jobslist.kent.edu | Human Resources | Kent State University

Chief Information Security Officer

Apply now Position Number: 988247
Work Type: Staff/Unclassified
Location: Kent Campus
Category: Full-time
Home Org/Dept: Cybersecurity & Privacy [(101120)]

Job Title:

 Chief Information Security Officer

Physical Location:

 Kent Campus - Kent, OH

Salary:

 $133,000 - $170,000

Basic Function:

Serves as an advocate for Kent State’s total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the university. Leads the development and implementation of a security program that leverages collaborations and university-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. Reports to Vice President Information Services and Chief Information Officer (VPIS/CIO).

Additional Basic Function – if applicable:

 NOTE: TO VIEW THE FULL POSTING INFORMATION PROVIDED BY THE EXECUTIVE SEARCH FIRM (HANDLING THIS POSITION), NAVIGATE TO: Download File CISO_KentState-2018-09.pdf

Examples of Duties:

Duties/essential functions may include, but not be limited to, the following: 

Responsible for the strategic leadership of the university's information security program; establish an inclusive and comprehensive information security program for the university in support of academic, research, and administrative information systems and technology.

Provide guidance and counsel to the VPIS/CIO and key members of the university leadership team, working closely with senior administration, academic leaders, and the university community in defining objectives for information security.

Work with university leadership to oversee the formation and operations of a university-wide information security organization that is organized toward a common goal in information security.

Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.

Provide supervision and leadership for the Information Security Office.

Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.

Work with Internal Audit and outside consultants as appropriate on required security assessments and audits.

Coordinate and track all information technology and security related audits including scope of audits, colleges/units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses.

Develop a strategy for audits, compliance checks and external assessment processes for internal/external auditors, including: PCI, GLBA, GDPR, HIPAA, FERPA and FISMA.

Create education and awareness programs and advise operating units on security issues, best practices, and vulnerabilities.

Pursue student security initiatives to address unique needs in protecting identity theft, mobile social media security, and online reputation program.

Act as primary control point during significant information security incidents; convene response teams as needed in addressing and investigating security incidences that arise.

Examine impact of new technologies on the university's overall information security; establish processes to review implementation of new technologies to ensure security compliance.

Serve on various department, division, and university committees; represent the university concerning security compliance and related technology.

Monitor budget; review and approve purchase orders; oversee personnel actions.

Perform related duties as assigned.

Additional Examples of Duties – if applicable:

 

Minimum Qualifications:

Bachelor’s degree in computer science, information systems, or other related field. Six years’ of IT work experience with a broad range of exposure to all aspects of systems analysis and applications development, including experience with managing teams and projects for information systems.

License/Certification:

Certified Information Systems Security Professional (CISSP certification or related security certification).

Knowledge Of:

A strategic grasp of information security at both institutional and operational levels
Personal computer applications *
Phases of software development lifecycle
Project management principles, strategic planning, and budgeting
Networking and server operation principles
Risk management principles
Data privacy regulations and industry requirements
Incident response

Skill In:

Providing leadership, direction and interpersonal communication *
Well developed skill in written and verbal communications *
Read and write technical documentation *

Ability To:

Provide leadership and direction *
Develop and implement plans *
Work independently and as part of a team
Communicate with both technical and non-technical staff *
Explain technical issues to non-technical personnel
Work effectively with an array of constituencies in a community that is both demographically and technologically diverse
Provide leadership that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other university priorities
Stay abreast of information security issues and regulatory changes affecting higher education at the state and national level, participate in national policy and practice discussions, and communicate to campus on a regular basis about those topics
Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position

Preferred Qualifications – if applicable:

Master’s degree in information technology or a related field
10 or more years of experience directly related to the role
Higher education experience.
Experience in developing policy and procedure in a complex, decentralized environment.
Experience providing education and training programs on security policies and practices to a range of technical and non-technical constituents.
Experience with national cyber security community such as REN-ISAC or related organization.

Assessments:

Asterisk (*) indicates knowledge, skills, abilities which require assessments

Working Conditions / Physical Requirements:

Light work-Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently to move objects. Incumbent must be able to communicate with others. Incumbent may be required to travel from building to building frequently and off campus occasionally.

Working Schedule:

 

Additional Information:

 

Must pass a security check.


We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.


For official job descriptions, visit www.kent.edu/hr


Kent State University is a Smoke-Free, Tobacco-Free University effective July 1, 2017. Smoking and tobacco use are not permitted on any of Kent State’s campuses or other locations and properties that are owned, operated, or leased by Kent State, both domestic and international. For additional details, visit www.kent.edu/smoke-free.

Disclaimer:

The intent of this description is to illustrate the types of duties and responsibilities that will be required of positions given this title and should not be interpreted to describe all the specific duties and responsibilities that may be required in any particular position. Directly related experience/education beyond the minimum stated may be substituted where appropriate at the discretion of the Appointing Authority. Kent State University reserves the right to revise or change job duties, job hours, and responsibilities.

Advertised: Eastern Daylight Time
Applications close: Eastern Daylight Time

Back to search results Apply now Refer a friend

Share this: | More

 

 

Military Friendly '18-19 Bronze School
Insight into diversity Higher Education Excellence in Diversity Award 2018. Top Colleges for Diversity