The Chief Information Security Officer (CISO) is a critical member of the Chief Information Officer’s (CIO) team. The CISO leads a team of security and identity management professionals in creating and executing a comprehensive security plan across the university’s central and decentralized systems. Working cooperatively with leaders across the University, the CISO will have the opportunity to promote strategic risk management and security compliance efforts, and direct implementation of technologies necessary to assure a secure and reliable infrastructure.
The successful candidate will:
IT Security Program
Lead the planning, design, development, integration, testing, documentation, training, implementation and maintenance of university IT security systems and products.
Provide leadership through strong working relationships and collaboration across the university community to develop strategic goals for information security compliance and risk mediation.
Security Architecture, Policy, Procedures, Standards, and Guidelines
Develop and maintain an IT Security Architecture for the university.
Lead and coordinate the development and maintenance of information systems security policies, procedures, standards, and guidelines, ensuring compliance with federal and state laws and regulations and Regents and university policies and standards.
Analyze new federal and state statutory requirements, university policies, and other security initiatives to determine changes necessary for adoption/compliance and makes appropriate recommendations.
Develop and maintain the campus Incident Management Plan and chair the Security Incident Response Team (SIRT).
Ensure monitoring of security-related information sources for security alerts and assess security breaches/ events, oversee appropriate corrective actions, inform the campus community, and identify needed changes based on new security technologies or threats.
Serve as the liaison with external agencies and organizations, including law enforcement, as needed for incident response and planning.
Supervise and lead the work of the IT Security Team in ITS.
Oversee the performance of assigned staff, including providing regular, constructive feedback and coaching towards goal attainment and professional development.
Manage project teams dealing with IT security issues, optimizing the contribution of people involved.
Communications, Training, and Outreach
Oversee the development and implementation of training programs and communications to make systems, network, and data users aware of and understand security policies and procedures.
Research and Analysis
Lead or conduct special projects or studies related to information systems security.
Stay well-informed of best practices in the IT security field, coordinate and/or evaluates new and emerging security practices and technologies, and recommends and promotes adoption as appropriate.
Provides expert advice related to information and systems security to university executives and serves as an internal consulting resource on information security issues.
Serve as a member of the CIO’s Executive Leadership Team and the Enterprise IT Leadership and Operations Management Teams.
Represent the university with federal, state, local, and professional organizations in the area of IT security.
Applicants must submit:
A cover letter reflecting how skills meet the requirements of the position
The names, phone numbers, and email addresses of at least three professional references
Applicants must be currently authorized to work in the United States at the time of employment. Screening of applicants will begin immediately. For best consideration, apply by January 15, 2017.
Kansas State University is an Equal Opportunity Employer of individuals with disabilities and protected veterans and actively seeks diversity among its employees. Must be able to acquire and maintain a top-secret security clearance.
Bachelor's degree in computer science or related field, or bachelor's degree in an unrelated field plus at least ten (10) years’ experience in information technology services
Two years’ experience in a position with exposure to the process of systems analysis, designing, coding, testing, and maintaining enterprise software applications
Experience designing, implementing, and/or managing major components of an IT security program or managing an IT operations or service unit in a distributed technology environment
Competence/experience in the areas of risk analysis and security management for data, information, and applications; IT security standards and best practices; privacy and security legislation; security architectures and technologies; incident detection and response; and disaster recovery support
Experience coordinating the development and implementation of IT policies and procedures
Experience evaluating and implementing new practices and technologies to improve an organization’s over- all IT security program
Experience working collaboratively with a wide range of individuals
Experience building coalitions and professional relationships with internal and external constituencies to achieve results
Strong interpersonal skills
Strong analytical skills
Must be able to acquire and maintain a top-secret security clearance
Effective communicator (orally and in writing) with non-technical and technical audiences, including senior executives, managers, staff, vendors, and colleagues
Post-baccalaureate degree in technology, business administration, or related field
Certification relevant to IT security (CISA, CISM, CISSP, GIAC/GSEC, etc.)
Experience working with IT security laws and regulations applicable in higher education
Experience providing IT security services in a university setting with a distributed technology environment
Experience developing and promoting awareness and training programs related to IT issues
Additional Salary Information: Summary of Benefits: http://www.k-state.edu/hcs/benefits/overview/
As the nation's first operational land-grant university, Kansas State University is committed to serving the state's 2.9 million residents. A central component of the university's mission is to do its part in advancing the well-being of Kansas. K-State, a 4-year doctoral institution, offers access to information, research insights, and opportunities that enrich lives.