12M Recruiting
Ed Tech Recruiting

Information Security Officer/Director IT Security

University of Mary Washington, VA
Job Level
Senior position
Post Date
07/25/2018
Job Category
Director
Sector
  • Information Technology
Job Status
Areas of Responsibility
  • Security
Link to Job Posting
Organizational Objective / Goal

The Information Technology division provides computing and communication services to the UMW campus community. Our mission is to provide the technical infrastructure, information resources, and services that advance the university’s strategic goals; enhance instructional technology, teaching and learning; promote effective and efficient work processes; and support information decision making and institutional reporting.
General Description of Position

This position is responsible for developing, implementing and managing the University’s information security program, which includes policies, procedures and controls designed to protect enterprise data and systems from both internal and external threats.
Required KSAs / Competencies / Qualifications to successfully perform their work

Demonstrated ability to:

  • Create and manage a strategic plan for the deployment of information security controls and program enhancements.
  • Create, and ensure compliance with, University security policies, standards and procedures.
  • Collaborate with key stakeholders to establish an IT security risk management program.
  • Manage audits of existing systems and provide comprehensive risk assessments.
  • Anticipate new security threats and stay-up-to-date with evolving infrastructures
  • Manage security incident response activities.

Guide a team of IT and security experts

Integrate IT systems development with security policies and information protection strategies Develop strategies to handle security incidents and coordinate investigative activities Act as a focal point for IT security investigations and direct a full investigation with recommended courses of action Prioritize and allocate security resources correctly and efficiently Prepare financial forecasts for security operations and proper maintenance cover for security assets Provide leadership, training opportunities and guidance to personnel Work with senior management to ensure IT security protection policies are being implemented, reviewed, maintained and governed effectively Spearhead education programs focused on user awareness and security compliance
Preferred KSA's / Competencies / Qualifications to successfully perform the work

Experience managing various security control systems, such as IDS/IPS, A/V, SIEM, DLP.
Knowledge of Commonwealth of Virginia SEC501 security standard.
Required Education

Bachelor’s degree
Required Experience

Considerable experience developing, implementing and managing an enterprise information security program, which includes policies, procedures and controls designed to protect data and systems from both internal and external threats.
Preferred Education

Master’s degree
Preferred Experience

Experience managing an information security program for a higher education institution.
Required Licensure

Relevant Information Security related professional certifications such as CISSP, CISM, CISA, or GIAC
Preferred Licensure

PMI PMP or equivalent.
Statement of Economic Interest No