Job description

Job Description Plans, designs, and implements security solutions to protect Baltimore County Public Schools' hybrid IT environment. Reviews regulatory security policies, as well as best practices, and collaborates to optimize processes for user accounts, managing access permissions and collaborating with cross-functional teams to enhance the organization's security posture. Performs other duties as assigned. Responsibilities • Manage identity and access systems across Active Directory, Google Workspace, Azure, and Oracle Cloud ERP platforms. • Integrate log sources from multiple platforms into the enterprise security information and event management (SIEM) and monitor security incidents. • Develop and implement single sign-on (SSO) solutions and enforce security policies, standards, and procedures. • Create scripts and automation tools to streamline identity and access management workflows and reduce manual effort. • Assess and report on risks related to Active Directory and Privileged Access Management (PAM), ensuring compliance with regulatory requirements. • Administer user accounts, manage Microsoft licensing, and coordinate account lifecycle processes including creation, modification, and offboarding. • Leverage Power Automate, Power BI, and Business Objects for data analysis, reporting, and process automation. • Conduct regular audits of user accounts and access logs to maintain compliance with security standards. • Apply NIST Cybersecurity Framework (CSF) controls to identify, protect, detect, respond to, and recover from security threats across the organization's IT infrastructure. • Perform server hardening and maintenance activities including security configuration, patch management, and implementation of baseline security standards for Windows and Linux environments. • Perform other duties as assigned. Qualifications Experience, Education and Training: • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field. • Three years of experience in systems administration to include Identity and Access Management (IAM). • Three years of experience with Microsoft Graph, PowerShell scripting, Microsoft Servers and Active Directory environments. • Three years of experience with SQL and database integration. Preferred Qualifications: • Experience with Oracle Cloud ERP account management and Oracle/AD integration. • Experience with Business Objects report development. • Familiarity with Zero Trust and Cloud Identity federation models. • One year of supervisory or team lead experience. Note: Other combinations of applicable education, training, and experience that provide the knowledge, skills, and abilities necessary to perform effectively in the position may be considered. Licenses and Certificates: One or more of the following certifications is required: • Microsoft Certified: Azure Administrator Associate • Microsoft Certified: Azure Security Engineer Associate • CompTIA Security+ • Certified Information Systems Security Professional (CISSP) • Oracle certifications related to ERP SAAS solutions preferred. • Possession of a valid driver's license equivalent to a non-commercial class C Maryland driver's license is required. Knowledge, Skills, and Abilities: • Skill in scripting and programming languages such as Python, PowerShell, SQL, and VBA, with knowledge of C++ desirable. • Skill in analysis and problem-solving, particularly in IAM and user lifecycle management. • Knowledge of Single Sign-On (SSO) and federation solutions, including Azure AD, Azure B2C, Microsoft Graph, and Google Workspace. • Knowledge of information security principles, vulnerabilities, and threat mitigation strategies. • Ability to automate and optimize processes using tools like Power Automate and Power BI. • Strong organizational, collaboration, and communication skills, with the ability to work in agile or iterative environments. • Ability to interface effectively with HR, Finance, and Enterprise teams for security and user management needs. PHYSICAL AND ENVIRONMENTAL CONDITIONS: The work of this class is generally sedentary and performed in an office environment. Duties require travel to schools and facilities throughout Baltimore County and other areas. May involve the lifting and carrying of heavy network infrastructure equipment. May be required to use their own vehicle to respond to remote sites for troubleshooting. CONDITIONS OF EMPLOYMENT: Employees in this classification are Essential-As-Needed personnel which states that employees are required to work when schools and/or offices are closed during adverse weather conditions or any other emergency when contacted and directed to do so. Persons appointed to this class will participate in a rotational 24/7 on-call and may be required to work beyond their normally scheduled hours with little or no advanced notice. Work includes evenings and weekends as required. FLSA: Exempt RETIREMENT: Eligible for the Baltimore County Employees' Retirement System. GRADE: OPE Grade 09 SALARY: $95,138 - $150,025 (Valid Until 12/31/2025) $97,754 - $157,234 (Effective 1/1/2026) Visit the BCPS Office of Payroll website for additional information on pay scales, other compensation and leave accruals at: Office of Payroll - Baltimore County Public Schools - www.bcps.org/operations/fiscalservices/payroll OTHER COMPENSATION: Position may be eligible for relocation bonus, extra duty activities pay, or other student activities pay as defined in the applicable Bargaining Unit Agreement. BENEFITS: BCPS offers a comprehensive benefits program for eligible employees including options for medical plans, dental plans, vision, life insurance, flexible spending accounts, disability coverage, and 403(b)/457 plans. Other benefits include paid holidays, sick, personal business, and bereavement days, and flexible leave options such as FMLA, sick bank, and board approved leaves. All new hires will attend a benefits meeting upon hire. Visit the BCPS website for additional information about benefit plans for BCPS employees at https://www.bcps.org/hr/compliance/benefits_and_retirement This posting describes the duties and responsibilities of a position or group of positions. It shall not be held to exclude duties not referenced nor limit the right of management to assign work to employees. NON-DISCRIMINATION STATEMENT: The Board of Education of Baltimore County does not discriminate on the basis of race, color, religion, sex, national origin, age, marital status, sexual orientation, gender identity, genetic information, disability, or veteran status in matters affecting employment or in providing access to educational programs or activates and provides equal access to the Boy Scouts and other designated youth groups. Inquiries regarding the Board's nondiscrimination policies should be directed to: EEO Officer, Office of Equal Employment Opportunity, Baltimore County Public Schools, 6901 Charles Street, Building B, Towson, Maryland 21204 (443-809-8937). Application Instructions: Please read and carefully follow the instructions provided below. • Applicants are required to have a completed application on file for employment with Baltimore County Public Schools (BCPS). Information on your resume and application must match. This information is necessary for salary determination should you receive an offer of employment. • Professional references must be submitted to complete your application. Examples of professional references include current and former principals, supervisors, managers, mentor teachers and university/college supervisors. Personal references from colleagues, friends, community members, etc. will not be accepted. • Be sure to account for all periods of employment and unemployment. Failure to complete all fields of the "Work Experience" section of the application may result in your application not being considered. A resume will not be the only document considered in determining your qualifications for a position. • You MUST attach your unofficial transcript(s) or license(s) to your application if you are applying for a position as a teacher or position which requires Licensure/Certification. Proof of Licenses, Certifications and Education: • Applicants are required to submit proof of licenses, certifications and education beyond high school to meet the required and preferred qualifications of the position. Diplomas or transcripts must show the applicant's major field of study. Copies and unofficial transcripts are acceptable only at the application stage. Official transcripts must be provided only after you have accepted a contingent offer. • Failure to submit proof of Licenses, Certifications and Education may result in your application not being considered. Proof of licenses, certifications, and/or education must be submitted with your application. Proof of Degree Equivalency: • Applicants who have obtained a degree from outside the United States are required to submit degree equivalence documentation from a MSDE approved Foreign Transcript Evaluation Agency. This information is located on the MSDE website at https://marylandpublicschools.org/about/Pages/DEE/Certification/Foreign-Transcript-Evaluation-Agencies.aspx Pre-Employment Requirements: • All people employed by the Baltimore County Public Schools, regular and temporary, are required to be fingerprinted and have a criminal background investigation (per COMAR) completed. The fee charged for fingerprinting is $109. • Anyone offered employment is required to provide proper identification and documentation of eligibility for employment in the US. • If you have military experience, you will be asked to provide a copy of DD214. • Official transcripts will be required upon hire and must be sent via e-script/clearinghouse from your university. • Some positions will require employees to undergo a physical examination and/or drug testing. • All newly hired personnel must attend a Benefits and Retirement Orientation meeting. • Additional job verification will be required for salary credit. Contact Information Susan Stansbury, Director Staffing & Licensure 443-809-7874 sstansbury@bcps.org

Requirements