Sr. Director of Information Security
The Sr. Director of Information Security provides vision and
leadership for developing and supporting security initiatives such
as development and implementation of the strategies, processes,
tools, and policies necessary to prevent, detect, document, and
counter threats to digital and non-digital information. The Sr.
Director of Information Security directs the planning and
implementation of enterprise IT systems, business operations, and
facility defenses against security breaches and vulnerability
issues. This individual is also responsible for auditing existing
systems, while directing the administration of security policies,
activities, and standards.
Strategy & Planning
Acquisition & Deployment
- In partnership with the CIO, develop and implement a long-term
information security strategy and framework to ensure that Mines’
information assets are protected.
- Participate as a member of the IT leadership team in governance
processes of the organization’s security strategies.
- In partnership with the CIO, lead strategic security planning,
working with the institutional leadership to achieve business goals
by prioritizing defense initiatives and coordinating the
evaluation, deployment, and management of current and future
security technologies using a risk-based assessment methodology
that goes beyond the traditional compliance only view to one that
adopts a comprehensive approach to information security.
- Develop and communicate security strategies and plans to staff,
faculty, students, partners, customers, and stakeholders.
- Assist with the design and implementation of disaster recovery
and business continuity plans, procedures, audits, and
- Develop, implement, maintain, and oversee enforcement of
policies, procedures, guidelines, and associated plans for system
security administration and user system access based on
industry-standard best practices and coordinate their approval and
- Define and communicate institutional procedures, policies, and
standards for the organization for acquiring, implementing, and
operating new security systems, equipment, software, IoT devices,
and other technologies.
- Partner with IT leadership on the evaluation, selection,
implementation, and maintenance of information security
technologies, including but not limited to multi-factor
authentication (MFA), single sign-on (SSO), sender policy framework
(SPF), and identity access management (IAM).
- In partnership with the CIO, organize information security
tabletop exercises at all levels of the organization, in
collaboration with trusted security partners.
Education and Experience:
- Lead recruitment, development, and retention of security
- People management, including staffing models, project
scheduling, career development, succession planning, performance
- Reviews and assesses skills and capabilities of assigned staff.
Seeks opportunities to increase staff capability through training
and other methods.
- Establish annual goals and conduct performance reviews for
- Act as advocate and primary liaison for the institution’s
security vision via regular written and in-person communications
with the leadership, department heads, and end users.
- In partnership with the IT Leadership team develop
institution-wide technology procedures to fully secure information,
computer, network, and processing systems.
- Identify, evaluate, implement and report on information
security best practices and standards (e.g. FERPA, HIPPA, PCI,
- Manage the administration of all computer security systems and
their corresponding or associated software, including firewalls,
intrusion detection systems, SIEMs, cryptography systems, and
- Develop, and track the security services annual operating and
capital budgets for purchasing, staffing, and operations.
- Partner with teams within the IT department and across campus
to ensure that technologies are developed and maintained according
to security policies and guidelines and recommend and implement
changes in security policies and practices in accordance with
changes in local or federal law.
- Creatively and independently provide resolution to security
problems in a value-added manner.
- Lead the assessment and communicate security risks associated
with purchases or practices performed by the institution.
- Collaborate with the CIO, privacy officer, and HR to establish
and maintain a system for ensuring that security and privacy
policies are met.
- Promote and oversee strategic security relationships between
internal resources and external entities, including government,
vendors, partner organizations, and internal and external IT audit
- Remain informed on trends and issues in the security industry,
including current and emerging technologies. Advise, counsel, and
educate executives, management teams, and all relevant stakeholders
on their relative importance, financial impact and appropriate
courses of actions.
- Liaise with law enforcement and other advisory bodies as
necessary to ensure that the organization maintains a strong
- Help to foster a security-aware culture across the Mines
community through the development of a comprehensive information
security awareness campaign that engages with students,
instructors, researchers, and administration.
- Coordinate incident response planning and the investigation of
security breaches and assist with any associated disciplinary,
public relations and legal actions.
Knowledge, Skills, and Abilities:
- Bachelor's degree in Computer Science, Information Security, or
a closely related field. Individuals without a degree may be
considered if they demonstrate possession of substantially the same
knowledge level found in a degree but have attained advanced
knowledge through a combination of work experience and intellectual
- 5+ years of experience managing and/or directing an IT and/or
security operation, including information security governance and
risk-based decision support.
- 7+ years of experience working in the cyber-security
- Demonstrated experience creating and driving enterprise
security programs including but not limited to security awareness
training programs and risk assessments programs.
- Proven experience in planning, organizing, and developing IT
security and facility security system technologies.
- Experience in planning and executing security policies,
procedures, and standards development.
Education and Experience:
- Excellent knowledge of technology environments, including
information security, building security, and defense
- Considerable knowledge of business processes, management,
budgeting, and security risk reduction and mitigation
- Substantial exposure to data processing, outsourced systems,
hardware platforms, enterprise software applications, including but
not limited to SIEMs, Firewalls, and intrusion prevention and
- An understanding of trends and benchmarks in the information
- Knowledge of applicable laws and regulations as they relate to
security including but not limited to security standards like NIST
(National Institute of Standards and Technology), CMMC
(Cybersecurity Maturity Model Certification) compliance.
Certifications and Licenses:
- Master's degree in Computer Science, Information Security, or a
closely related field.
- Experience working in education.
- Experience running and managing a Security Operations Center
- Experience with process improvement techniques and
Knowledge, Skills, and Abilities:
- CEH (Certified Ethical Hacker)
- CISSP (Certified Information Systems Security
- CISM (Certified Information Security Manager)
- CISA (Certified Information Security Auditor)
About Mines & Golden, CO
- Understanding and support of project management
- On occasion, this position may be assigned other duties needed
to help drive to the vision, fulfill the mission, and uphold Mines’
and the Department’s organizational values.
Mines is consistently ranked
among the top engineering colleges
in the United States and ranks number one as the best public school
in the state for best value colleges. Mines is located in the heart
of Golden, Colorado, a western suburb of Denver. The campus
location offers a small-town ambiance with close proximity to all
that the Denver metropolitan area has to offer with an abundance of
cultural events, museums, theaters and sporting venues. An arid
climate and an average 300 days of sunshine per year make the area
an ideal place to live, work and play. We seek individuals who
value a diverse and inclusive community – offering different
perspectives, experiences, and cultures that enrich the educational
and work experience.
Colorado School of Mines is committed to equal opportunity for all
persons. Mines does not discriminate on the basis of age, sex,
gender (including gender identity and gender expression), ancestry,
creed, marital status, race, ethnicity, religion, national origin,
disability, sexual orientation, genetic information, veteran status
or current military service. Further, Mines does not retaliate
against community members for filing complaints regarding or
implicating any of these protected statuses.
Mines’ commitment to nondiscrimination, affirmative action, equal
opportunity and equal access is reflected in the administration of
its policies, procedures, programs and activities and in its
efforts to achieve a diverse student body and workforce.
Through its policies, procedures and resources, Mines complies with
federal law, Colorado state law, administrative regulations,
executive orders and other legal requirements to prevent
discrimination (including harassment or retaliation) within the
Mines campus community and to address potential allegations of
inequity or concerns for safety.
$145,000 - $157,000
Mines takes into consideration a combination of candidate’s
education, training and experience as well as the position’s scope
and complexity, the discretion and latitude required in the role,
work location, and external market and internal value when
determining a salary level for potential new employees.
Mines is proud to provide exceptional benefits that include
pay, health & wellness and work/life balance offerings. Our
portfolio of benefits includes medical, dental, vision, disability
insurance, flexible spending accounts, life insurance, and
retirement savings plans. Additionally, Mines employees are
eligible for tuition benefits (for employees and dependents),
generous paid holidays and leaves and discount programs. For more
information, visit Mines
How to Apply
For full consideration apply by 8/17.
Applicants will be
asked to complete an online application (personal information,
demographic information, references, veterans status) and upload a
resume and cover letter (required). References will not be
contacted until later in the selection process and you will be
informed before that contact is made.
Contact Kathy White at firstname.lastname@example.org
with any questions
about this opportunity.
Background Investigation Required
COVID-19 Vaccine Requirement
This position will require documented proof of full COVID-19
vaccination or exemption because of a medical or religious
exclusion. New employees will be required to provide attestation to
their status with proof of vaccination upon hire. Religious and
medical exemptions and reasonable accommodation shall be addressed
as required by law pursuant to the Equal Employment Opportunity
Commission’s vaccination guidance.
Aug 5, 2022 Mountain Daylight Time