The Information Technology (IT) division supports the district's mission and vision by providing technology-based services and support focused on digital equity, enabling secure and effective data culture, and future-focused sustainability. The IT division's major services areas include infrastructure & network, enterprise client management, school-based site support, educational technologies, a centralized service center, device support and repair, business technology services, student technology services, information security, integration and identity services, enterprise data warehouse, and digital media tools. This department houses approximately 150 individuals that provide centralized technical services to the district.
Jeffco Public Schools is seeking a visionary leader to serve as the Director of Information Security and Identity. This critical role will shape the strategic direction of our information security and identity management programs, ensuring the protection of our systems, data, and community. This person will lead a talented team, collaborate across departments, and champion policies and practices that uphold the confidentiality, integrity, and availability of our information assets.
ESSENTIAL DUTIES AND RESPONSIBILITIES
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Lead the development, implementation, and management of the District's information security and privacy program, ensuring alignment with community needs, Board of Education goals, and industry best practices.
Oversee compliance with the HIPAA Security Rule (45 C.F.R. 160, 162, and 164), Colorado student data privacy laws, and other federal and state privacy regulations by developing and monitoring appropriate policies, procedures, and technical safeguards.
Establish and maintain identity and access management (IdAM) strategies, including deploying advanced authentication methods (e.g., SSO, MFA, RBAC) and managing the District's IAM framework and technical products.
Provide strategic guidance to Chief Information Officer and executive leadership on security initiatives, risk mitigation, and compliance requirements, ensuring alignment with the District's risk tolerance.
Collaborate with Legal, Purchasing, and other departments to provide expertise in cybersecurity and data privacy for contracts, investigations, and regulatory requirements.
Monitor key risk indicators and use metrics and reporting to reveal insights, drive decision-making, and communicate the effectiveness of security initiatives to stakeholders, including the Board of Education and the Jeffco community.
Oversee the development and implementation of security measures for cloud-based and on-premise systems, ensuring consistent application of security practices based on data classification and integration with the District's data governance program.
Directly manage the District Enterprise Architect and oversee the establishment and maintenance of enterprise architecture frameworks to support strategic goals, standards, and policies.
Evaluate and recommend new technologies and solutions that align with enterprise architecture strategies and enhance business processes, incorporating feedback from IT leadership and other stakeholders. Advise on best practices where applicable.
Lead and manage a diverse team of security, identity, and integration professionals, fostering a culture of innovation, collaboration, and continuous learning while overseeing performance evaluations and professional development.
Lead the District's Technology and Data Privacy Advisory Committee (TDPAC), provide guidance on privacy policies in collaboration with administration, the Privacy Advisory Committee, and legal counsel and serve as lead facilitator and presenter.
Develop and oversee organization-wide cybersecurity awareness and training programs, promoting compliance with policies and fostering a culture of security.
Ensure timely responses to cybersecurity incidents, audits, and inquiries, utilizing standardized processes and overseeing remediation of findings.
Provide subject matter expertise and strategic oversight of forensic analysis, cyber-crime investigations, and other critical security operations, ensuring effective risk management and mitigation.
Represent the District in discussions and initiatives related to information security, data privacy, and identity management at local, state, and national levels.
Perform other duties as assigned.
EXPERIENCE 5 years' experience in the IT security space leading complex projects, teams, and managing and leading technical professionals, inclusive of the following: 3 years of hands-on experience in two or more enterprise architecture domains or sub-domains (e.g., business architecture, data/databases, application development, middleware, SOA, IaaS, PaaS, SaaS, cloud infrastructure, security, information analysis, or infrastructure operations), 1 year of demonstrated experience with Identity and Access Management (IAM) systems and design, and 1 year of experience in technical design architecture.
EDUCATION AND TRAINING Bachelor's degree required. Preferred field of study in Computer Science, Mathematics, Science, or related field. Advanced technical training in Security required.
CERTIFICATES, LICENSES, REGISTRATIONS Relevant information security certifications (e.g., CISSP, CISM, CISA) and identity and access management certifications (e.g., CIAM, CAMS) are strongly preferred. In-depth knowledge of security frameworks, compliance requirements, and best practices (ISO 27001, NIST, PCI, HIPAA, COPPA, and CIPA, etc.) preferred but not required. Relevant technical certifications (e.g. TOGAF, ITIL) are a plus.
KNOWLEDGE, SKILLS AND ABILITIES Deep knowledge of Information and Communication Technology (ICT), computing architectures, and network infrastructure. Advanced expertise in Identity and Access Management (IAM) systems, including authentication technologies such as SSO, MFA, and RBAC. Comprehensive understanding of information security principles, practices, and technologies; including risk management, incident response, and data classification. Familiarity with data warehousing, business intelligence, predictive analytics, and data governance frameworks. In-depth knowledge of privacy laws and industry standards (e.g., ISO 27001, NIST, PCI, HIPAA, COPPA, and CIPA). Skilled in leading diverse technical teams, fostering a culture of innovation, collaboration, and continuous improvement. Strong interpersonal skills to build and maintain productive relationships across teams and leadership levels. Skilled in evaluating emerging technologies to enhance security and privacy programs. Ability to align compliance efforts with organizational goals, regulatory requirements, and acceptable risk levels. Ability to convey complex technical concepts clearly to non-technical audiences and diverse stakeholders. Demonstrated ability to resolve complex problems and make critical decisions under pressure.
SPAN OF CONTROL Supervises 4-6 positions including security operations and strategy; identity and access management leads; and the District Enterprise Architect. Indirectly supervise teams of individuals supporting the information security and identity and access management functions. Direct workforce actions during security incidents, ensuring efficient response and resolution. Collaborate with management in times of an information security crisis to ensure that the crisis is managed properly both internally and externally. Lead organization-wide cybersecurity training and promote awareness of the security program. Oversee the planning, coordination, and evaluation of subordinate staff performance. Facilitate enterprise architecture initiatives across other business units and domain administrators.
The physical demands, mental functions, and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.