Lead Security Analyst (Reg FT)

Department: Information Technology Svcs

Campus: Office of College Services

Additional Information: This position will remain open until filled. However, in order to ensure consideration for an interview, please submit your completed application, cover letter and resume by no later than September 20, 2025. The College cannot guarantee that application materials received after this date will be considered or reviewed.

Benefits:

• Comprehensive Health Coverage: Access to an excellent health plan with a very low out-of-pocket expense network option.
• Generous Time Off: Enjoy a range of time-off benefits that are tailored to your position, along with a four-day workweek in the summer for an ideal work-life balance. These benefits vary and may include vacation, personal, sick, and holiday pay, as well as options like collegial coverage for faculty.
• Retirement Planning: Options include a 403(b) retirement plan with up to 10% employer match or a state-defined benefit pension.
• Financial Peace of Mind: Employer-paid benefits include group life insurance, short/long-term disability, and access to flexible spending accounts (FSAs).
• Wellness Support: Our Employee Assistance Program (EAP) is available for confidential support, with resources to address personal and professional challenges.
• Educational Support: Take advantage of tuition waivers, tuition reimbursement, Public Service Loan Forgiveness (PSLF) eligibility, and a variety of professional development opportunities to grow your career.
• Exclusive Employee Perks & Rewards: Save on theme parks, sporting events, electronics, and more!
• Additional Advantages: Free employee parking to make your commute easier.

Remote Work Option: Hybrid (May be subject to change)

Salary Grade: Admin 17 - $74,533

Job Category: Administrators

Employment Type: Regular Full-Time

Job Open Date: 9/5/2025

Job Close Date: Open until filled

General Summary:

Serves as process owner for the development and implementation of the college-wide information security program and ongoing activities to preserve the availability, integrity and confidentiality of college information resources in compliance with applicable security policies and standards.

Requirements:

A master's degree in Information Security or related field with 3 years work experience in information security management and/or related functions (such as IT audit and IT Risk Management) or bachelor's degree in Information Security or related field with at least six years of work experience in information security management and/or related functions (such as IT audit and IT Risk Management). Hands-on team leadership and management experience. Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues. Aside from technical skills, should have excellent communications, teamwork, leadership and conflict management skills; Information security management qualifications, such as CISSP or CISM preferred. Ethical hacker certification or willingness to get certified.

This position will be required to report to any CCAC location to provide the necessary support.

Duties:

1. Lead development, documentation and maintenance of information security policies, procedures, and standards across Information Technology Services and the college at large.
2. Provide leadership for ongoing protection, detection and response services for college information resources and digital assets as identified in the college's information security program and strategic plan. Monitors and routinely audits compliance to all information security procedures and policies, and ensures consistency of internal controls across departments.
3. Manage and maintain information security tools such as SIEM, endpoint protection, vulnerability management systems, intrusion detection system and prevention systems (IDS/IPS) and other information security tools and cloud based management consoles.
4. Monitor changes in local, state, and federal regulations and accreditation standards affecting information security, and make recommendations to the Director of Technical Services and other college leaders on the need for policy changes.
5. Liaison with and offer strategic direction throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.
6. Review, maintain, update, and recommend using a cloud computing checklist of all (SaaS, IaaS, PaaS) and other third party hosted CCAC resources.
7. Initiate, facilitate, and promote activities to create information security awareness throughout the college. Develop, implement and assess suitable information security awareness, training and educational activities.
8. Lead the creation and maintenance of the information systems disaster recovery and business continuity plans; coordinate and conduct testing of these plans and the actual disaster recovery process.
9. Independently perform risk assessments and work closely with the college internal auditor and other third party auditors to preempt, mitigate, and respond to any audit findings that require action. Coordinate the annual audit of information security. Make recommendations for improving security measures on-site and cloud.
10. Monitor the internal control systems to ensure that appropriate access levels are maintained. Monitor, identify, and analyze security risks to determine their impact and relevance to the college's assets. Conduct research, analyze data, reach conclusions, and make appropriate recommendations.
11. Provide oversight for incident response for all college systems and information technology resources. Respond to security event escalations, and conduct detailed forensic analysis of potential incidents.
12. Create and maintains all information system and software security certificate activities.
13. Assist in system and software architecture and design to ensure that college assets are appropriately secure at all times.
14. Lead and participate on projects that are related to Information Security at the college.
15. Performs other duties as required or assigned.

Clearances: Current criminal record/child abuse clearances will be required if offered the position and in order to be employed at the College. The three clearances are Pennsylvania Child Abuse History Clearance, Pennsylvania State Police Criminal Records Check, and Federal Bureau of Investigations (FBI) Criminal Background Check. The College has provided instructions on how to obtain these clearances and are available here.