Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Duties and Responsibilities

Leadership

 

 

  • Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.
  • Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
  • Operate with a high degree of independence with regard to project management activities, including development of project plans and budget/resource estimates.

...

Risk

  • Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
  • Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems.

...

  • Must be able to assess computer hardware, software, and systems for security risks or violations and work with ITS and campus staff and technology vendors to recommend solutions. Develop strategies to address awareness and training for all stakeholders as well as technical solutions. Must be able to assess the status of complex multi-location projects as well as identify and implement appropriate corrective measures to resolve issues as they arise. Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations.
 
Contingency planning (IR, BC, DR)

...

Knowledge, Skills, and Abilities

Minimum Qualifications

  • <<x>> years of advanced IT skills with high level of information security experience and expertise
  • Knowledge of information security risk management frameworks and compliance practices.
  • Knowledge of securing network technologies, client, and server operating systems.
  • Ability to develop security standards and guidelines based on best practices and industry standards
  • Experience responding to, analyzing, and communicating information security incidents
  • <<x>> years of planning and managing security projects
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
  • Understanding of common security standards and regulations relating to a higher education environment (e.g., PCI DSS, FERPA, ISO2700x, etc.)
  • Must be well versed with laws affecting the higher education environment in the following areas:
    • Student Privacy
    • Health Care
    • Finance
    • Research Compliance
    • State Regulations

Preferred Qualifications

  • Bachelor’s degree in information technology or other related field

  • Information security experience in higher education or state/local government

  • Skills in documenting risk and compliance activities

  • Information security related training or certifications such as CISSP or CRISC

  • Experience performing information security audits or risk assessments

  • Familiarity with security auditing processes

  • Must be familiar with dashboard creation

  • Must have an understanding of campus policy development and dissemination

...