Idaho State University Pocatello , ID 83205
Posted 3 weeks ago
Chief Information Security Officer, ITS (2760)
Pocatello - Main
Institution Information
Idaho State University, established in 1901, is a Carnegie-classified doctoral research and teaching institution, with a culture built on trust, compassion, stability, and hope. ISU serves over 12,000 students in Pocatello, Meridian, Twin Falls, and Idaho Falls. Students and faculty at ISU are leading the way in cutting-edge research and innovative solutions. We are proud to offer exceptional academics nestled in the grand, natural beauty of the West. We invite you to apply to be a part of our University community!
Job Description
The Chief Information Security Officer (CISO) is responsible for overall planning, development, implementation, and oversight of the University's campus-wide information security program. The CISO works collaboratively with the campus community to establish information security programs, including: information security policy, practices, and standards; information security awareness and training; information security incident response and management; risk assessment and management; and cybersecurity related IT architecture. Additionally, the CISO serves as the primary information security liaison to federal, state, local and professional organizations. This leadership position reports to the Chief Information Officer (CIO). The position will supervise information security staff and student employees with oversight responsibilities across campus for best secured practices. The CISO, after collaborating with ITS professionals and other campus constituents, will be responsible for recommending security technology solutions and security related policies to the CIO.
May be eligible for part-time hybrid remote work (as determined by supervisor; not to exceed 8 days per month).
Key Responsibilities
Responsible for designing, coordinating, implementing and enforcing Idaho State University's Information Security Program by:
Assuming overall responsibility for developing and maintaining the university information security program
Establishing and enforcing information security policy, standards and practices
Identifying and addressing compliance requirements
Developing, implementing and maintaining information security incident response protocols
Providing systems forensics when necessary
Serving as liaison to federal, state, local, and professional organizations
Providing leadership and visibility in the area of information security for Idaho State University
Providing reports on the current status of ISU's information security and compliance
Serving as ISU's primary point of contact for all information security requests and questions
Develop and maintain a coordinated plan for information security technology by:
Coordinating with ITS units and departmental system admins in the identification of an appropriate mix of security technologies
Developing strong relationships with ISU constituents and other state security officers
Proposing technologies, budgets and implementation activities to ISU leadership
Maintaining strong knowledge of current industry trends
Maintaining technical competence in chosen tools
Participating in industry groups, networking with peers, and developing collaborations
Coordinating third-party security assessments as necessary Manage ISU's Information Security personnel Participate in Campus leadership
Minimum Qualifications
Bachelor's degree in Computer Science, Management Information Systems, or related field
Possess, or obtain within the first six months, Certified Information Systems Security Professional (CISSP) or other relative information systems security certification.
Extensive knowledge of and 5 years' experience in information security
Knowledge of laws and regulations including but not limited to: Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability Accountability Act (HIPAA), Gramm-Leach- Bliley (GLB) Act, and Sarbanes-Oxley
Capability and experience in establishing processes to review implementation of new technologies to ensure security compliance
Demonstrated skills in team building, training, coaching, mentorship, and leadership with 5 years' experience managing staff
Demonstrated ability to collaborate with cybersecurity faculty and students in productive ways
Knowledge of information regulatory requirements and standards such as ISO 27001/2, Critical Security controls and NIST 800-171
Excellent interpersonal, written, and oral communication skills with the ability to communicate security-related concepts to a broad range of technical and non-technical staff
Experience in managing as well as in negotiating vendor contracts and agreements with end users, service providers and regulatory agencies
Proven problem solver who is experienced with information security related issues involving identity and access management, intrusion detection, forensics, incident management, risk management and/or auditing
Successful experience working, collaborating and establishing credibility and relationships with senior leadership, colleagues and customers
Preferred Qualifications
Master's Degree or equivalent work experience preferred
Knowledge of research, administrative, and instructional computing needs (including library support, university advancements, academic, and administrative services)
Demonstrated knowledge of developing an information security awareness and training program
Demonstrated experience with developing and maintaining information security policies
Technical experience in network administration, system administration, application development, database administration, systems analysis, and/or data center operations
Knowledge of networking fabric design, firewalls, and software implementations
Experience in developing total cost of ownership analyses for large technology implementations
Experience in preparing grant proposals and in investigating enhanced funding models
Experience in committee and task force leadership
Additional Information
You must submit your CV/resume, cover letter, and list of three (3) professional references, including current contact information. This position will remain open until it is filled; however, priority consideration will be given to applications received on or before July 8, 2024. Salary will be between $120,000 - $140,000 per year, commensurate with education and experience. Benefits include comprehensive health, dental, and vision; life insurance; disability plan; employee assistance program (EAP); excellent retirement options and company contribution; and generous paid time off/sick leave accrual. All offers of employment are conditional pending the successful completion of a background investigation, provided by HireRight.
Posting Number: req2234
Type: Working 12 months per year
Position: Non-classified Staff
Division: Information Technology Services
The State of Idaho is committed to providing equal employment opportunities and prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, political affiliation or belief, sex, national origin, genetics, or any other status protected under applicable federal, state, or local laws.
The State of Idaho is committed to access and reasonable accommodations for individuals with disabilities, auxiliary aids and services are available upon request. If you require an accommodation at any step in our recruitment process, you are encouraged to contact (208) 334-2263 (TTY/TTD: 711), or email ada.coordinator@dhr.idaho.gov.
Preference may be given to veterans who qualify under state and federal laws and regulations.
Idaho State University