Director of Information Security, Privacy and Compliance
Bates is one of the nation’s leading liberal arts colleges, with a long history of commitments to principles of human dignity and diversity.
Since its founding by abolitionists in 1855, Bates has welcomed men and women from diverse racial, ethnic, religious, and economic backgrounds. Bates was the first co-educational college in New England, and some of its earliest students were former slaves. The college continues to live that promise of inclusiveness.
Bates offers a rigorous and highly personalized education that centers on deep and sustained interactions among students, faculty, and community. Bates engages the forces — intellectual trends, demographic changes, and technology — that are transforming higher education and the world into which our students graduate.
Bates has highly competitive admission, graduates over 90% of its entering students, and over half of its alumni earn graduate degrees. Bates has 1,700 students, 200 faculty members and 550 staff and administrative employees.
The college is proud of it deep roots in the Lewiston/Auburn community, Maine’s second largest urban area, with a population of approximately 65,000. Bates is located on a beautiful, 109-acre, traditional New England campus in Lewiston, a small city with an entrepreneurial climate, a lively arts scene, and a dynamic business community. Bates is 35 miles north of Portland, 140 miles north of Boston, and 350 miles north of New York City.
The Position
The Director of Information Security, Privacy and Compliance is responsible for coordinating a comprehensive College-wide program in information security and privacy to ensure that the College is complying with all applicable laws and standards. While this position reports to the CIO, the successful candidate will work with leadership throughout the College to develop and implement a program that mitigates risks throughout the institution, while balancing security and business needs. The successful candidate will have strong technical skills in enterprise security solutions including various network, endpoint and cloud technologies and experience working with a diverse set of software. The Director works collaboratively with multiple stakeholder groups to build shared ownership of information security and privacy across the institution. The Director demonstrates a commitment to ensure that data in all forms, as well as the systems and networks used to transmit, store and provide access to those data are designed, configured and operated in a manner that ensures security, integrity, privacy, and compliance with statutory and regulatory requirements.
Key Accountabilities
- Coordinates the College’s information security program.
- In collaboration with the College community, assume overall responsibility for developing and maintaining the campus information security roadmap for ensuring the security of technology services, computer systems, data networks and data.
- Balance the need to provide vision, strategy and long-range planning with hands-on responsibilities.
- Conduct and review ongoing vulnerability assessments of networks and systems.
- Develop, maintain, and review security configuration data on firewalls and related security software and/or services.
- Inspect system and network log and event data for integrity and anomalies.
- Responsible for responding to auditor inquiries related to information security, privacy and compliance.
- Assist in vendor product/services assessments to evaluate information security risks.
- Assist campus partners in issues of data collection and storage for privacy implications.
- Work with campus partners in understanding compliance concerns for the variety of federal and state regulations impacting higher education.
- Interfaces with law enforcement and government agencies, as needed.
- Facilitate the communication of policies, practices, and awareness to the College community as a whole.
- Acts as a member of the Information and Library Services Management Team to ensure the reliability, performance, and durability of products and services and to achieve functional, organizational, and budgetary goals.
Additional Job Functions:
- Develops and maintains knowledge necessary to understand the rapidly changing role of information technology in higher education.
- Works collaboratively with other ILS and College staff.
- Serves, as assigned, on College Committees.
- Other duties as assigned by the Vice President.
Qualifications
The successful candidate will have Bachelor’s degree in field related to the position or equivalent combination of education and experience. CISSP or similar certifications preferred.
The ideal candidate will have:
- A minimum of 3 years of demonstrated experience with a broad array of security technologies, such as firewalls, VPN, IDS/IPS, threat detection and response, SIEM.
- A minimum of 3 years of demonstrated experience with security audits and breach investigations.
- Demonstrated experience negotiating vendor agreements.
- Demonstrated experience working with people at all levels of the organization.
- Experience in higher education preferred.
- Excellent verbal and written communication skills with the ability to create a collaborative relationship with customers, and to convey computing concepts effectively to non-technical users.
- Excellent analytical and problem solving skills; ability to synthesize complex or diverse information.
- Ability to work independently and handle multiple priorities with minimal supervision.
- Impeccable organizational (time, task, project management) skills and ability to coordinate resources and staff within the college community.
- Strong interpersonal skills with ability to develop and maintain collegial relationships. Must be flexible, collaborative and have a positive attitude.
- Willingness and ability to learn additional applications as needed.
- Ability and willingness to travel (by car, air, train or bus) as needed.
- Ability to work individually and as part of a team.
- Ability and willingness to work weekends, evenings and other non-traditional schedules.
- Demonstrated commitment to diversity and inclusivity and to serving the needs of a culturally and educationally diverse and inclusive community with diplomacy and tact.
- Successful completion of a background check.
Benefits
Bates College offers competitive salaries, excellent benefits (health, dental, 9% retirement contribution with potential for an additional 3% match, 24 days of vacation, 12 paid holidays, free parking, access to library and athletic facilities & more) and a supportive, collegial environment in a drug- and smoke-free workplace.
Application Instructions
Please submit a cover letter, resume, and contact information for three professional references. This position requires successful completion of a pre-employment background screening. Review of applications begins immediately and will continue until the position is filled. (References will not be contacted without your permission.)