University of North Carolina Greensboro - Fort Collins, CO
posted 3 days ago
About the position
The Chief Information Security Officer (CISO) at UNC Greensboro has enterprise-wide leadership responsibility for establishing and maintaining information security policies and standards, executing IT risk management processes, guiding efforts to identify, detect, and respond to security threats, and maintaining the confidentiality, integrity, and availability of University information resources. The CISO will develop and implement a strategic, long-term information security strategy to ensure that UNC Greensboro's information resources are adequately protected. This role includes leading the development of comprehensive information security policies, procedures, standards, and guidelines, ensuring compliance with applicable laws and regulations, and fostering a security-aware culture through ongoing Security Awareness Training & Education (SATE). The CISO will also supervise security operations, oversee incident response planning, and manage a high-performing team of information security professionals.
Responsibilities
- Develop and implement a strategic, long-term information security strategy.
- Lead the development of comprehensive information security policies, procedures, standards, and guidelines.
- Ensure compliance with applicable policies, laws, regulations, and contractual requirements.
- Monitor and maintain compliance with FERPA, HIPAA, GLBA, PCI, DMCA, GDPR, and other applicable laws.
- Identify, evaluate, and report on information security risks and program developments.
- Work with senior leaders to assess IT risks and implement mitigating controls.
- Champion the enterprise information security program and foster a security-aware culture.
- Supervise all aspects of security operations including monitoring and response to threats.
- Oversee the evaluation, selection, and implementation of information security solutions.
- Develop business-focused metrics to measure the effectiveness of the information security program.
- Liaise with law enforcement and advisory bodies to maintain a strong security posture.
- Oversee incident response planning and investigation of security breaches.
Requirements
- Bachelor's Degree or higher in computer science, information technology, business or public administration, or related disciplines.
- Deep expertise and technical knowledge in information security and risk management.
- 10+ years of experience managing an information security area, program, or office.
- Demonstrated experience with managing a comprehensive information security program.
- Ability to effectively communicate security concepts and strategies.
- Knowledge of Higher Education policies regarding FERPA, HIPAA, FISMA, GLBA, and other regulations.
- Strong customer service ethic.
- Demonstrated experience in a senior leadership role with accountability to executive management.
- Outstanding communication abilities, both written and verbal.
Benefits
- Salary commensurate with experience
- Permanent appointment
- 12-month leave earning
