skip to main content

Important Notice

It appears you are using an older version of your browser. While some functions will be available, works best with a modern browser such as the ones provided by:

Please download and install the latest version of the browser of your choice. We apologize for any inconvenience.

Information Security and Identity Manager

Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.

Job Details
Job Order Number
Company Name
McHenry County College
Physical Address
8900 Us Highway 14
Crystal Lake, IL 60012
Job Description

Position Requisition

Job Title
Information Security and Identity Manager
Infrastructure & Security
FLSA Status
Job Type
Position Grade
Employee Type
Full Time
Hiring Range
Commensurate with experience
Grant Funded

Work Year 12 Months Work Year-Other Information Typical Work Schedule 40 Hours | Flexible hours to meet department needs including some evenings (typically one evening per week) and weekends. Bargaining Unit Eligibility Yes-Staff Council Work Week 40 Hours Work Week-Other Information Special Instructions to Applicants

Position Introduction
McHenry County College seeks a Information Security and Identity Manager to bring their cyber security expertise to our IT team. This is an exceptional opportunity to make a significant impact by developing a comprehensive security and privacy program for the state’s leader in community college enrollment growth and transformative programming that propels students to their next success.

McHenry County College is a comprehensive, public, Associate-degree granting institution located in Crystal Lake, Illinois. MCC is known throughout the community and the Illinois Community College System for its exceptional faculty and staff, the quality of its programs and services, and the success of its students. MCC welcomes, encourages, and supports the diversity of our students, faculty, and staff members and seeks to attract and retain individuals who reflect our diverse community.
Position Summary
The Information Security and Identity Manager provides expertise in all areas of cyber security. Primary responsibilities include performing advanced analytics, device manipulation and control in support of network security operations, as well as vulnerability and risk analysis to comply with standard cyber security frameworks. The Information Security Manager is also responsible for daily management and coordination of network intrusion prevention, monitoring of security controls, reviewing device and security logs for anomalies, and trends for forensic analysis correlation. The Information Security and Identity Manager is responsible for the development and delivery of a comprehensive security and privacy program for the College.
Reports to
Chief Information Officer
Essential Functions and Responsibilities

  • Develop, maintain, implement, and evaluate security policies, procedures, standards, systems, and procedures
  • Develop and maintain a written information security plan and security architecture documentation
  • Investigate possible violations of computer and network security.
  • Coordinate response to security incidents.
  • Develop procedures to ensure confidentiality, integrity, and accessibility of data and software. Work closely with IT infrastructure and enterprise application teams to identify and implement appropriate security procedures, software, and hardware
  • Develop and implement procedures and guidelines for internal auditing of information security controls. Conduct or facilitate auditing procedures
  • In conjunction with other IT staff, investigate, recommend, and authorize security tests or security scans (i.e. vulnerability, penetration) affecting information systems resources
  • Evaluate proposed vendors, products, and processes for compliance with College policies (i.e. acceptable use policy)
  • Manage and maintain the College’s digital identities through internal and external directory services and the processes that activate, deactivate, and synchronize those identities
  • Monitor SIEM (Security and Incident Event Management) and enterprise security appliances related to host and network, intrusion detection and prevention systems
  • Perform or coordinate the execution of external and internal penetration tests to detect system vulnerabilities, analyze data and security breaches, and perform incident response and forensic investigations
  • Assure workstation and server security. Perform vulnerability assessment, patch validation, and participates in security risk assessment
  • Assist with the containment, eradication, and prevention of incidents affecting the network environment
  • Collaborate with college departments to integrate and maintain processes to ensure compliance with information security best practices within departmental operating procedures
  • Coordinate the development and delivery of an information security awareness and literacy program for all college employees, other authorized users, and students
  • Serve as information security risk management liaison to the College and make security recommendations to ensure that operations comply with contractual agreements and the law.
  • Maintain an active ongoing testing program to evaluate security of College systems, networks, data, and departmental operating processes. Assist in identifying potential threats and respond to security violations by serving as the College-wide incident handler
  • Participate in the planning and design of College-wide business continuity and disaster recovery strategies where appropriate
  • Ensure that College data, system, and information security policies are followed in all third-party system implementations including projects originating outside the IT division
  • Provide consulting services to all College staff on system, data, and information security issues.
  • Provide recommendations addressing the physical protection of information security-related assets
  • Remain informed of trends and issues in the information security industry, including current and developing technologies, emerging attack techniques, evolving best practice, and new regulations
  • Work with other departments on campus to formulate and promulgate campus-wide effective practices and standards for security and access control to data and information systems
  • Maintain and monitor College user digital identities and the systems used to control those identities
  • Manage and synchronize identities in Azure, Active Directory, CAS, Shibboleth, LDAP and other identity services, and administer the flow of identity and security information between systems
  • Manage and maintain the College’s security certificates
  • Work collaboratively with others (e.g. colleagues, stakeholders, vendors) to accomplish functions and responsibilities
  • Assume additional duties as assigned by immediate supervisor
    Required Education
    Bachelor’s Degree from a regionally accredited institution in related field. An equivalent combination of education and experience considered.
    Other Required Qualifications
  • At least five years of experience in information security and information technology
  • Experience in developing and administering an information security program
    Desired Qualifications
  • Previous information security experience in a large Microsoft enterprise network environment
  • Previous information security experience within higher education
  • SSCP, CISSP, CISA, MCSE, CCNA, PMP, Security + and/or ITIL certifications
    Skills and Specifications
  • Knowledge of and experience in the policy and regulatory environment of information security in higher education, computer security issues, requirements, and trends
  • Understanding of network topology and security concepts
  • Proficient in the use of network operating systems
  • Ability to work independently and within a team to creatively solve complex problems in high-pressure situations
  • Ability to communicate clearly and effectively in both verbal and written formats
  • Strong organizational, administrative, and project management skills
  • Strong conflict management skills
  • Strong interpersonal skills, including the ability to provide outstanding customer service to all college stakeholders
  • Excellent project management skills
  • Responsible and self-directed
  • Ability to lift 50 pounds unassisted
  • Understand cryptographic technologies
  • Proficient with REGEX expressions
  • Ability to read, analyze and interpret common scientific/technical journals, financial reports and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies or members of the business community.
  • Ability to work with mathematical concepts and to apply concepts to practical situations.
  • Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. Ability to deal with a variety of abstract and concrete variables.
  • Ability to understand and analyze information security best practice and develop creative adaptions that support both the college’s mission and security objectives
  • Excellent working knowledge of network security tools and applications such as system incident and event management (SIEM), anti-SPAM applications, network vulnerability testing, anti-virus/anti-spyware applications and other network monitoring tools
  • A working knowledge of standards and experience implementing them such as ISO270001, NIST SP 800, PCI-DSS, SANS Top 20, and other information security best practice publications including applicable laws and regulations such as FERPA, HIPAA, HEOA, COPPA, Red Flag, etc.
  • Excellent working knowledge of network security infrastructure such as firewalls, intrusion prevention and/or detection systems, routers, and switches
  • A working knowledge of network- and computer-related forensic techniques, eDiscovery, and electronic data preservation
  • Knowledge of business continuity and disaster recovery best practice as it relates to information security and information technology
  • Thorough understanding of the latest security principles, techniques, and protocols in cyber security
  • Understanding of troubleshooting, maintaining and performing computer related repairs and desktop application support
  • Commitment and respect for diversity, equity, inclusiveness and the MCC Behaviors of Excellence
  • Commitment to the College mission, vision, values, and goals
  • Ability to perform all of the essential functions, skills, and specifications of the position
    Main Campus

McHenry County College does not discriminate on the basis of race, color sex, national origin, or disability.
See Nondiscrimination Statement for details.

To view full details and how to apply, please login or create a Job Seeker account.