Director IV, Information Technology Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Fairfax County Public Schools · 1 day ago

Director IV, Information Technology Security

positionVirginia, United States
timeFull-time
remoteOnsite
seniorityDirector/Executive
money$146,798/mo - $223,318/mo
date6+ years exp

Fairfax County Public Schools is seeking a Director IV for Information Technology Security to lead their IT Security office. This role involves directing a comprehensive IT Security program, managing security risks, and ensuring compliance with regulatory requirements while aligning with the organization's strategic goals.

EducationHigher EducationKnowledge Management
check
H1B Sponsor Likelynote

Responsibilities

Leads in the development, implementation, management, maintenance, and evaluation of a comprehensive cybersecurity program, including security standards, policies and procedures, awareness and training plans, and the overall information security framework
Provides technical leadership & security operations supporting network security architecture, segmentation & infrastructure protection, Security Operations Center (SOC) management & risk assessment, Data Loss Prevention (DLP) & data protection, endpoint & application security, incident response & security event management
Projects the need for, manages, and is accountable for human, physical, and financial resources to maximize the efficiency and effectiveness of the office
Designs, implements, and optimizes network segmentation strategies and zero-trust architecture across a distributed environment
Leads incident response for the investigation and remediation of security breaches and cyberattacks; directs forensic review, containment actions, recovery processes, and post-incident improvement measures
Oversees threat detection, alert triage, escalation, and tuning of security operations technologies
Manages the process of gathering, analyzing, and assessing the current and future threat landscape, providing leadership with a realistic overview of risks and threats
Leads IT security risk management and assessment activities; initiates and oversees scheduling, performance, and reporting of internal and external audits and assessments identifying security vulnerabilities
Determines acceptable data security risk levels and identifies necessary mitigation strategies
Develops and executes vulnerability management processes that include scanning, prioritization, remediation coordination, and validation in partnership with technical teams
Oversees data loss prevention strategies across endpoints, networks, and cloud environments, ensuring data protection measures support instructional and operational accessibility
Consults with relevant staff to ensure security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software
Plans short- and long-term goals and objectives for the office, department, and school division. Lead security risk assessments, prioritize initiatives based on risk and operational impact, and ensure compliance with FERPA, CIPA, NIST frameworks, and applicable regulations
Drive continuous improvement of the cybersecurity program with measurable KPIs
Directs a highly technical staff charged with mitigating cyber risks, minimizing the likelihood of a breach, and maintaining compliance with security requirements related to applicable regulations
Develop, maintain, and enforce security policies, regulations, standards, and procedures that support educational objectives
Ensures strong change management and communication with system owners and establishes agreements regarding risk management strategies and processes
Oversees the work of vendors or contractors. Evaluate and select security technologies that address real risks without creating operational friction, balancing long-term architecture evolution with short-term operational needs
Performs related duties as required or assigned

Qualification

IT Security ManagementNetwork Security ArchitectureIncident ResponseData ProtectionIdentityAccess ManagementCloud SecuritySecurity AutomationApplication SecurityNIST ComplianceAnalytical SkillsLeadershipCommunication Skills

Required

Any combination of education and experience equivalent to a master's degree in computer science, information technology, cybersecurity, or a field appropriate to the assignment
Six (6) years experience in information technology and IT Security, including technical leadership and architecture roles. Four (4) years of which include experience in managing enterprise-level security programs and operations in large, complex environments including direct experience working deeply in several of the following areas: Network security architecture and controls, Security operations and incident response, Data protection and loss prevention, Cloud and endpoint security, Identity and access management, Security automation and orchestration (SOAR), Application security and secure development, Experience aligning these programs with NIST, CIS, and related industry standards
Must hold one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), GIAC Security Leadership Certificate (GSLC)
Knowledge of identity and access management, network segmentation, endpoint and data protection, and incident response methodologies
Knowledge of network security architecture including segmentation, zero trust, next-gen firewalls, and network access control
Knowledge of SOC technologies such as SIEM, SOAR, threat intelligence, and incident response
Knowledge in cloud security, IAM/PAM, endpoint security (EDR/XDR), application security, and vulnerability management
Knowledge of information security principles, practices, and technologies
Knowledge of NIST Cybersecurity Framework, NIST 800-53, Center for Internet Security (CIS) Critical Security Controls, and MITRE ATT&CK framework
Knowledge of laws, regulations, and compliance requirements related to cybersecurity in educational environments
Ability to present technical information in a manner that is accessible to non-technical audiences
Ability to analyze complex problems, assess risk, and make pragmatic decisions that balance operational priorities and information security needs while considering business impact and constraints
Ability to lead and motivate technical teams in a high-demand and fast-evolving environment

Preferred

Experience in public sector or educational environments
Experience leading large-scale IT Security operations and managing multidisciplinary teams
Certified Cloud Security Professional (CCSP)
Offensive Security Certified Professional (OSCP)
Cisco Certified Network Professional (CCNP) Security
GIAC certifications, or equivalent advanced credentials

Company

Fairfax County Public Schools

twittertwittertwitter
Glassdoor3.7
company-logo
Fairfax County Public Schools is an education mangement & knowledge management platform & a school giving education to students.
dateFounded in 1870
location
Falls Church, Virginia, USA
people-size10001+ employees
web-link
https://www.fcps.edu/node/24745

H1B Sponsorship

Fairfax County Public Schools has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2020 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Marty Smith
Chief of Staff
linkedin

Recent News

Observer
How Teachers Are Actually Using A.I. to Reduce Burnout
2025-02-03
PR Newswire
Edupoint Honors Five Partner Districts in 5th Annual Synergy Achievement Awards Program
2024-12-05
Company data provided by crunchbase