Classification Details


Code
5366
PCLS
N1017
Pay Grade
204
Exempt
Yes
ORP
Yes
EEO Code
3
Title
Chief Information Security Officer
Description
The Chief Information Security Officer (CISO) is responsible for the information security program of the University and the coordination of information security efforts. The CISO coordinates the process to build a University-wide information security strategy and vision; oversees the creation and maintenance of the over-arching University information security policies, procedures, and standards; leads security risk assessment efforts, incident investigations and resolutions, disaster recovery and business continuity planning, and owns the University's information security and awareness training program.
Examples
Manages the development, implementation, and maintenance of the University information security and privacy policies, standards, guidelines, baselines, processes and procedures in compliance with state and federal regulations and standards. Develops and leads the University's incident response and investigation procedures and processes. Assists in the development of disaster recovery and business continuity plans and procedures. Serves as an effective member of the leadership team and communicates information security related concepts to a broad range of technical and non-technical employees. Monitors and reports on information security activities and compliance University-wide. Performs security assessments on the acquisitions of technology products, tools and services. Provides guidance and advocacy regarding prioritization of infrastructure investments that impact information security. Monitors information security trends and keeps the University's senior management informed about security related issues and activities affecting the University. Understands potential threats, vulnerability, control techniques, and communicates this information to senior management. Serves as liaison to local, state, and federal law enforcement and other related government agencies on information security related issues. Develops and administers a University-wide information security training and awareness program. Carries out supervisory responsibilities in accordance with the University's policies and applicable laws. Acts as ombudsman for disputes, requests for exceptions, and complaints regarding University-wide information security systems security policies, practices and related issues. Performs other duties as assigned.
Physical Condition
Ability to lift 50 lbs. Ability to sit or stand for long periods of time.
Experience
Minimum of 10 years experience in computing and information security at a large enterprise. Three or more years of supervisory experience.
Knowledge
Knowledge and understanding of University organization, higher education, governmental agency or corporate/industry information security, goals, objectives, and policies and procedures.
Education
Bachelor's degree required. Master's degree preferred. Any combination equivalent to graduation from an accredited four-year college or university with a major in computer information sciences, business administration or related field.
Additional Requirements
Must be able to establish effective working relationships at all levels of the institution. Ability to communicate clearly orally and in writing, to describe technical issues in non-technical terms, capacity to make presentations to diverse audiences, and the ability to work in a multi-cultural environment. *Regular reliable attendance is required. *This position is designated as security sensitive (High) and requires a criminal background check.

Last Updated 04-30-2018