Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
The IT Security Administrator is proficient in both cybersecurity governance and operational security monitoring within Information Technology Services. The role is responsible for reviewing existing, developing and maintaining institutional security policies, standards, and procedures to ensure compliance with regulatory requirements and best practices, while also contributing directly to the detection, investigation, and response to security threats. The incumbent collaborates closely with ITS leadership, compliance officers, and technical teams to translate security frameworks into actionable practices, support audits, and strengthen institutional awareness of cybersecurity risks. In parallel, the Security Analyst monitors security logs, responds to phishing and email security reports, and works with the Infrastructure team to contain and remediate threats. This position is both a contributor to governance and a practitioner of security operations, ensuring the confidentiality, integrity, and availability of institutional information assets. This position reports directly to the Chief Information Officer and receives technical direction and operational lead from the Director of IT Infrastructure Services and Security. This is a full-time, 12-month, benefit-eligible position.
First Application Review:
June 30, 2026•Open until Filled Applications received by this date will be considered in the initial pool
Salary & Benefits:
Anticipated Hiring Range:
$68,530•$84,977/annual•depending on education and experience
Cafeteria Plan:
In addition to the base compensation, benefits-eligible employees receive an extra $6,720 per year to put toward benefit costs or to be used as additional take-home pay
Paid Holidays:
21 (including a full week off between Christmas and New Year's Day and over Spring Break)
Vacation & Sick Leave:
Approximately 17 paid vacation days & 9 paid sick leave days accrued annually
Health Insurance and Other Coverage:
see https://www.coconino.edu/benefits/full-time-benefits Coconino Community College is an Equal Opportunity Employer Develop, write, review, and maintain clear, concise, and actionable ITS security policies, standards, and procedures aligned with institutional goals and regulatory requirements (e.g., FERPA, GLBA, NIST). Collaborate with ITS leadership, compliance officers, and key stakeholders to ensure policy documents reflect current operational practices and evolving cybersecurity threats. Translate technical security controls and frameworks (e.g., NIST
CSF, CIS
Controls) into user-friendly documentation for both technical and non-technical audiences. Ensure version control, audit trails, and documentation integrity are maintained across all ITS security documentation. Assist in the development of cybersecurity awareness content, acceptable use guidelines, and secure computing practices tailored to faculty, staff, and students. Support internal and external audits by preparing or reviewing security documentation to demonstrate policy compliance and control effectiveness. Monitor industry trends and best practices in cybersecurity governance to recommend enhancements to institutional policy frameworks. Partner with internal ITS teams to document technical procedures related to system hardening, access control, network security, and data protection. Review and analyze infrastructure and security system logs, investigating anomalies and escalating incidents as appropriate. Schedule and maintain vulnerability scanning, analyze and create documentation of remediation of discovered vulnerabilities. Respond to Phish Alert submissions, validate potential threats, and provide timely guidance or remediation actions in coordination with senior analysts. Review suspicious messages quarantined by the email security gateway, making informed release or block decisions to protect end users. Collaborate with the Infrastructure team to ensure timely detection, analysis, and response to security alerts across systems and networks. Document incident response activities, lessons learned, and recommendations to strengthen detection and response capabilities. Performs other duties as assigned. Knowledge of information security principles, practices, frameworks (e.g., NIST
CSF, CIS
Controls, ISO 27001) and regulatory requirements. (e.g., FERPA, GLBA) Knowledge and skill in log analysis, security event monitoring, and incident response processes. Knowledge and skill with email security gateways, phishing detection, and remediation strategies. Ability to write clear and structured policies, procedures, standards, and guidelines. Knowledge in technical documentation, regulatory references, and policy lifecycle management. Ability to work independently with minimal supervision, while also functioning effectively as part of a team. Skill in security awareness, communication, and end-user guidance. Skill in oral, written, and interpersonal communication. Bachelor's Degree in Computer Science, Computer Information Systems, or Cybersecurity and 3 years of directly related experience; or any equivalent combination of education, training, and/or experience approved by Information Technology Services and Human Resources. Preferred Master's Degree in Computer Science, Cybersecurity, or a directly related field, certifications in appropriate platforms, and over 5 years of directly related experience.
