Chief Information Security Officer

University of Tulsa - Tulsa, OK

posted 3 months ago

Full-time - Senior
Tulsa, OK

About the position

The Chief Information Security Officer (CISO) at the University of Tulsa is responsible for the strategic leadership of the university's information security program. This role encompasses a wide range of responsibilities including policy development, compliance oversight, security awareness initiatives, incident response management, risk management, and operational IT security. The CISO will work closely with the Chief Information Officer (CIO) and other key members of the university leadership team to define objectives for information security, fostering relationships and goodwill across the campus community. In this position, the CISO will oversee the formation and operations of a university-wide information security organization, ensuring that all departments work towards a common goal in information security. The CISO will provide a leadership philosophy for the IT security team, promoting collaboration and respect among departments to enhance decision-making, policy development, and best practices for the campus. The role also involves managing institution-wide information security governance processes and leading planning efforts to establish a comprehensive information security program that supports academic, research, and administrative information systems. The CISO will be responsible for assessing and evaluating the adequacy of security controls for the university's information and technology systems, establishing security and compliance goals, and defining strategies and metrics for continual program improvements. Staying informed about information security issues and regulatory changes affecting higher education is crucial, as is communicating these topics to the campus community. The CISO will also act as the primary contact during significant security incidents, convening an Incident Response Team as necessary. Additionally, the CISO will develop and implement technical security standards and a suite of security services to mitigate risks. This role includes reviewing new software and technology vendors to ensure compliance with the university's Vendor Cyber Risk Management requirements. Mentoring the security team and managing initiatives around the Student Security Operations Center are also key responsibilities, along with creating education and awareness programs for the campus community regarding security best practices and vulnerabilities. The CISO will ensure that campus physical access and surveillance systems meet the university's needs and develop maintenance plans for these systems to mitigate risks effectively.

Responsibilities

  • Provide guidance and counsel to the CIO and key members of the university leadership team.
  • Oversee the formation and operations of a university-wide information security organization.
  • Provide leadership philosophy for the IT security team to foster collaboration and respect among departments.
  • Manage institution-wide information security governance processes.
  • Lead information security planning processes to establish a comprehensive information security program.
  • Assess and evaluate the adequacy of security controls for the university's information and technology systems.
  • Establish annual and long-range security and compliance goals, define security strategies, and create maturity models for program improvements.
  • Stay informed about information security issues and regulatory changes affecting higher education.
  • Build cohesive security and compliance programs to address statutory and regulatory requirements.
  • Act as primary contact during significant information security incidents and convene an Incident Response Team as needed.
  • Develop, implement, and administer technical security standards and services to mitigate security risks.
  • Review new software or technology vendors for compliance with Vendor Cyber Risk Management requirements.
  • Develop and implement project plans to mitigate cyber risks in partnership with leadership and industry partners.
  • Mentor security team members and implement professional development plans.
  • Manage initiatives around the Student Security Operations Center, including daily tasks and overall program management.
  • Create education and awareness programs regarding security issues and best practices.
  • Manage the Campus Card Services Team and oversee related technology systems and projects.
  • Engage in professional development to maintain growth in skills and knowledge.
  • Ensure campus physical access and surveillance systems meet university needs.

Requirements

  • 8 or more years of information security experience, including at least 5 years in risk management, information security, and IT roles.
  • Management, project management, or leadership role related to IT security or equivalent education and experience.
  • Demonstrated track record in information security and guiding organizations in implementing security technology products and practices.
  • Experience building credibility with organization management and interacting at executive and board levels.
  • Ability to set strategy and approve goals consistent with the organization's strategic plan.
  • Knowledge of security frameworks and their deployment in complex environments.
  • Strong interpersonal skills and emotional intelligence to navigate organizational politics.
  • Excellent verbal and written communication skills with high personal integrity.
  • Ability to work independently or as part of a team in a dynamic environment.

Nice-to-haves

  • Certified Identity and Access Manager (CIAM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Ethical Hacker (CEH)
  • SANS Certifications (GCED, GISP, GCWN)
  • Previous experience working in higher education

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service