University of La Verne
Information Security Officer (ISO)
Job Description Summary:
The Information Security Officer (ISO) is responsible for
developing and maintaining the University's policies related to
information security of both electronic and paper formats; ensuring
that information created, acquired, or maintained by the University
and its authorized users will be used in accordance with its
intended purpose, and protects university information and its
infrastructure from external or internal threats; ensuring that the
University complies with statutory and regulatory requirements
regarding information access, security and privacy; working
collaboratively with university leadership as well as technical and
administrative staff across the University; developing and leading
outreach, communication and education efforts to raise
University-wide awareness of information security risks,
requirements, and solutions; providing strategic and technical
guidance and assistance in the design and implementation of
appropriate security processes for University-wide information
systems; recommending and monitoring computing practices to prevent
and recover from security breaches; designing and maintaining
critical University security infrastructure, and coordinating the
handling of security incidents.
The University of La Verne is a private not-for-profit
university founded in 1891 located in La Verne, California. The
core values that we live by are Ethical Reasoning, Diversity and
Inclusivity, Lifelong Learning and Community and Civic
If you're passionate about these values, join us at the University
of La Verne!
Reporting to the Chief Information Officer (CIO), and serving as a
member of the Information Technology Leadership Team, the ISO is
expected to split their time among management of the information
security program, information security operations, training/staff
development, and other duties as assigned. Incumbent will build
upon the Division’s strengths, mission, and vision to support
heightened services now and in the future.
- Lead teams of key University staff, data custodians and
governance groups, coordinate and administer the Information
Security Policy/Plan of the University through an awareness of
current legislative, legal and regulatory actions and industry
standards and best practices.
- Work closely and collaboratively with the OIT teams through
upgrades of network hardware, software, systems and applications to
ensure secure configurations.
- Lead the effort to collect, analyze, and monitor data, systems,
and applications to identify anomalies and potential incidents.
Provide recommendations and partner with internal and external
stakeholders to remediate and appropriately address identified
risks and issues.
- Define and develop appropriate enterprise wide IT
project/program management practices, governance standards,
processes and metrics. Ensures projects/programs are defined,
tracked and communicated in a consistent and effective manner.
- Incorporates effective change and risk management controls.
Partners with IT and business leadership and other key stakeholders
to prioritize projects based on predefined criteria (return on
investment, productivity, compliance).
- Partners with OIT staff and other University faculty and staff
in the evaluation of technology solutions to ensure they meet the
University’s security requirements, including contract
- Develop and lead an information security awareness/education
program for the University.
- Provide input to the planning and budgeting for information
security initiatives and help develop a comprehensive information
- Lead and coordinate response to information security incidents
including computer forensics and investigation in partnership with
internal and external stakeholders.
- Serve as primary contact for technology audits and compliance
- Maintain strong technical and tactical fluency in the
information security field (e.g. current threats and best
practices). Prepare informative presentations on best practice
recommendations and enhancements to current information security
practices, policies and procedures to leadership.
- Bachelor’s Degree in Information Systems, Business
Administration, Computer Science, or related degree required.
- CISSP, GIAC/GSEC, SSCP, or CISM certification.
- 7 or more years of relevant knowledge and experience of
technology, systems, hardware and software associated with
- 5 or more years of relevant knowledge and experience with
network and systems administration, firewalls, and IDS/IPS.
- 3 or more years of the following: Relevant knowledge of
information security standards and federal, state and local
- Demonstrated ability to interpret and present information and
ideas clearly and accurately in writing, verbally and through
preparation of reports, presentations and other materials.
- Demonstrated ability to work collaboratively and form and
sustain effective working
relationships in a team environment
- Relevant knowledge and experience in project and program
- Masters Degree in Information Systems, Business Administration,
Computer Science, or related degree strongly preferred.
- Significant (3-5 years) higher education experience.
- Extensive (8 - 10 years) information security experience and
- Extensive (8 - 10 years) practical and relevant experience
working in information technology, with at least 5 years of
experience leading and supporting Information Security management
program in an academic environment.
La Verne Central Campus
To be considered for this position please visit our web site and
apply on line at the following link: http://laverne.edu
Located in Southern California, the University of La Verne offers a
distinctive and relevant educational experience to a diverse
population of students, preparing them for successful careers and a
commitment to lifelong learning across the liberal arts and
professional programs. The academic units of the not-for-profit
university include the College of Arts and Sciences, the College of
Business and Public Management, the LaFetra College of Education,
and the College of Law. The university offers both undergraduate
and graduate programs, including degree programs tailored for
working adults. The university's central campus is located 30 miles
east of Los Angeles in the historic Old Town section of La Verne, a
city with a population of approximately 35,000 at the foothills of
the San Gabriel Mountains. The university also has eight regional
campuses throughout California and the College of Law campus in
Ontario, California. The university is classified as a Carnegie
Doctoral Institution with moderate research activity. Core values
are reflected throughout all curricular and co-curricular programs,
its emphasis on close professor-student interaction, personal
support of its students, and its diversity.
The University of La Verne prides itself in being reflective of the
diversity of Southern California. Approximately 80 percent of its
nearly 8,500 students come from diverse backgrounds and the U.S.
Department of Education has designated the university as a Hispanic
Serving Institution (HSI). With 80,000 alumni, the university
fulfills a critical community function in educating students from
underserved populations, many of whom are the first generation in
their family to attend college.
The University of La Verne is an equal opportunity employer and
does not discriminate against employment or employees on any basis
prohibited by state and federal law. University of La Verne hires
and promotes individuals based on their qualifications and is
consistent with applicable state and federal laws, without regard
to race, color, religion, gender, disability, medical condition a
or sexual orientation