Director, Information Technology Operations and Cybersecurity - PROMOTIONAL ONLY

The Poway Unified School District seeks a Director of Information Technology Operations and Cybersecurity to lead onsite cybersecurity and data privacy programs, device management, and the IT service desk. This senior role oversees infrastructure and enterprise systems to align with instructional initiatives, with a salary range of USD 140,712 to 170,508 per year.

Responsibilities

• Plan, direct, and oversee the district's cybersecurity and data privacy programs and operations.
• Lead and coordinate information security functions districtwide to ensure consistent, high‑quality security management aligned with business goals.
• Act as the district's chief cybersecurity officer and the primary point of accountability for protecting confidential student and employee data.
• Design and implement cybersecurity controls in accordance with frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO standards to safeguard confidential data, including student, employee, health, and financial information.
• Perform cybersecurity reviews of new and existing information systems and establish continuous improvement plans.
• Direct vulnerability management, penetration testing, security awareness training, phishing simulations, and tabletop exercises for staff and district leadership.
• Maintain a current risk register and present cybersecurity risk assessments to the Superintendent’s Cabinet.
• Develop and maintain disaster recovery plans for district systems.
• Lead the cybersecurity incident response program, including detection, containment, eradication, recovery, post‑incident review, and required notifications to law enforcement, the California Department of Education, Cal‑CSIC, CSIA, and affected individuals as mandated by law.
• Coordinate with Risk Management to manage cyber insurance relationships, complete underwriting questionnaires, and ensure coverage and attestations meet district requirements.
• Collaborate with staff, vendors, and legal representatives to ensure security and privacy requirements are included in contracts and that third‑party data sharing complies with applicable laws and policies.
• Oversee identity and access management activities, including multi‑factor authentication, privileged access management, single sign‑on, conditional access, and least privilege across student and staff systems.
• Develop and enforce standards, guidelines, and policies for communications and networking systems and connected computing environments.
• Manage information security awareness programs for employees, contractors, and other authorized system users.
• Support the Chief Technology Officer in aligning infrastructure and enterprise systems with instructional initiatives.
• Partner with Educational Technology and school sites to assess needs and implement resulting support strategies.
• Oversee the district’s one‑to‑one student device program, staff device standards, mobile device management, endpoint protection, and asset lifecycle.
• Direct and manage the Integrated Technology Department's customer service operations.
• Oversee IT Service Desk and technology support teams to deliver responsive, equitable service in line with digital equity goals and the educational vision.
• Continuously enhance the team’s professional skills to keep pace with technology advances.
• Provide oversight for developing specifications and managing contracts for equipment and services, including negotiation and evaluation of vendors.
• Evaluate products and services for alignment with district needs and security requirements.
• Negotiate and approve security and privacy provisions of contracts, Data Privacy Agreements, and MOUs with educational technology vendors, in collaboration with Purchasing and legal counsel.
• Provide technical guidance to department leadership regarding assigned functions.
• Participate in policy, procedure, and program development related to technology operations.
• Coordinate communications with administrators, employees, legal counsel, contractors, auditors, and external organizations to resolve issues and share information.
• Maintain the district’s public-facing list of approved instructional applications.
• Maintain records related to SOPIPA compliance and student data privacy per AB 1584 for educational technology vendors.
• Coordinate responses to California Public Records Act requests for electronic data with senior leadership and legal counsel.
• Establish high standards for Integrated Technology performance and customer service and support.
• Publish and report on service level agreements, key performance indicators, and customer satisfaction metrics.
• Ensure district compliance with applicable laws, codes, rules, and regulations.
• Direct the work of staff and contractors, including project teams designing, configuring, implementing, and monitoring cybersecurity controls.
• Present program objectives, risks, proposed solutions, and project activities to the Board of Education, district leadership, employees, and committees.
• Prepare and maintain varied reports, records, and files related to assigned activities and personnel.
• Attend meetings, workshops, conferences, and training to stay current on emerging cybersecurity trends.
• Perform duties as they relate to the position.

Requirements

• Must hold a valid California driver’s license.
• Must have access to a private vehicle.
• Must remain insurable under the district’s vehicle driver’s insurance policy at the standard rate.

Technologies

• NIST Cybersecurity Framework
• CIS Critical Security Controls
• Internal Standardization Organization (ISO)

Supplemental Information

• Possession of a valid California driver’s license and availability of a private vehicle is required.
• Must remain insurable under the district’s vehicle driver’s insurance policy at the standard rate.