Information Security Officer (ISO)
University of La Verne
Information Security Officer (ISO)
Job Description Summary:
The Information Security Officer (ISO) is responsible for developing and maintaining the University's policies related to information security of both electronic and paper formats; ensuring that information created, acquired, or maintained by the University and its authorized users will be used in accordance with its intended purpose, and protects university information and its infrastructure from external or internal threats; ensuring that the University complies with statutory and regulatory requirements regarding information access, security and privacy; working collaboratively with university leadership as well as technical and administrative staff across the University; developing and leading outreach, communication and education efforts to raise University-wide awareness of information security risks, requirements, and solutions; providing strategic and technical guidance and assistance in the design and implementation of appropriate security processes for University-wide information systems; recommending and monitoring computing practices to prevent and recover from security breaches; designing and maintaining critical University security infrastructure, and coordinating the handling of security incidents.
The University of La Verne is a private not-for-profit university founded in 1891 located in La Verne, California. The core values that we live by are Ethical Reasoning, Diversity and Inclusivity, Lifelong Learning and Community and Civic Engagement.
If you're passionate about these values, join us at the University of La Verne!
Reporting to the Chief Information Officer (CIO), and serving as a member of the Information Technology Leadership Team, the ISO is expected to split their time among management of the information security program, information security operations, training/staff development, and other duties as assigned. Incumbent will build upon the Division’s strengths, mission, and vision to support heightened services now and in the future.
- Lead teams of key University staff, data custodians and governance groups, coordinate and administer the Information Security Policy/Plan of the University through an awareness of current legislative, legal and regulatory actions and industry standards and best practices.
- Work closely and collaboratively with the OIT teams through upgrades of network hardware, software, systems and applications to ensure secure configurations.
- Lead the effort to collect, analyze, and monitor data, systems, and applications to identify anomalies and potential incidents. Provide recommendations and partner with internal and external stakeholders to remediate and appropriately address identified risks and issues.
- Define and develop appropriate enterprise wide IT project/program management practices, governance standards, processes and metrics. Ensures projects/programs are defined, tracked and communicated in a consistent and effective manner.
- Incorporates effective change and risk management controls. Partners with IT and business leadership and other key stakeholders to prioritize projects based on predefined criteria (return on investment, productivity, compliance).
- Partners with OIT staff and other University faculty and staff in the evaluation of technology solutions to ensure they meet the University’s security requirements, including contract evaluation.
- Develop and lead an information security awareness/education program for the University.
- Provide input to the planning and budgeting for information security initiatives and help develop a comprehensive information security budget.
- Lead and coordinate response to information security incidents including computer forensics and investigation in partnership with internal and external stakeholders.
- Serve as primary contact for technology audits and compliance activities.
- Maintain strong technical and tactical fluency in the information security field (e.g. current threats and best practices). Prepare informative presentations on best practice recommendations and enhancements to current information security practices, policies and procedures to leadership.
- Other duties as assigned
- Bachelor’s Degree in Information Systems, Business Administration, Computer Science, or related degree required.
- CISSP, GIAC/GSEC, SSCP, or CISM certification.
- 7 or more years of relevant knowledge and experience of technology, systems, hardware and software associated with information security.
- 5 or more years of relevant knowledge and experience with network and systems administration, firewalls, and IDS/IPS.
- 3 or more years of the following: Relevant knowledge of information security standards and federal, state and local regulations.
- Demonstrated ability to interpret and present information and ideas clearly and accurately in writing, verbally and through preparation of reports, presentations and other materials.
- Demonstrated ability to work collaboratively and form and
sustain effective working
relationships in a team environment
- Relevant knowledge and experience in project and program management.
- Masters Degree in Information Systems, Business Administration, Computer Science, or related degree strongly preferred.
- Significant (3-5 years) higher education experience.
- Extensive (8 - 10 years) information security experience and knowledge.
- Extensive (8 - 10 years) practical and relevant experience working in information technology, with at least 5 years of experience leading and supporting Information Security management program in an academic environment.
Location: La Verne Central Campus
To be considered for this position please visit our web site and apply on line at the following link: http://laverne.edu
Located in Southern California, the University of La Verne offers a distinctive and relevant educational experience to a diverse population of students, preparing them for successful careers and a commitment to lifelong learning across the liberal arts and professional programs. The academic units of the not-for-profit university include the College of Arts and Sciences, the College of Business and Public Management, the LaFetra College of Education, and the College of Law. The university offers both undergraduate and graduate programs, including degree programs tailored for working adults. The university's central campus is located 30 miles east of Los Angeles in the historic Old Town section of La Verne, a city with a population of approximately 35,000 at the foothills of the San Gabriel Mountains. The university also has eight regional campuses throughout California and the College of Law campus in Ontario, California. The university is classified as a Carnegie Doctoral Institution with moderate research activity. Core values are reflected throughout all curricular and co-curricular programs, its emphasis on close professor-student interaction, personal support of its students, and its diversity.
The University of La Verne prides itself in being reflective of the diversity of Southern California. Approximately 80 percent of its nearly 8,500 students come from diverse backgrounds and the U.S. Department of Education has designated the university as a Hispanic Serving Institution (HSI). With 80,000 alumni, the university fulfills a critical community function in educating students from underserved populations, many of whom are the first generation in their family to attend college.
The University of La Verne is an equal opportunity employer and does not discriminate against employment or employees on any basis prohibited by state and federal law. University of La Verne hires and promotes individuals based on their qualifications and is consistent with applicable state and federal laws, without regard to race, color, religion, gender, disability, medical condition a or sexual orientation