Information Security Officer

About The Position

Requirements

• Bachelor’s degree or the equivalent in education and experience or a combination of relevant education, training, certifications, and work experience .
• Minimum five years of relevant experience in information security or related field.
• Experience presenting complex security concepts to a variety of audiences or groups (e.g. end-user training, security conference presentations, executive-level briefings).
• Familiarity with information security and data breach law, standards; and federal, state, and local regulations including PCI, FERPA, HIPAA, and NIST 800 series.
• Knowledge of network and authentication protocols, encryption types, and information security technologies.
• Experience with data networking, VPN, next-generation firewalls, network access controls, security information and event management (SIEM), authentication protocols, data encryption, and other relevant technologies
• Ability to work independently and as a member of a team, establish priorities, and work collaboratively as a member of a diverse community.
• Collaborative, constructive, and positive approach to work.
• Excellent oral, written, and interpersonal communication skills, including strong relationship skills.
• Attention to detail in both completion of work and documenting work products.
• Effective time management practices, applied in a fast-paced environment

Nice To Haves

• Experience working in higher education preferred.
• CISSP, GIAC or similar certification(s) preferred.

Responsibilities

• Coordinate the College’s information security program.
• Establish and maintain information security programs in collaboration with the campus community including policy and standards.
• Provide information security awareness and training; incident response and management; risk assessment and management; and relevant IT architecture to ensure the security of all sensitive data collected, processed, stored, and transmitted.
• Develop and maintain the campus information security roadmap for ensuring the security of technology services, computer systems, data networks, and data.
• Conduct and review ongoing vulnerability assessments of IT systems and coordinate periodic information security assessments at an organizational level.
• Develop, maintain, and review security configuration data in security software and/or services.
• Approve, review and audit firewall rules maintained by the network managed service vendor.
• In collaboration with network managed service vendor, inspect system, network log, and event data for integrity and anomalies when necessary.
• As a member of the ITS management team, participate in strategic planning and development of goals and objectives.
• Collaborate with ITS staff to track and implement information security initiatives.
• Facilitate the communication of policies, practices, and awareness to the College community.
• Manage and coordinate incident response procedures to track and address information, system and network security incidents, alleged policy violations, and external requests or complaints.
• Assist in vendor and/or product assessments to evaluate information security risks.
• Perform additional duties as assigned; duties, responsibilities, and activities may change at any time with or without notice.

Benefits

• Generous Vacation, Sick, and Personal Time
• Winter Recess Break in Addition to Paid Holidays (in accordance with policy)
• Healthcare, Dental, and Vision Insurance (Flexible Spending and Dependent Care Accounts)
• Free On-Campus Fitness Facility Access and Discounts for On-Campus Wellness Programs
• Employee Scholarships toward Certifications, Seminars, Training and Professional Development
• Pre and Post Tax participation in a 403(b) Retirement Plan
• Salary Continuation Program in the event of Disability
• Tuition programs