The University of North Carolina at Chapel Hill (UNC-CH), an AAU-member, research-intensive university and the flagship campus of the University of North Carolina system, seeks an accomplished and strategic leader to serve as its next Assistant Vice Chancellor & Chief Information Security Officer (AVC-CISO).
Reporting to the Vice Chancellor for Information Technology & Chief Information Officer, the AVC-CISO will bring University stakeholders together in a commitment to information security best practices that appropriately balance mission, risk, and regulation.
The AVC-CISO is responsible for the ongoing development and delivery of a comprehensive University-wide information security strategy that adequately protects information assets, aligns with and supports the risk posture of the University, and meets applicable compliance and regulatory requirements. The AVC-CISO leads the Security and Identity Management unit in working collaboratively across the University community to develop, implement, manage, and evaluate effective information security practices aligned with the strategy, ensuring the campus employs best security technology practices, stays abreast of changing legislative requirements and mandates, capably anticipates new threats, and advances the cyber security of not only UNC-CH but also the broader UNC System.
The AVC-CISO provides University-wide leadership in information security and identity management, convening a broad set of stakeholders in matters of strategy and policy, and works collaboratively with stakeholders across the University, including administrative and academic leadership and governance to ensure that policies, practices, and programs protect the University and advance its mission. Realizing this commitment requires the AVC-CISO to provide thought leadership, engage broadly and proactively with University stakeholders, inspire active collaboration among an array of partners and colleagues, and judiciously leverage the support of faculty leaders and University officers in their attention to enterprise risk, resource deployment, financial sustainability, and overall institutional strategy.
In alignment with ITS and University executive leadership, faculty, and governance, the AVC-CISO then implements this strategy via a set of information security programs, services, and solutions, some managed within Security and Identity Management and ITS, others managed by school, department, or institute-based technology groups or by partner offices such as the Office of General Counsel or Institutional Integrity and Risk Management. The AVC-CISO directly leads the Security and Identity Management unit, currently a team of eighteen (18), reporting to the AVC-CISO via three (3) managers, with a focus on developing the team as domain experts and trusted partners to colleagues across the University. The AVC-CISO is responsible for managing a $3M personnel and program budget (N.B.: network security and capital costs are funded separately by ITS at the division level).
To address information security issues of campus-wide importance, the AVC-CISO convenes the information security liaison group and provides information security leadership to the UNC IT Executive Council. More broadly, the AVC-CISO participates in monthly meetings of the UNC System Information Security and CIO Councils and is an integral thought partner for leaders across the system.
Success in the role requires a range of experiences and a core set of interpersonal skills that will ensure strategic leadership of the Security and Identity Management unit and enable effective engagement across ITS, the University’s decentralized organizational environment, and the broader UNC system.
- Master’s degree and 8+ years experience or bachelor’s degree and 10 years experience or a combination of related education and experience in substitution
- Extensive knowledge of and experience in a leadership position in a higher education setting.
- Knowledge of sound management and administration principles and practices for managing direct reports. Interpersonal communication, human relations, and team-building skills.
- Extensive background in and understanding of the spectrum of Information Technologies and how IT Security fits into the matrix.
- Specialized knowledge of IT Security best practices and developments in the IT industry as well as across higher education.
- Keeping up to date on the current IT Security risks and challenges in the current environment.
- Mature diplomacy skills and the ability to moderate between competing parties.
- Knowledge of systems and project management principles and practices.
- Demonstrated negotiation skills
- Ability to develop cooperative agreements and MOUs/SLAs with appropriate partners
- Ability to explain technical issues and policies to non-technical persons
- Excellent oral and written communication skills
- Ability to foster and maintain good working relationships with faculty, administrators, students, senior management, and other IT leaders
- Ability to develop and assess budgets and technical proposals
- Ten years of administrative management, especially in a large technology organization, the majority of which has been spent in higher education
- In-depth computing and support experience across a broad spectrum of technologies in a higher education setting
- Track record of sound personnel and financial management
- Track record of excellent customer service and support
- Track record of positive relationship and rapport building
- Professional credentials relevant to information security
The University of North Carolina at Chapel Hill has retained Opus Partners (www.opuspartners.net) to support this recruitment. Craig Smith, Partner, and Abigail Maynard, Associate are leading the search. Please send confidential inquiries, applications, and nominations to Abigail Maynard (firstname.lastname@example.org). A complete application will include a letter of interest and resume.
The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.