Agency
Community College SystemDivision
Technology Solutions, Distance LearningJob Classification Title
NCCCS Exempt Officials & Administratior (NS)Position Number
65034091Grade
FLATRATEAbout Us
The North Carolina Community College System (System Office) is a statewide network of 58 public community colleges. The system enrolls over 500,000 students annually. It is the 3rd largest in the nation based on the number of colleges. It also provides data to the North Carolina Learning Object Repository by collecting, contributing, and sharing digital learning resources for use in traditional or distance learning environments. The mission of the North Carolina Community College System is to open the door to high-quality, accessible educational opportunities that minimize barriers to post-secondary education, maximize student success, develop a global, multicultural, and competent workforce, and improve the lives and wellbeing of N.C. citizens.
Description of Work
The System Office Information Security Officer (ISO) position has an emphasis on cybersecurity duties and responsibilities described below.Knowledge Skills and Abilities/Management Preferences
RECRUITMENT RANGE: $101,416-$121,956
**This is a Reposting. Previous candidates do not need to reapply**
EHRA - The position is designated Statutory Exempt (EHRA) and is exempt from the State Human Resources Act
This position may be eligible for hybrid or remote work in accordance with state and agency policy and depending on the location of selected candidate.
Candidates must reside in North Carolina at the time of hiring. Relocation assistance is not available for this position.
The Information Security Office is seeking a dedicated cybersecurity professional to join our dynamic team supporting the 58 Great Community Colleges across North Carolina.
As part of this collaborative group, you’ll play a critical role in safeguarding the systems and data that empower thousands of students, faculty, and staff every day. This is more than a job—it’s an opportunity to make a statewide impact, strengthen cybersecurity resilience, and help shape the future of higher education in North Carolina.
The System Office Information Security Officer (ISO) role focuses on cybersecurity advocacy, thought leadership, and providing support to the multiple community colleges, which they are assigned to, encompassing the duties and responsibilities outlined below.
Cybersecurity Leadership
Deliver strategic and tactical cybersecurity guidance to college CIO, IT leadership, and executive teams. Collaborate with senior administration and academic leaders to define and implement a continuous improvement model for information security while fostering strong relationships across the institution.
Information Technology Security Expertise
Serve as the technical authority on multiple technologies, including on-premises and cloud security. Robust experience in a broad range of IT solutions from networks to servers and cloud-based platforms such as Microsoft Azure, Office 365, Amazon Web Services (AWS), and Google Workspace (G-Suite).
Information Security Program Development
Provide leadership and support for the design and execution of a comprehensive, institution-wide information security program. Assist in defining near-term, annual, and long-term security goals, strategies, metrics, and reporting mechanisms. Develop maturity models and roadmaps for continuous improvement aligned with local and system-wide policies and standards.
Security Awareness and Advisory
Drive security education and awareness initiatives. Provide expert advice on security best practices, vulnerabilities, and remediation strategies to reduce institutional risk.
Regulatory and Industry Awareness
Monitor and interpret evolving cybersecurity threats, trends, and regulatory changes impacting higher education at state, system, and national levels.
Compliance and Audit Support
Partner with compliance leadership to build integrated security and compliance programs. Ensure adherence to state and federal regulations (FERPA, PCI, HIPAA, FSA, GLBA, NIST 800-53/800-171). Support colleges with audit readiness, external assessments and compliance checks.
Incident Response Leadership
Assist colleges in identifying and responding to threats. Assist and coordinate institutional response to security incidents. Act as liaison to system and state resources during major events. Participate in Cyber Incident Response Teams (CIRT) for investigation and resolution.
Professional Development
Maintain and expand professional knowledge and skills through ongoing education and engagement with industry best practices.
This position may be eligible for hybrid or remote work in accordance with state and agency policy and depending on the location of selected candidate.
Minimum Education and Experience
Some state job postings say you can qualify by an “equivalent combination of education and experience.” If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.
Knowledge Skills and Abilities/Management Preferences
Minimum Education and Experience
Some state job postings say you can qualify by an ‘equivalent combination of education and experience.’ If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See the Education and Experience Equivalency Guide for details.
Bachelor's degree in computer science or a related IT field or related degree from an appropriately accredited institution and three years of progressive experience in IT security or closely related area including two years of supervisory experience;
or Associate degree in computer science or a related IT field or related degree from an appropriately accredited institution and four years of progressive experience in IT security or closely related area which includes two years supervisory experience; or an equivalent combination of education and experience.
The following Management Preferences are not required, but applicants that possess these skills are preferred:
Cybersecurity Experience & Leadership: Minimum of 3 years of hands-on cybersecurity experience, including demonstrated organization and program leadership, problem-solving, process improvement, and project management capabilities. Preferred certifications demonstrating experience include, but are not limited to, CISSP, CCSP, CISM, GCSA, CEH, GCIA, GCIH, and SANS.
Information Security Knowledge: Demonstrated understanding of security governance, frameworks, policies, and procedures, as well as compliance with federal and state privacy laws and regulations such as GLBA, FERPA, HIPAA, PCI-DSS, NIST 800-53/800-171, and CIS Controls.
Security Program Implementation: Proven experience in deploying, operating, and maintaining enterprise or local information security programs and technical controls.
Risk Management Expertise: Skilled in conducting risk assessments, audits, and reviews, with experience in vulnerability analysis, control evaluation, likelihood determination, and risk prioritization.
Technical Architecture Understanding: Solid knowledge of network and application architecture, including network protocols, routers, switches, and how these systems interoperate.
Security Operations & Forensics: Experience with incident response, intrusion detection, vulnerability and patch management, log analysis, and computer/network forensics.
Communication & Collaboration Skills: Excellent written and verbal communication skills, with experience presenting to executive leadership. Strong interpersonal and organizational abilities, and a proven track record of working effectively across cross-functional teams and diverse technical audiences.
STATE EMPLOYEE COMPENSATION & BENEFITS: All System employees are valued and offered a wide variety of competitive and family-friendly benefits. The state of North Carolina provides excellent comprehensive benefits. Employees may choose to participate in health insurance options, standard and supplemental retirement plans, and the NCFlex program (numerous high-quality, low-cost benefits on a pre-tax basis). Employees also receive paid vacation, sick, and community service leave. In addition, paid parental leave, and personal observance is available to eligible employees. Some highlights include:
Learn more about employee perks/benefits:
The North Carolina Community College System Office uses the Merit-Based Recruitment and Selection Plan to fill positions SUBJECT to the State Human Resources Act with the most qualified applicants. When a salary range or recruitment range is posted, the actual salary will be based on relevant competencies, knowledge, skills and abilities, internal equity, and budgetary considerations pertinent to the advertised position. All post-high school degrees must be from appropriately accredited institutions.
Individuals interested in applying for this position must complete the online process at https://www.nc.gov/jobs, Résumés will not be accepted in lieu of the application. Work history and credentials must appear on the application to receive consideration during the selection process.
For further information, please contact:
RECRUITMENT ADMINISTRATOR
North Carolina Community College System
Human Resources | Caswell Building
5001 Mail Service Center | Raleigh, NC 27699-5001
Email: marreroc@nccommunitycolleges.edu
EEO Statement
The State of North Carolina is an Equal Employment Opportunity Employer and dedicated to providing employees with a work environment free from all forms of unlawful employment discrimination, harassment, or retaliation. The state provides reasonable accommodation to employees and applicants with disabilities; known limitations related to pregnancy, childbirth, or related medical conditions; and for religious beliefs, observances, and practices.
Recruiter:
Cassandra MarreroRecruiter Email:
MARREROC@NCCOMMUNITYCOLLEGES.EDU