Information Security Coordinator

Division/Department: Administrative Services / Information Services

Reports To: Chief Technology Officer

Salary: This is a full-time twelve (12) month position at 232 days with an annual salary range between $99,528 to $118,547.

Job Summary/Primary Purpose:

Lead the development, implementation, and oversight of ESC Region 13's information security program. Provide strategic and operational leadership for cybersecurity governance, risk management, compliance readiness, security documentation, incident preparedness, and secure technology practices across the organization. Serve as the primary owner of the documentation, evidence, and control maturity required to support SOC 2 Type II readiness and TX-RAMP alignment, including quarterly review and maintenance of cybersecurity policies and procedures.

Support secure software development and operational security for platforms such as Pulse, working closely with infrastructure, systems, development, and data teams to ensure cybersecurity is integrated into software delivery and cloud operations. Expand Region 13's ability to support districts through cybersecurity service offerings such as risk assessments, compliance readiness support, awareness training, incident response planning, and related advisory services.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field
• Five years of experience in information security, IT governance, risk management, compliance, or security operations in an enterprise environment
• Three years of experience leading cross-functional security initiatives, security programs, or compliance efforts
• Experience developing and maintaining security policies, procedures, standards, and evidence for audits or assessments
• Experience with cybersecurity frameworks and control environments such as NIST, CIS, SOC, or similar standards
• CISSP certification, or an equivalent advanced cybersecurity credential

Preferred Qualifications:

• Experience supporting SOC 2 Type II readiness, TX-RAMP, or similar compliance and assurance frameworks
• Experience in cloud security, vendor risk reviews, secure software development practices, and incident response planning
• Experience supporting public sector, education, or district facing cybersecurity services
• Experience leading cybersecurity awareness and training initiatives
• Master's degree in Cybersecurity, Information Assurance, Information Systems, or a related field
• Certifications such as CISM, CRISC, CCSP, Security+, or related credentials

Knowledge/Skills:

Cybersecurity Governance and Compliance

• Strong knowledge of cybersecurity governance, risk management, internal controls, and compliance documentation
• Ability to develop, maintain, and operationalize policies, standards, procedures, and evidence repositories
• Knowledge of security frameworks, control mapping, and continuous monitoring practices

Technical and Operational Security

• Understanding of network security, endpoint protection, identity and access management, logging, monitoring, vulnerability management, and incident response
• Familiarity with secure software development practices and cloud security concepts across AWS and Azure environments
• Ability to collaborate with infrastructure and development teams to integrate security into operations and software delivery

Leadership and Communication

• Strong leadership and communication skills with the ability to work effectively across technical and nontechnical teams
• Ability to present security priorities, risks, and progress to executive leadership and district stakeholders
• Skilled in coordinating training, documentation, and security improvement initiatives across multiple teams

Project and Program Management

• Strong organizational skills and attention to detail in managing security initiatives, quarterly policy reviews, and audit readiness activities
• Ability to manage multiple priorities, maintain documentation accuracy, and ensure follow through on risk mitigation actions

Major Responsibilities:

• Serve as a representative of the Center, displaying courtesy, tact, consideration, and discretion in all interactions with other members of the educational community and with the public
• Lead and maintain the Region 13 cybersecurity governance program
• Own the documentation and evidence management required for SOC 2 Type II readiness and TX-RAMP alignment
• Ensure cybersecurity policies, procedures, and related documentation are reviewed and updated on a quarterly basis
• Develop and maintain the organizational risk register, including mitigation tracking and follow-up
• Coordinate internal security assessments, control validation activities, and remediation efforts
• Maintain incident response documentation, readiness procedures, and tabletop exercise planning
• Work closely with the Network team, Systems Administration team, and development staff to strengthen security controls and monitoring practices
• Support secure development and ongoing operations for Pulse and other software and cloud initiatives
• Integrate security requirements into vendor evaluations, procurement workflows, and technology implementations
• Coordinate cybersecurity awareness, training, and internal guidance for staff
• Support and help deliver district-facing cybersecurity services, including risk assessments, compliance readiness support, security training, incident response planning, and related offerings
• Serve as a trusted advisor to the CTO on cybersecurity strategy, risk posture, and program maturity
• Perform other duties as assigned

Supervisory Responsibilities:

• May supervise assigned cybersecurity staff, contractors, consultants, or project-based personnel as approved
• Provides functional leadership across teams involved in cybersecurity, compliance, and secure technology operations
• Establishes expectations and promotes consistent security practices across assigned areas of responsibility

Budget Responsibilities:

• None

Working Conditions:

• Must be able to work in a fast-paced environment with multiple competing priorities
• Indoor office environment with some remote work flexibility
• Physically able to lift and move PC systems, servers, or networking components up to 40 lbs
• Occasional evening or weekend work may be required
• On-call for critical infrastructure and network emergencies
• Follow policies and procedures
• Some travel within the region for district support or technical service coordination

Equipment Used:

• Computer, peripherals, and general office equipment
• Server and networking equipment