Cybersecurity Operations Director

Position Summary

Located 45 minutes from the Nations Capital, nestled in a history-rich community of southern Maryland, The College of Southern Maryland (CSM) is a two-time Aspen Award-winning institution (top 15% of Community Colleges) with academic programs in over 100 disciplines. CSM is among Americas top 100 producers of Minority Associate Degrees in twenty categories, according to Diverse Issues in Higher Education. CSM offers excellent health insurance benefits; State Retirement Pension plan; wellness programs; Code Green early closure Fridays in the summer; college closure for spring break and several major holidays, including the week between Christmas and New Year; and for several days in March for Spring Break. We are an innovative institution committed to student success and well known for our flexibility to meet student and community needs.

The Cybersecurity Operations Director is a critical leadership role within the IMT Division responsible for the day-to-day operation, maturation, and continuous improvement of the Colleges cybersecurity program. This position blends hands-on technical expertise with programmatic oversight to ensure the confidentiality, integrity, and availability of institutional information assets, technology services, and data entrusted to the College of Southern Maryland (CSM).

The Cybersecurity Operations Director establishes and leads a campus-wide Cybersecurity Operations Center function, oversees real-time monitoring, incident response, vulnerability management, and threat intelligence, and drives strategic initiatives aligned to the NIST Cybersecurity Framework, NIST 800-171, FERPA, GLBA, and other relevant regulations. This individual collaborates with IT leadership, academic and administrative units, and external partners to reduce risk, develop policies, manage security technologies, and promote a culture of cybersecurity awareness across the institution.

Reports to: Deputy Chief Information Officer (DCIO)

The hiring salary for this position will be from the min to mid-point of the salary range advertised. This position is open until filled.

Specific Duties and Responsibilities

25% Security Operations & SOC Management

• Design, implement, and manage a 24 × 7 security monitoring capability (internal or managed service).
• Administer and optimize SIEM, EDR, IDS/IPS, firewalls, and log-aggregation platforms.
• Assist with the development, maintenance, and enforcement of security operating procedures (SOPs), runbooks, and escalation workflows.

20% Incident Response & Digital Forensics

• Serve as the Incident Commander for cybersecurity events, coordinating containment, eradication, and recovery.
• Conduct post-incident reviews and root-cause analyses; recommend and track remediation activities.
• Maintain and routinely test the Cybersecurity Incident Response Plan and its integration with Business Continuity/Disaster Recovery plans.

15% Threat Intelligence & Monitoring

• Collect, analyze, and operationalize threat intelligence relevant to higher education from MS-ISAC, REN-ISAC, CISA, and commercial feeds.
• Perform proactive threat hunting and coordinate purple-team exercises to validate controls.
• Correlate intelligence with internal telemetry to identify and mitigate emerging threats.

10% Vulnerability & Configuration Management

• Manage enterprise vulnerability scanning, penetration tests, and remediation tracking.
• Oversee secure configuration baselines using CIS Benchmarks and ensure adherence through continuous monitoring.
• Evaluate patch management effectiveness and manage risk-exception processes.

10% Governance, Risk & Compliance (GRC)

• Align security operations with NIST CSF, NIST 800-171, GLBA, FERPA, PCI-DSS, and state regulations.
• Contribute to annual risk assessments, audits, and security metrics; report on program maturity and gaps.
• Maintain evidence repositories and support external audit and accreditation activities.

5% Security Architecture & Technology Evaluation

• Assess emerging security technologies and recommend solutions to enhance the Colleges security posture.
• Lead proofs-of-concept, integrations, and lifecycle management for new security tools.

5% Security Awareness & Training

• Coordinate campus-wide security awareness campaigns and phishing simulations.
• Deliver targeted training to IT staff, faculty researchers, and executive leadership.

5% Vendor & Third-Party Risk Management

• Evaluate security controls of vendors, cloud services, and research partners.
• Enforce contractual security requirements and review SOC 2, ISO 27001, and penetration-test reports.

5% Program Management, Budgeting, Documentation & Reporting

• Develop and manage the annual security operations budget.
• Track software licenses, maintenance contracts, and renewal schedules for security tools.
• Prepare executive reports, board briefings, and compliance submissions.
• Maintain detailed incident logs, investigative evidence, and knowledge-base articles.

Additional Duties: Performs other related duties as assigned.