Director of Information & Security (DOIS)
Stanbridge University · Irvine, CA · 1 mo ago
On-siteInformation Technology$120k–$160k/yrFull-time
Position Summary
Stanbridge University is seeking a strategic and hands-on Director of Information & Security (DOIS) to lead the institution's cybersecurity, infrastructure, systems governance, and enterprise technology operations.
Essential Functions & Responsibilities
- Cybersecurity & Risk Management
- Lead the university's enterprise cybersecurity strategy, roadmap, and operational security posture
- Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements
- Oversee vulnerability management, endpoint security, threat detection, SIEM monitoring, patch management, penetration testing, and incident response activities
- Direct security investigations, remediation efforts, forensic coordination, and breach response procedures when necessary
- Conduct regular security risk assessments and recommend mitigation strategies across infrastructure, applications, and third-party systems
- Maintain disaster recovery and business continuity strategies, including testing and recovery validation
- Infrastructure & Systems Administration
- Oversee enterprise infrastructure operations including servers, networking, virtualization, storage, wireless environments, cloud services, and telecommunications systems
- Lead infrastructure modernization initiatives and lifecycle planning for enterprise systems and hardware
- Ensure reliability, scalability, uptime, and performance of university technology systems
- Direct backup, redundancy, and recovery operations to minimize operational risk
- Oversee Microsoft 365, Azure/AWS environments, directory services, device management, and institutional enterprise systems
- Monitor system performance, capacity planning, and infrastructure optimization initiatives
- Manage vendor relationships, service providers, licensing, and technology contracts
- Governance, Compliance & Policy
- Maintain governance frameworks and operational standards across departments
- Ensure compliance with applicable regulations and standards, including FERPA, HIPAA (where applicable), GLBA, PCI-DSS, and cybersecurity best practices relevant to higher education
- Develop and maintain institutional IT policies related to acceptable use, access controls, data retention, incident response, and information security
- Ensure institutional technology platforms support WCAG 2.1 accessibility standards and incorporate OWASP security best practices throughout application and infrastructure environments
- Support accreditation and audit activities by maintaining accurate documentation, controls, and compliance evidence
- Partner with institutional leadership to evaluate and mitigate operational and cybersecurity risks
- Maintain asset management and technology inventory governance processes
- Leadership & Strategic Operations
- Lead and mentor IT infrastructure and security personnel, fostering accountability, technical excellence, and continuous improvement
- Develop departmental goals, operational KPIs, and strategic technology initiatives aligned with university priorities
- Collaborate with academic leadership to support instructional technologies, simulation environments, and campus innovation initiatives
- Participate in budgeting, forecasting, and technology investment planning
- Provide executive-level reporting on cybersecurity posture, operational performance, incidents, risks, and strategic initiatives
- Serve as an escalation point for critical infrastructure and security incidents
- Promote a service-oriented IT culture focused on responsiveness, professionalism, and institutional partnership
Qualifications
- Ability and willingness to work on-site at the Irvine, California campus on a full-time basis
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Information Systems, or related field
- 7+ years of progressive IT leadership experience with direct responsibility for infrastructure, cybersecurity, and enterprise systems
- Strong experience managing enterprise networks, cloud infrastructure, endpoint security, and identity management systems
- Working knowledge of web application architecture, API integrations, authentication protocols (SSO, SAML, OAuth), and cloud-hosted enterprise applications
- Demonstrated experience leading incident response and security remediation efforts
- Experience managing vendors, technology procurement, and operational budgets
- Strong understanding of Microsoft enterprise environments, virtualization platforms, cloud services, and network security architecture
- Excellent leadership, communication, documentation, and organizational skills
Preferred Qualifications
- Master's degree in Cybersecurity, Information Systems, Business Administration, or related field
- Higher education or regulated-environment experience strongly preferred
- Industry certifications such as CISSP, CISM, CEH, Security+, AWS Security Engineer, CCNA, or similar
- Experience supporting LMS platforms, educational technologies, or academic technology ecosystems
- Experience with compliance audits and governance programs
- Familiarity with AI governance, cloud security architecture, and zero-trust security models
Knowledge, Skills & Abilities
- Strong cybersecurity operations and infrastructure management expertise
- Ability to communicate technical concepts effectively to executive and non-technical stakeholders
- Strategic thinking with strong operational execution capabilities
- Excellent problem-solving and crisis management skills
- Strong analytical and documentation abilities
- Commitment to confidentiality, integrity, and operational excellence