Chief Information Security Officer (CISO)
- Employer
- Montclair State University
- Location
- Montclair, New Jersey, United States
- Salary
- Competitive Salary
- Date posted
- Jun 14, 2024
View more categoriesView less categories
Job Details
IMPORTANT APPLICATION INSTRUCTIONS:
- Upload Resume or Curriculum Vitae for automatic population of information to the application.
- The contact information, work experience, and education listed on your Resume/CV will be parsed and input into your Montclair application.
- Review information and double-check all fields containing information that the system parsed – the software is intelligent, but you need to verify that the data is accurate.
- In the “My Experience” section, you will find a Resume/CV upload option where you can submit your cover letter and all other supporting documents.
Job Description
SUMMARY :
Reporting to the Vice President and CIO of Information Technology, the Chief Information Security Officer (CISO) is a member of the Information Technology (IT) leadership team and works closely with senior administration, academic leaders, and the campus community. The CISO is the lead advocate for the institution's information and cyber security needs and is responsible for the development and oversight of a comprehensive information security strategy intended to protect information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction and to provide confidentiality, integrity, and availability.
As a member of the IT leadership team the CISO leads the development, implementation and oversight of an information and cyber security program to protect campus-wide resources, facilitates information security governance, advises senior leadership on security matters and resource investments, and writes appropriate policies to manage information security risk. The CISO is responsible for recommending and coordinating the planning, implementation, enforcement, and troubleshooting activities that ensure the security and integrity of the University’s overall information systems and data assets. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with University systems and campus leaders to optimize the information security posture of the University.
This position directly manages a team of information and cyber security staff and also has authority to create ad hoc working groups among other central and distributed IT staff as needed to ensure that the University's overall computing and network policies, procedures, and infrastructure design adhere to information security best practice principles. The CISO is a visible/communicative leader on campus, and off-campus by representing Montclair to the global higher education community.
PRINCIPAL DUTIES AND RESPONSIBILITIES :
University and Program Leadership
- Provide guidance and counsel to the CIO and key members of the
University leadership team regarding information security and
privacy issues, risks, mitigation strategies and information
security governance.
- Develop a comprehensive information security program with
annual and long-range security and compliance goals, metrics,
reporting mechanisms and program services.
- Develop and lead outreach, communication, and user education
efforts to promote campus-wide information and cyber security
awareness.
- Collaborate with IT leadership on incorporating information
security throughout the technology life cycle, risk management and
audit compliance to provide adequate protections for campus hosted
information resources.
- Build positive relationships and foster goodwill towards
efforts to improve overall security posture.
- Review hardware, software, and services being considered for
purchase or implementation by IT or other campus departments to
assess potential security risks and ensure proper information
security features are incorporated to address university
requirements.
- Maintain integrity and appropriate confidentiality of
information security related matters.
- Provide supervision for team resources, as well as budget
development and management as needed.
Policy, Compliance and Audit
- Develop, implement and oversee policies, standards and
processes.
- Serve as the University’s primary point of contact in all
audit, compliance, insurance, or legal matters related to
information security.
- Keep abreast of changes to the State, Federal, and industry
regulations that can impact University operations such as HIPAA,
PCI-DSS, EUGDPR, FERPA, Red Flags, and Gramm-Leach-Bliley. Make
recommendations for changes or additions to university policies,
procedures, or technology infrastructure to support compliance with
these regulations from an information security perspective.
- Create ad-hoc functional teams from among the various central
and distributed IT units to research, recommend, and deploy new
information security technologies or to implement changes to
existing policies and procedures.
Risk Management and Incident response
- Oversee IT security risk assessment processes. Coordinates
annual or periodic information security risk assessment reviews as
necessary or required for institutional auditing purposes.
- Develop a roadmap to reduce high risks and sustain a
well-controlled environment to protect information assets.
- Oversee information security incident response, serving as
incident coordinator and forming ad hoc incident response teams as
necessary to respond to and recover from potential security
incidents or data breaches.
- Develop and lead new information security initiatives.
- Communicate and coordinate with the Chief Information Officer
and other campus leadership as appropriate during incident response
activities. Escalate incidents, when appropriate, to executive team
for determination of information security breach and
notification.
- Coordinate contracted relationships with external security
service providers for a variety of needs including digital
forensics investigations, e-Discovery, or other sensitive data
analysis as requested by IT management, Legal Counsel, Human
Resources, or appropriate University officials.
Outreach, Education and Training
- Provide leadership in identifying, developing, implementing and
maintaining information security awareness, as well as general and
specialized training programs for the University.
- Recruit, hire, train and mentor the Information Security staff
and implement professional development plans for all members of the
team as needed.
- Oversee security operations related activities and manage the
relationship with the MDR partner (Red Canary) including monthly
review of reports and vulnerability mitigation strategies in the
broader landscape.
REQUIRED :
- A Bachelor's degree from an accredited college or
university.
- Cyber security industry certifications from an established
organization such as SANS.
- A minimum of ten (10) years of progressively responsible IT
experience with a minimum of five (5) years of managerial
experience.
- Professional experience designing, implementing, and/or
managing information security policies, procedures, and
solutions.
- Broad knowledge of computer security issues, requirements, and
trends.
- Strong interpersonal and communication skills, plus the ability
to achieve goals through influence, collaboration and
cooperation.
- Demonstrated ability to work effectively with an array of
constituencies in a community that is both demographically and
technologically diverse.
- Experience providing education and training programs on
security policies and practices to a range of technical and
non-technical constituents.
- Experience evaluating and providing guidance on the information
security elements of software and hardware acquisitions, IT
services, cloud-based solutions, mobility, and other present and
emerging aspects of IT solutions and services in a complex
environment.
- Referenceable integrity and high standards of personal and
professional conduct.
- A post-Baccalaureate degree or other relevant formal
education.
- Over five years of experience in a higher education IT
environment.
- Ability to explain highly technical topics in terms that can be
understood by a less technical audience.
- Strong organizational skills and a successful track record of
effective coordination, prioritization, collaboration, and project
delivery.
- An understanding of current legislation and regulations
pertaining to higher education institutions (i.e. HIPAA, PCI-DSS,
EUGDPR, FERPA, Red Flags, and Gramm-Leach-Bliley.)
- Is professionally active by presenting at conferences and/or
publishing/contributing to timely Information Security
articles.
Applicants should include a resume and cover letter describing how their background, skills and education match the needs of the University. When applying, please take a moment to carefully read and follow the steps in the application instructions.
Department
Enterprise Technology Services
Position Type
Administrative
Contact Information:
For questions or concerns, please contact Human Resources' Workday Recruiting Support at 973-655-5000 (Option 2), or email talent @montclair.edu .
EEO/AA Statement
Montclair State University is an Equal Opportunity/Affirmative Action institution with a strong commitment to diversity.
Additional information can be found on the website at
www.montclair.edu/human-resources/about-us/eo-aa-and-diversity/
Title IX and 34 C.F.R. 106 Policy
Montclair State is required by Title IX and 34 C.F.R. 106 not to discriminate on the basis of sex or gender, and does not discriminate on the basis of sex or gender in the operation of education programs and activities. The requirement to not discriminate on the basis of sex or gender in the operation of education programs and activities extends to admission and employment. For further details, please visit: https://www.montclair.edu/human-resources/job-seekers/
Company
Montclair State University defines what it means to be a university with a public purpose — one that not only creates transformational opportunities for students, but also partners with communities to make a difference in the lives of others.
Montclair invites students to imagine the world they want to live in and empowers them to develop the skills and knowledge to create it. As a solutions engine, we ask: How can we harness the power of 21,000 students and 1,800 professors to be a force for good in the world?
This distinctive approach continues to attract students, propelling Montclair to become New Jersey’s second largest institution of higher learning, and one of its most diverse. Under President Jonathan Koppell, the University enrolled the largest entering class in the University’s history two years in a row.
Founded in 1908, Montclair has grown big enough to offer more than 300 programs across 13 colleges and schools at all degree levels – and yet, with a student-to-faculty ratio of 17 to 1, is still small enough for students to receive personalized attention from professors and staff who truly care. Students have numerous opportunities to conduct research with professors who are respected leaders in their fields.
More than 50% of Montclair’s students identify as underrepresented minorities. It is New Jersey’s largest Hispanic-Serving Institution, serving more Latinx students than any other university in the state.
Montclair’s highly diverse students thrive in the University’s supportive, welcoming environment. Their graduation rates outperform state and national benchmarks and predictions with U.S. News & World Report ranking Montclair as seventh among national universities in graduation rate performance in 2022. It is consistently recognized as one of the most inclusive and best value universities and ranked No. 21 in the country in social mobility.
Many of Montclair’s students are working and raising families, and the University offers flexible programs that give them the opportunity to learn in ways that work best for them, on campus or online, in real time or asynchronously.
Faculty include winners of a MacArthur fellowship, Fulbright grants and Emmy awards, and NSF, NEH and NIH grants, among many other distinctions. These highly respected researchers, scholars and creators are dedicated to student success, and they are always innovating to meet the needs of learners and of the state. Montclair has launched dozens of new degree and certificate programs, and offers more combined bachelor’s and master’s degree programs than any other university in New Jersey – empowering students to enter the workforce faster, with stronger skills and for less cost.
Montclair’s mission is to elevate its students and partners, and in so doing, help make the world a better place.
At Montclair State, our employees are among our most valuable assets.
When you work at Montclair State, you join a talented, diverse and inclusive community of employees who work together to support the educational mission of the University.
You are part of a leading institution of higher education in New Jersey. Our 11 colleges and schools serve 21,000 students on a beautiful 252-acrea, vibrant suburban campus just 12 miles from New York City.
Dedicated to providing employees with opportunities for professional achievement and development, we take pride in a dynamic workplace environment that respects all employees and encourages excellence.
As a Montclair State University employee, you enjoy access to:
- Comprehensive health, dental and retirement benefits to discounted membership to the campus recreation center and tuition reimbursement
- Policies, programs and services that support our commitment to affirmative action, equal opportunity employment, multicultural diversity and inclusion
- A dynamic, sophisticated and diverse environment
- Website
- http://www.montclair.edu/
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert