Information Security Officer
Institution: University System of Georgia
Location: Atlanta, GA
Category: Admin - Information Technology - Network/System Administrator, Admin - Libraries
Posted: 08/02/2019
Type: Full-Time
The University System of Georgia (USG) is comprised of 26 colleges and Universities as well as a System Office, making it one of the nation’s largest and leading public higher education systems. The USG is governed by the Board of Regents and is committed to creating a more educated Georgia that is prepared for the global, knowledge economy by increasing degree completion, ensuring academic excellence, spurring research and creativity, driving business creation, and making efficient use of resources.
Increasing the number of Georgians with a college degree is a top priority of the USG and Complete College Georgia. The USG emphasizes accountability, partnerships, performance, value, and global competitiveness to help achieve this goal. Our organizational core values founded upon the principles of Integrity, Excellence, Accountability, and Respect.
The USG is now accepting applications for an Information Security Officer (ISO). The ISO provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of GPLS-owned electronic information by communicating risk to senior administration, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements. In addition, those policies and supporting processes will be used with Georgia’s Public Library Directors and information technology staff members to ensure compliance with their respective regulatory requirements, and to monitor risk and maintain appropriate safeguards.
To support these activities, the ISO coordinates activities with USG Cyberoperations and libraries, including the evaluation, procurement, and deployment of security-related products, and develops and coordinates information security awareness and education programs. Additionally, the ISO creates incident response plans to ensure compliance with USG Cyberoperations disaster recovery plans.
MAJOR DUTIES:
-
Creates information security strategies, both short-term and long-range, in support of the goals of GPLS and of the USG Cyberoperations team.
-
Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the goals and business processes of GPLS so effective controls can be put in place for those areas presenting the greatest information security risk.
-
Communicates risks and recommendations to mitigate risks to the senior administration by communicating in non-technical, cost/benefit terms and in a format relevant to senior administrators so decisions can be made to ensure the security of information systems and information entrusted to GPLS.
-
Oversees all ongoing activities related to the development, implementation, and maintenance of GPLS information security policies and procedures by ensuring these policies and procedures encompass the overall security of electronic information at rest or in motion within the GPLS system and assisting departments in local process and procedure development.
-
In partnership with USG Cyberoperations, assists Georgia’s public libraries to develop policies and processes that will help to ensure regulatory compliance in areas such as the Payment Card Industry – Data Security Standards (PCI-DSS) and the Health Insurance Portability and Accountability Act (HIPAA), and the Children’s Internet Protection Act (CIPA).
-
Ensures vulnerabilities are managed by directing periodic vulnerability scans of servers connected to GPLS networks.
-
Develops information security awareness training and education programs, works with public libraries to present them to library Directors and Technology Managers, and participates in local, regional, and national awareness and education events, as appropriate.
-
Ensures sufficient resources are available and allocated to projects by balancing project funding requirements with the assigned budgets, coordinates and tracks project expenditures to ensure resources are used effectively and within budget, and provides periodic budget reports to the Chief Technology Officer.
-
Acts proactively to prevent potential disaster situations by ensuring that proper protections are in place, such as intrusion detection and prevention systems, firewalls, and effective physical safeguards, and provides for the availability of computer resources by ensuring a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts.
-
Evaluates security incidents and determines what response, if any, is needed and coordinates GPLS responses, including technical incident response teams in coordination with USG Cyberoperations, when sensitive information is breached.
-
Contributes to a work environment that encourages knowledge of, respect for, and development of skills to engage with those of other cultures or backgrounds.
-
Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by the supervisor, and obtaining certifications relevant to job duties.
-
Contributes to the overall success of GPLS and USG Cyberoperations by performing all other duties and responsibilities as assigned.
EDUCATION AND EXPERIENCE REQUIRED:
-
Bachelor’s degree in computer science or related field and relevant technology experience equaling 8-10 years of experience required.
-
3-5 years of varied information technology experience is required. Applicable experience includes, but is not limited to computer and networking infrastructure, operating systems, application software development, project management, regulatory compliance, risk management, and providing training.
KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
-
Knowledge of IT systems administration principles and practices.
-
Knowledge of IT system security principles.
-
Knowledge of the installation, maintenance and repair of computer hardware and software.
-
Knowledge of a wide variety of software systems.
-
Skill in collaborating with multiple constituents.
-
Skill in decision making and problem solving.
-
Skill in identifying and resolving complex problems.
-
Skill in oral and written communication.
-
Ability to work independently.
PREFERRED EDUCATION AND EXPERIENCE:
-
Master’s degree in Information Security or Cybersecurity preferred.
-
Experience in a public library setting is preferred.
APPLICATION INFORMATION
Contact:
Human Resources
University System of Georgia
Online App. Form:
The University System of Georgia encourages applications from under-represented groups, including minorities, women, and people with disabilities. The University System of Georgia is an Equal Employment Opportunity/Affirmative Action Employer.