into the details when the moment calls for it. The Senior Director sets the direction for a secure and resilient technology environment, leads the development and execution of the College's IT Security Program, and works closely with senior leaders to align security priorities with academic and administrative needs. The Senior Director reports to the Chief Information Officer and plays a central role in strengthening the College's overall security posture and shaping a campus culture that values awareness, responsibility and shared stewardship.
The position is responsible for building and evolving the College's security strategy in a way that matches the institution's mission and operational realities The Senior Director leads a small but dedicated security team of two full-time employees, providing mentorship, structure and day-to-day guidance. The role balances strategic planning with hands on technical work and requires someone who is comfortable guiding staff while also stepping in to solve complex challenges directly. The Senior Director advises institutional leadership on emerging threats, recommends appropriate responses, and drives projects and initiatives that reduce risk to the College. The successful candidate brings sound judgment, technical depth, and the ability to translate security needs into clear and actionable decisions for the institution.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Lead the development and execution of the College's Cybersecurity and Information Security Program and multi-year roadmap. Maintain an enterprise view of technology and data risks and recommend mitigation strategies. Provide direction for security architecture and key security technologies, including identity and access management, network security, endpoint security, and cloud security. Lead risk assessments, security audits, business continuity, and disaster recovery planning. Maintain situational awareness of emerging threats and advise leadership on institutional exposure. Communicate new threats and trends to the executive team in a manner that facilitates appropriate prioritization and resource allocation of IT security initiatives. Advise senior leadership on cyber risk, regulatory obligations, and required investments. Oversee vulnerability management, configuration management, and incident response programs to identify and mitigate risks. Champion a campus culture of security awareness and shared responsibility. Guide team members in day-to-day hands-on activities, while maintaining the ability to personally assist with complex or critical issues when necessary. Actively participate in IT security organizations and maintain professional relationships that facilitate effective and up-to-date management of the IT security program and awareness of current global IT security threats. Oversee and continuously improve incident response and recovery efforts. This includes leading the forensic investigation of security breaches and assisting with disciplinary and legal matters as necessary. Manage vendor relationships and third-party risk reviews. Other duties as assigned. ESSENTIAL KNOWLEDGE AND SKILLS 1. Education/Training/Work Experience
Bachelor's degree in information technology or related field required. Master's Degree preferred. 8 years of progressive information technology and/or cybersecurity experience with at least 5 years of supervisory experience. Experience building, leading, or maturing an institutional security program is preferred. CISSP, CRISC, CISM, CISA or equivalent senior level cybersecurity certification is preferred. Hands on experience in security infrastructure systems. Experience managing partnerships with 3rd party vendors. Ability to communicate security priorities and risk impacts to technical and non-technical audiences. Experience in mentoring and developing staff members. Strong understanding of NIST CSF, risk management practices, and regulatory frameworks relevant to higher education (e.g., FERPA, HIPAA, GLBA, and PCI-DSS). 2.Specialized Knowledge & Skills:
Advanced understanding of technical and business process controls that ensure the confidentiality, integrity and availability of technology and data. Execution of risk assessments, security audits, business continuity, vulnerability, and penetration testing. Ability to work autonomously and make quick and effective decisions. Implementation of IT security best practices. Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community. Maintains availability during off-hours, as needed, to provide leadership and decision-making during cybersecurity incidents or other critical events.
Montgomery County Community College is committed to assuring equal opportunity to all persons and does not discriminate on the basis of race, color, religion, religious creed, sex, pregnancy, ancestry, national origin, age, affectional or sexual orientation, genetic information, gender identity, gender presentation, veteran's status, marital status or disability in its educational programs, activities, or employment practices as required by Title IX of the Educational Amendment of 1972, section 504 of the Rehabilitation Act of 1973, and other applicable statutes.
Inquiries concerning Title IX relating to equal opportunity on the basis of sex should be referred to: Title IX Coordinator, Mikiba W. Morehead, Ed.D., TNG, LLC, at
All other equal opportunity inquiries, including those based upon disability, should be referred to: The Director of Equity, Diversity & Belonging, at or 215-619-7383. We offer a complete benefits package to full-time employees including health care, dental, vision, retirement, flexible spending accounts, life insurance, holidays, vacation, and sick leave. To learn more details, visit our benefits page. 01
Do you have a bachelor's degree (or higher) in information technology or related field?
Yes No
02
Do you have at least 8 years of progressive information technology and/or cybersecurity experience with at least 5 years of supervisory experience?
Yes No
03
Do you have an approved industry Security Certification (e.g., CISSP, CISM, or similar)?
Yes No
Required Question