Sr. Manager - Security Operations and Identity Access Management

The current salary being offered for this position is $113,000–$138,000, depending on qualifications and experience.

In support of the mission, goals, and strategic priorities of the College, this position is responsible for the security, availability and delivery of technical services to the Harper community, including students, faculty, staff. In consideration of the Information Technology philosophy of a customer-focused organization. The Manager of Security Operations and Identity Management is responsible for overseeing cybersecurity operations and identity and access management (IAM) programs across the institution. This role plays a critical leadership role within the Information Security Office, ensuring the college’s technology infrastructure and sensitive data are protected in accordance with regulatory, institutional, and industry standards. The Manager works collaboratively with stakeholders across campus to educate and implement secure access practices and monitor threats, while leading efforts to continuously improve cybersecurity posture in support of the college’s mission.

Directs the daily operations of the Information Security and Identity Management Teams, setting goals and priorities aligned with institutional objectives.  Develops and maintains incident response procedures, including coordination of response to threats, alerts, incident mitigation, and forensics.

Oversees the College's M365 platform including access control, identity provisioning, data governance and security controls

Oversees the implementation and maintenance of IAM solutions, ensuring efficient and secure access to institutional systems. This encompasses provisioning, de-provisioning, and managing access controls to ensure secure and appropriate access to systems and services.

Manages the lifecycle of user identities across institutional systems, including onboarding, role changes, and de-provisioning. Leads periodic access reviews and support implementation of Role-Based Access Control (RBAC) models.

Oversees the administration and enforcement of Multi-Factor Authentication (MFA), Single Sign-On (SSO), and directory services.

Monitors and evaluates security systems, tools, and services (e.g., SIEM, EDR, DLP), and coordinates upgrades or replacements as needed.

Develops and maintains DR Plans: Creates, updates, and tests disaster recovery policies and procedures aligned with business continuity objectives.

Leads recovery teams, manages vendor relationships, and oversees restoration activities during incidents.

Serves and collaborates with campus governance groups, IT committees, and external partners such as higher ed security alliances. 

Leads security aspects of technology projects, including new system implementations and third-party integrations.

Analyzes threat intelligence and vulnerability management systems data to assess risks, recommend mitigations, and develop appropriate security patching cadences..

Maintains documentation related to processes, procedures, policies, and compliance requirements.

Represents the Information Security Office in institutional planning, risk assessments, and policy development.

Ensures compliance with applicable laws, regulations, and standards including GLBA, FERPA, HIPAA, and NIST frameworks.

Supports institutional risk management and compliance efforts through documentation, audits, risk assessments, and reporting.

Fosters a campus-wide culture of cybersecurity awareness through education, communication, and training initiatives.

Serves as a liaison to internal and external auditors, regulatory bodies, and vendors as it pertains to security operations and IAM.

Performs other duties as assigned.

Education:  

•  Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.

Experience: 

• Minimum of  Five (5) years of progressive experience in information security, Identity Access Management and/or Security Operations field, including three (3) years in a Supervisory or Managerial role. 
• Expertise with IAM protocols (SAML, OAuth, LDAP), security frameworks, and compliance standards applicable to higher education (FERPA, GLBA, HIPPA, etc).
• Expertise with M365 tenant administration including Microsoft Defender and Microsoft Purview
• Experience with enterprise IAM platforms (e.g., Active Directory, Entra, Okta, Duo) and security technologies (e.g., SIEM, firewalls, endpoint protection).
• Experience managing vendor relationships and SaaS security assessments (HECVAT, SOC 2, etc.).
• One or more Professional Security related Certifications: e.g. CISSP, CISM, CISA,Security+,SSCP.

. 

Preferred Qualifications

• Experience working in a higher education environment or other complex, federated institution.
• Managing multiple SaaS implementations and contract negotiations.
• Strong communication and collaboration skills with technical and non-technical stakeholders