To apply, please submit a cover letter and resume to TechnologyCareers@baylorschool.org.
Baylor School is excited to announce the creation of this new and critical senior position within the Technology Team. If you are a cybersecurity professional who wants to apply your knowledge to develop cyber programs, provide leadership in your area of expertise, and retain a daily technical role … all while making a real, tangible, difference to the lives of our students and future leaders … apply today!
Job Summary
Reporting directly to the Chief Information Officer, the Cybersecurity Analyst and Program Manager (herein, “Cyber Manager”) is a critical position that owns and oversees Baylor School’s enterprise cybersecurity program (which includes vulnerability management, patch management, endpoint protection, vendor risk assessment, and communications) and is responsible for daily security operations as well as strategic cyber initiatives. The Cyber Manager establishes an enterprise security stance through policy, architecture, controls, and internal education and is the primary point of contact for vulnerability assessments, audits, and mitigation activities.
As the institution’s most senior cyber analyst, the Cyber Manager maintains, develops, and configures the school’s security information and event management (SIEM) tools, investigates incidents and events, performs proactive threat hunting, plays a key leadership role in incident response, and is a subject matter expert for the school’s disaster response and business continuity efforts.
The Cyber Manager has a secondary role as Microsoft 365 tenant administrator and is a cybersecurity subject matter expert and consultant for all members of the Technology Team.
You might see job titles like the following that perform a similar role: Senior Cyber Analyst; Information Security Manager; Senior Systems Administrator; Assistant CISO; IT Security Manager; Cybersecurity Specialist.
While this position is eligible for remote and hybrid work, on-campus is preferred.
The Team
The Baylor School Technology Team is a highly collaborative, inclusive, and enthusiastic group of IT professionals who take pride in their work and relish the opportunity to learn, teach, and share their expertise. Covering all aspects of technology from administrative systems to communications platforms, audio-visual to classroom equipment, and emergency notification to residential life, the team excels at balancing user advocacy, equity, and regulatory compliance to provide Baylor School’s employees and students alike with a first-class technology environment. Under the new leadership of Dr. Dave Robinson, the team is undergoing a period of strategic investment by the school; this new position is evidence of that commitment.
The School
Baylor School is an independent (private) school for grades 6-12 located on nearly 700 acres along, and overlooking, the Tennessee River and surrounding mountains. The school enrolls 1,110 students, including 237 boarding students from 26 states and 16 countries. Students and faculty are drawn by the school’s strong academic programs, diverse extracurricular activities, supportive school community, and impressive facilities. Our students thrive in a college preparatory community that features Global Scholars and student exchange programs, a STEM curriculum that includes an independent research component, a civic scholars program focused on leadership outside of the school community, championship athletic programs, a thriving fine arts program, and an alumni network that impresses, from Pulitzer Prize winners to PGA pros.
The Chattanooga Area
Chattanooga is a vibrant city that offers an exceptional quality of life and a thriving work environment. Nestled along the banks of the Tennessee River and surrounded by picturesque mountains, Chattanooga offers stunning natural beauty and a wealth of outdoor activities, from hiking and biking to kayaking and rock climbing. The city is known for its innovative spirit, with a burgeoning tech scene and a strong commitment to sustainability, earning it the nickname “Gig City” for its high-speed internet infrastructure. Chattanooga’s rich cultural scene, diverse dining options, and friendly community make it an ideal place to call home. Whether you’re looking to advance your career or enjoy a balanced lifestyle, Chattanooga provides the perfect backdrop for both professional growth and personal fulfillment.
More about the position…
Responsibilities
Enterprise cybersecurity strategy, planning, and procedures
• Create (with the CIO), oversee, and manage the System Security Plan (SSP), and similar enterprise documents.
• Create and maintain policies, standards, security baselines, procedures, and recommendations.
• Create, maintain, and manage Enterprise (IT) Business Continuity Plan and (IT) Disaster Recovery Plan.
Continuing education and familiarization with
• Current cyber threat landscape
• Best practices for cybersecurity, information security, and related disciplines
Operational Security
• Vulnerability Management
• Create, oversee, and manage the IT vulnerability management program
• Lead for all vulnerability assessments, penetration tests, and audits; including developing and tracking to completion resultant Plan of Actions and Milestones (POAM).
• Regular assessment of endpoint security, enterprise vulnerability stance
• Senior Cyber Analyst
• Perform all cyber investigations
• Perform regular threat hunting and strengthen the cyber architecture based on findings
• Manage and configure the enterprise SIEM
• Proactively assess the security posture of the enterprise
• Perform red and/or blue team activities as deemed appropriate
• Primary point of contact for MDR services
• Monitor threat intelligence feeds for proactive mitigation of threats
• Risk assessment
• Perform regular risk assessments for compliance, best practice, new solutions prior to deployment, and internal processes
• Perform vendor risk assessments
• Champion the confidentiality, integrity, and availability of enterprise data
Presentation and Knowledge Sharing
• Regular presentation to CIO, IT Team, School Leadership, and Board of the cybersecurity program, accomplishments, limitations, strategy, and plans
• Educational presentation to employees regarding current cybersecurity threats and protections
• Supervise regular security awareness training and campaigns for all school students and employees
• Develop and maintain cooperative relationships with all constituents to support a culture of open dialog and appropriate levels of transparency around cybersecurity decisions
Microsoft Tenant Administration
• Backup administrator for enterprise Microsoft tenant
Requirements
Education and Training
• College diploma, university degree, or 5 years of directly relevant technical experience and training
• Minimum of 3 years experience as a cybersecurity analyst or in a similar role
Demonstrated Experience at the Enterprise Level
• Security architecture
• Policy development
• Vulnerability management
• Risk assessment
• Threat hunting, log analysis, or SIEM management
• Identity management
• Understanding and navigating compliance, legal, or regulatory frameworks
• Implementing controls within NIST, or similar, frameworks
Demonstrated Technical Skills
• Microsoft tenant management
Essential Qualities
• Collaborative decision-making
• Transparent communication
• Equitable, inclusive, and impartial approach to decision-making
Preferred Qualifications
• Minimum of 5 years experience as a cybersecurity analyst or in a similar role
• One or more of the following qualifications:
• GIAC Security Essentials Certification
• GIAC Security Leadership Certification
• ISACA Certified Information Security Manager
• Microsoft Certified Systems Engineer: Security
• (ISC)2 SCCP
• (ISC)2 CISSP
• (ISC)2 ISSAP
• (ISC)2 ISSMP
• Demonstrated technical experience managing and configuring one or more of the following platforms
• Microsoft Purview
• Microsoft Sentinel
• Next Generation Firewall
• Practical experience in one or more of the following
• Vulnerability assessment
• Penetration testing
• Risk assessment
• Experience in educational environments, especially K-12 or Higher Education
• Experience in private or independent schools, colleges, or universities
Note: The Cyber Manager is expected to gain, if not already held, the CISSP qualification within 1 year of starting the position, or within 2.5 years if additional industry experience is required per the qualification requirements. Professional development funds are available to cover the cost of the course, training, and an exam.
Example Competencies
Competencies exhibited by a successful Cyber Manager include:
• Demonstrates a thorough knowledge of relevant security legislation and laws.
• Demonstrates a thorough understanding of IT security principles, requirements, and standards, and enforces them in the workplace.
• Performs risk assessments in the organization.
• Develops plans for testing high impact threats on security.
• Coaches others in developing their security testing skills.
• Combines expert security and data protection knowledge with business insights to serve as an authority on security in the organization.
• Determines and manages serious threats and intrusions in the organization.
• Develops disaster recovery plans.
• Incorporates policy and compliance procedures in job role.
• Rarely asks for assistance in determining policy requirements, and knows where to look for them when they do.
Accountability
This senior position is expected to work with minimal direction, take critical actions independently, make critical decisions independently, and make a significant positive impact on the cybersecurity of the campus and its user community. The Chief Information Officer is available for guidance and consultation whenever needed.
For full details, view the job description posted online.