IT Information Security Manager

Reporting to the Chief Information Security Officer, the IT Security Manager leads information security operations at MSU Denver. Serving as both a manager and technical mentor, you will help upskill the team while serving as a technical expert in your own right. Your team will administer several security-related systems and services, including our SEIM platform, endpoint security, and other security products. You will participate in the design, implementation, and administration of security solutions, coordinating with partners across campus. You will help lead security incident response efforts, and work with internal and external auditors to review and refine the University's security posture.

Duties/Responsibilities

45% Staff Leadership & Development
You'll lead a team responsible for protecting the University from a range of cyber risks, assisting the CISO in developing team standards, mentoring team members, and working with the campus community. You'll be an escalation point for team members and IT peers and are empowered to make decisions and implement changes to protect the campus' technology infrastructure and data.

25% Security Planning, Research, and Auditing
You will lead security meetings, research and respond to current security issues and alerts, and lead responses to assessments for both IT-managed environments and campus-wide regulatory and compliance auditing.

15% Solution Design & Implementation
You will design and implement security solutions and processes. This includes reviewing security configurations for networking, security, and server platforms. You will collaborate with IT Services teams to develop security standards which ensure that enterprise systems' security postures are aligned with business and security practices.

10% Security Incident Response
You will lead responses to security incidents. This can include assigning tickets for malware remediation, collecting data as part of eDiscovery requests, and assisting in remediation of security related issues.

5% Other tasks
You may be asked to take on additional responsibilities, including occasional off-hours or weekend work. Infrequent domestic travel may be required.

Required Qualifications

• Associate's degree in a technical field or an equivalent combination of education and security administration experience (One year of education is equal to two years of experience)

• Three or more years of IT security administration experience in an enterprise environment, to include networking, firewall administration, Active Directory, endpoint management, or similar

• Experience researching, testing, deploying, and maintaining security solutions

• Experience enforcement of data privacy regulations such as FERPA, HIPAA, andPCI

Preferred Qualifications

• Bachelor's degree in related technical field

• Three years of experience managing security resources in a technical setting

• Five or more years of IT security administration experience in an enterprise environment, to include networking, firewall administration, Active Directory, endpoint management, or similar, and experience:

• Managing enterprise anti-virus and vulnerability management solutions

• Creating scripts using PowerShell, Bash, or similar to automate reporting and administration functions

• Managing Single Sign On and/or Multifactor Authentication solutions

• Previous experience working in higher education.

• Prior experience administering enterprise security in a production Microsoft tenant.

• Prior experience performing penetration testing using automated tools, published vulnerabilities, social engineering, or other mechanisms

• Relevant Industry Certifications such as CEH, CISSP, CISA, CompTIA Security+, or similar.

Schedule Information

• Full-time, 40 hours per week

• Exempt

• Days of the Week:Monday - Friday

• Evenings and Weekend Work: As needed, but infrequent

• Hybrid schedule: average of 1 day/week on campus. For more information on the University's flexible work arrangements policy, please visit: AWA policy

• Travel: Rarely

Salary For Announcement

Under Colorado law, MSU Denver is required to provide a reasonable estimate of the compensation range for this role and should not offer a salary outside of the range posted in this job announcement. This range considers a variety of factors including but not limited to experience, skills, knowledge, abilities, education, licensure and certifications, analysis of internal equity, and other business and organizational needs. It is not typical for an individual to be offered a salary at or near the top of the range for a position. Salary offers are determined based on final candidate qualifications and experience.

The salary range that the University reasonably expects to pay for this position is $80,900 - $135,100.

This position is paid monthly and is eligible for MSU Denver benefits.

Instructions to Apply

Complete applications received byAugust 6, 2024 at 11:59 PM MST will receive full consideration, however applications will be accepted after this date. Interested applicants must apply online at MSU Denver's career site,

MSU Denver Careers (myworkdayjobs.com)and search for JR102672. Internal applicants must apply through their MSU Denver Workday profile via the Jobs Hub.

Applications must include the following documents:

1. Resume

2. Cover letter describing relevant job experiences as they relate to listed job qualifications and interest in the position

Official transcripts will be required of the candidate selected for hire.

IND208