[View Printable Version]
MANAGER OF INFORMATION SECURITY AND DISASTER RECOVERY
DISTINGUISHING FEATURES OF THE CLASS
The work involves responsibility for planning, developing, implementing, directing and maintaining the disaster recovery and information security services of the CNY Regional Information Center. This includes developing, documenting and maintaining the detailed plan for disaster recovery and business continuity for K-12 institutions, the Regional Information Center, and local BOCES. Plans will be developed utilizing industry established guidelines and architecture.
In addition, this position will be the identified data security officer for the organization. All new and existing services will be reviewed and tested for adherence to established integrity and security standards, including but not limited to the Children's Internet Protection Act, the Health Insurance Portability and Accountability Act and other local, state and federal guidelines. The incumbent directly supervises subordinate staff such as clerical, technical, and support staff as needed. The work is performed under the direct supervision of the Assistant Director of the CNY Regional Information Center. Does related work as required.
TYPICAL WORK ACTIVITIES
Confers with component school districts to assess risks for disaster recovery and business continuity planning for key technology services.
Coordinates local and regional efforts for disaster recovery and business continuity planning which may include chairing advisory groups for the region.
Serves as a liaison between key members of disaster recovery planning committees including administration, technology departments, application personnel and boards of education.
Maintains current knowledge and evaluates security and disaster recovery industry trends and resources.
Reviews disaster recovery and security plans and policies regularly.
Provides technical direction for the implementation of security measures or resources in the area of information technology such as recommending selection of equipment, software or purchased services to implement the established disaster recovery, business continuity, or security initiatives.
Analyzes and evaluates the performance of disaster recovery or security systems or programs implemented in local school districts or BOCES.
Coordinates the development of security standards for data, network, and application access within the organization.
Develops and maintains a budget for this service.
Supervises subordinate staff.
FULL PERFORMANCE KNOWLEDGE SKILLS, ABILITIES AND PERSONAL CHARACTERISTICS
Thorough knowledge of Information Technology systems and software including: computer servers, local and wide area networks, communication equipment, centralized hosted services, web access and security.
Thorough knowledge of disaster recovery and business continuity management methodologies.
Thorough knowledge of security standards and policies in an information technology/computer support setting.
Ability to be self-motivated and well organized.
Ability to express ideas clearly and concisely with various groups.
Ability to prepare comprehensive and detailed oral or written reports and documentation.
Ability to establish and maintain effective and productive working relationships with customers and peers in the area of responsibility.
Ability to supervise the work of subordinate staff in a manner conducive to full performance and high moral.
A) Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with a Baccalaureate degree in computer science, businesses administration or a closely related field, and two (2) years of work experience or its part-time equivalent in information technology which included information security, disaster recovery planning and business continuity management; or,
B) Graduation from a regionally accredited college or university or one accredited by the New York State Board of Regents to grant degrees with an Associates degree in computer science, business administration or a closely related field and four (4) years of work experience or its part time equivalent in information technology which included information security, disaster recovery planning and business continuity management; or,
C) Six (6) years of work experience or its part time equivalent in information technology which included information security, disaster recovery planning and business continuity management; or,
D) An equivalent combination of training and experience as described by the limits of (A), (B) and (C) above.
9/2009 Date of Original Composition