Director Of Information Security, (P4 Career Level, Exempt)

ABOUT GRINNELL COLLEGE

Grinnell College is a private liberal arts college located in Grinnell, Iowa and is ranked #11 on the U.S. News and World Report's list of Best National Liberal Arts Colleges.

Grinnell College is a top ranked Liberal Arts institution that values diversity, equity, inclusion, social justice, intellectual freedom, and social responsibility. We seek candidates that align with these values and have the ability and desire to advance our values and belonging within our community and the communities we engage. Ideal candidates will be prepared to collaborate and contribute to the mission and values of the college across all constituencies.

POSITION SUMMARY

The Director of Information Security provides vision for and leadership of the information security program at Grinnell College. With responsibility for the security and integrity of data within the college's myriad systems, the Director runs the ITS Information Security Team to provide educational, proactive, reactive, and strategic services. A critical member of the ITS leadership team, the Director provides risk assessments and advises upon acceptable levels of risk for the college.

The Director serves as the process owner of assurance activities related to the confidentiality, integrity and availability of college data, and helps ensure compliance with the Grinnell College information security program, Federal and State Law, and other internal and external regulations.

The Director is responsible for establishing and maintaining an institution-wide information security management program to ensure that information assets are protected in such a way that the college can deliver its mission. This includes vulnerability management, auditing and monitoring, policy, and standards. The Director is accountable to the Chief Information Officer and, ultimately, the Board of Trustees.

This position is fully remote-eligible.

Key Responsibilities

• Chair the Cyber Risk Governance Committee (CRGC)

• Manage and lead the Cyber Incident Response Team

• Arbiter of Grinnell College's Information Security Program and owner of the Grinnell College cybersecurity control framework

• Work closely with ITS to secure the technology infrastructure

• Assist the CIO with developing and monitoring budgets

• Collaborate with the Data Privacy Officer to ensure synergy

• Work with HR, Legal Counsel and other relevant bodies to assess policy and regulatory violations

• Manage and direct the ITS Information Security Team

• Active member of ITS Leadership Team

• Remain informed of trends and issues so as to educate and counsel the ITS team