Director of Information Security
Under the general direction of the CIO, the Director of Information Security (and Information Security Officer) is responsible for the development and delivery of a comprehensive strategy for information security, awareness, and compliance efforts at Emporia State University. The Director is a key member of the leadership team and is responsible for both short and long term planning for areas within the scope of responsibility. Additionally, the Director has responsibility for leadership of a team of individuals responsible for information security efforts as well as oversight and management of all projects with which that team is involved.
POSITION DUTIES, RESPONSIBILITIES, AND COMPETENCIES
-
Team Management: Manage day-to-day and long-term operations of Information Security team at ESU. Facilitate project planning and management of security projects. Ensures the delivery of a suite of high-quality information security services to the University. Develops key performance indicators for measuring all areas of team performance. Ensures a high level of support for the campus community through the development of a service-oriented, knowledgeable team, and establishes general schedules and priorities for systems, programming, standards, communications, and other support for projects.
-
Coordination of the University's information security program: Under the general direction of the AVPIT/CIO, coordinate the development, implementation, and maintenance of the University's information security program. In collaboration with the University community, assume overall responsibility for developing and maintaining the information security roadmap for ensuring the security of technology services, computer systems, data networks and data. Establish and maintain information security programs, including: policy, practices, and standards; awareness and training; incident response and management; IT risk management; and relevant IT architecture.
-
Providing Information Security Leadership: Participate in strategic planning and development of goals and objectives, with special attention to providing leadership for those related to information security. Serve as primary IT contact for information security incidents affecting the institution.
-
Serving as Security Liaison: Serve as liaison to federal, state, local and professional organizations. Serve as primary contact for information security vendors and contractors. Serve as Information Security Officer of the institution.
Education:
- Bachelor’s degree required. Advanced degree preferred.
Experience:
Required
-
Minimum three years of experience in information security, or equivalent;
-
Demonstrated ability to manage technical staff while providing long-term strategic direction;
-
Demonstrated commitment to customer- and team-oriented management;
-
Knowledge and experience in project planning, implementation, and management;
-
Demonstrated ability to work with diverse populations;
-
Ability to work with sensitive/confidential information and to handle such information as required by federal and state law, and regulations/policies
-
Experience presenting complex security concepts to a variety of audiences or groups (e.g. end-user training, security conference presentations, executive-level briefings)
-
Experience with evolving information security technologies and approaches
-
Willingness and ability to provide off-hours support
-
Experience in and/or a commitment to cultivating learning environments that are equitable and inclusive of IT users with diverse social identities and backgrounds
Preferred
-
Experience in developing and administering an information security program.
-
Working knowledge of and experience in the policy and regulatory information security, especially in higher education.
-
Experience working in a large enterprise IT environment
-
Experience managing both locally hosted and remotely/cloud-hosted systems
-
Experience with virtualization technologies, such as VMware ESX, Microsoft Hyper-V, Xen, KVM, etc.
-
GIAC/GSEC, CISM, CISSP, etc. certification
-
Experience with SaaS, IaaS, and/or PaaS; identity and access management solutions; IDS/IPS and firewalls; SAML, SSO, or authentication protocols
-
Knowledge and experience with cryptography and associated best practices
-
Knowledge of information security standards; and federal, state, and local regulations including PCI, FERPA, HIPAA, and NIST 800
-
Experience working in higher education
COMPENSATION:
-
Salary range $65,000-$80,000
-
Salary commensurate with education and experience
-
Paid Leave
-
Excellent working environment
-
Opportunties for professional development and growth
TO APPLY:
Interested individuals meeting position requirements should include resume, cover letter, and contact information for three professional references to Karis Williams via email at kwilli41@emporia.edu, or Campus Box 4018, 1 Kellogg Circle, Emporia, KS, 66801. Review of applicants will continue until the position is filled. Background check is required.
Emporia State University is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, race, color, national origin, ethnicity, religion, gender, sex, gender identity, gender expression, marital status, parental status, sexual orientation, genetic information, status as an individual with a disability, status as a protected veteran, or any other factors which cannot be considered by law.