Information Security Officer (Re-posted)

Duties and Responsibilities

Essential Duties and Responsibilities
The Information Security Officer is responsible for the development, implementation and maintenance of the college’s information security program, facilitating information security compliance, advising senior administration on security director and resource investments, and establishing and implementing appropriate polices to manage information security risk.

Characteristic Duties and Responsibilities
The Information Security Officer within the scope of college policies and procedures this person is:
  1. Responsible for the strategic and tactical leadership of the college’s information security program.
  2. Manage college-wide information security governance processes, manages project priorities related to information security, and serves as primary lead for information security incident response.
  3. Establish annual and long-range information security and compliance goals, defines information security strategies, metrics, reporting and program services.
  4. Leads the development and implementation of effective policies and practices to secure protected and sensitive data and ensures information security and compliance with relevant compliance laws, regulations and related requirements.
  5. Leads efforts to internally assess, evaluate, and make recommendations to senior administration regarding the adequacy of the security controls for the colleges information and technology systems.
  6. Oversees internal technology audits and works with government audit agencies, and outside consultants as appropriate on required information security assessments and audits.
  7. Coordinates and tracks all information security related audits including scope of audits, colleges/units involved, timelines, auditing agencies and outcomes, and provides guidance, evaluation and advocacy on audit responses.
  8. Works with college leadership to build a cohesive information security and compliance programs for the college to effectively address state and federal statutory and regulatory requirements.
  9. Stays informed of information security issues and regulatory changes affecting higher education at the state and national level, participates in national policy and practice discussions, and communicates to college leadership on a regular basis regarding topics.
  10. Engages in professional development to maintain continual growth in professional skills and knowledge essential to the position.
  11. Performs other related duties as assigned.


NOTICE: Required Documents
To be considered for this position, you are required to upload your resume and unofficial transcript(s). In addition, if a license or certificate is required for this position, upload proof of your current license/certificate.

  • Bachelor’s Degree in computer technology, information security, cyber security or technology management from a regionally accredited institution of higher learning recognized by the Department of Education.
  • Minimum 5 years’ experience in varied information technologies applicable to computer and networking infrastructure, operating systems, project management, regulatory compliance, risk management, and training.
  • Preference may be given to individuals with industry specific certifications including GIAC/SANS (Global Information Assurance Certification/Systems Administration, Network and Security), CISSP (Certified Information Systems Security Professional), CISM/A (Certified Information Security Manager/Auditor), CompTIA Security +, Certified Ethical Hacker, CCSP (Certified Cloud Security Professional)
  • Master’s degree in computer technology, information security, cyber security or technology management from a regionally accredited institution of higher learning recognized by the Department of Education.
  • The required minimum years of experience of which at least two must be in direct experience in information security in a higher education setting.

Knowledge, Skills and Abilities

  • Skill communicating technical information to non-technical audiences both verbally and in writing
  • Skill in project management, time management, and initiation and execution of tasks
  • Skill in presenting ideas and concepts orally and in writing
  • Knowledge of and ability to follow college policies and procedures
  • Knowledge of Microsoft Office suite
  • Knowledge of state and federal information security regulatory requirements (GLBA, FERPA, etc.)
  • Knowledge of IT Security Frameworks (NIST, IHECF, etc.)
  • Ability to communicate effectively, verbally and in writing, and to relate to others in a professional, helpful manner
  • Ability to assess cybersecurity policies, standards, and procedures for key cybersecurity concepts (access to programs and data, changes to programs and data, IT operations, etc.) in order to identify gaps with regulatory requirements (GLBA, FERPA, etc.) and information security frameworks (NIST, IHECF, etc.)
  • Ability to assess IT dependencies (system integrations, reports, segregation of duties, automated application controls, etc.) within information systems
  • Ability to communicate the impact of cybersecurity control effectiveness on business processes to nontechnical stakeholders.
  • Ability to communicate gaps in cybersecurity control design to control owners and make meaningful recommendations.
  • Ability to communicate effectively, verbally and in writing, and to relate to others in a professional, helpful manner.
  • Ability to relate to a diverse population and to maintain composure when faced with difficult situations.
  • Ability to multi-task and organize, prioritize, and follow multiple projects and tasks through to completion with an attention to detail.
  • Ability to work independently while contributing to team environment.
  • Ability to analyze problems, identify solutions, and take appropriate action to resolve problems using independent judgment and decision-making processes.
  • Ability to establish and maintain effective working relationships with other department staff, faculty, students and the public.

Additional Information

Supervision Exercised

Supervision Received
Reports to the assigned executive administrator (Vice President for Student Success and Enrollment)

Physical Requirements
The employee is occasionally required to stand, walk, stoop, kneel, or crouch.
The employee must occasionally lift and/or move items weighing up to 50 pounds.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Utilizes memory for details, verbal instructions, emotional stability, critical thinking, adaptability and creative problem-solving skills.

Work Environment
Work is performed in a standard office environment.
Work-inside a well-lighted and air-conditioned area most of the time.
The noise level in the work environment is usually quiet to moderate.

Required to work safely and follow safety rules.
Report unsafe working conditions and behavior.
Take reasonable and prudent actions to prevent others from engaging in unsafe practices.

Special Conditions
Immediate supervisor may assign other duties.
May be required to work outside regular working hours, as needed.
May be required to work at a different college work site or campus as needed.

EEO Statement
In compliance with Title VI of the Civil Rights Act of 1964, Executive Order 11246 and Title IX of the Education Amendments of 1972 and Section 504 of the Rehabilitation Act of 1973, Laredo College is open to all persons regardless of race, color, religion, sex, age, marital status, disability, or national origin who are otherwise eligible for admission as students. Furthermore, Laredo College is an Equal Opportunity Employer and no applicant or employee will be discriminated against because of race, color, religion, sex, age, marital status, disability or national origin. This institution will not enter knowingly into any contractual agreement for services or supplies with any firm failing to follow fair employment practices.

Foreign Degrees
Foreign degrees require an evaluation for United States equivalency from an approved stated education agency or having membership with the National Association of Credential Evaluation Services (NACES). Transcripts issued outside the United States of America require a course-by-course analysis with an equivalency statement from a certified transcript evaluation service verifying the degree equivalency to that of an accredited institution within the USA. This report must be attached to your online application at the time of applying. For your convenience, we have provided the following links to assist you in complying with this requirement. However, you may use any other certified transcript evaluation service.

The above description is an overview of the job. It is not intended to be an all-inclusive list of duties and responsibilities of the job, nor is it intended to be an all-inclusive list of the skills and abilities required to do the job. Duties and responsibilities may change with business needs. LC reserves the right to add, change, amend, or delete portions of this job description at any time, with or without notice. Employees may be required to perform other duties as requested, directed, or assigned. In addition, reasonable accommodations may be made by LC as its discretion to enable individuals with disabilities to perform the essential functions.

Laredo College offers a comprehensive benefit package.To read more about our Benefits, please visit this page on our College website

Similar jobs

Similar jobs