Director of Information Security and Operational Resiliency (DISOR) / Chief Information Security Of
The Director of Information Security and Operational Resiliency (DISOR) reports directly to the Vice President for Information Technology and CIO, and is an integral member of the VPIT / CIO's leadership team. This individual is responsible for identifying, monitoring, and countering threats as well as other risks and exposures that threaten the privacy, confidentiality, operational integrity and high-availability of Stevens' networks, systems, research operations, and information assets. This position has chief institutional responsibility for protecting and maintaining the confidentiality, integrity, and authorized access to Stevens' information assets. The DISOR is the senior institutional position in charge of identifying and responding to events involving information asset misuse, loss or unauthorized disclosure, including incident investigation and forensics. This individual will also play an important role in helping plan, maintain, secure, optimize, expand and protect a growing information technology infrastructure at Stevens Institute of Technology, one of the nation's top 100 universities.
Primary responsibilities include, but are not limited to:
- Proactively and strategically monitor, assess, plan, and maintain a comprehensive, highly-effective operational security and cybersecurity environment including the concomitant technology, intelligence, and human resource components
- Process vulnerability and threat data from a variety of internal and external sources to provide actionable threat intelligence and recommended countermeasures, following Stevens' protocols
- Conduct pro-active exercises and investigations to test for potential vulnerabilities and weaknesses
- Maintain a state of operational readiness concerning business continuity capabilities
- Collaborate with other division professionals to ensure the integrity and resiliency of Stevens' new state-of-the-art Data Center
- Function as the designate of the CIO to support the security requirements of Stevens' research enterprise, including cybersecurity posture and compliance requirements
- Ensure that Stevens' information, technology, and security posture conforms to best practices and advances in the field
- Develop and lead Stevens' incident-response protocol and incident-response team concerning cyber threats, intrusions, countermeasures, and similar factors
- Create education and awareness programs and advise operating units at all levels on security issues and potential risks and vulnerabilities, as well as best practices
- Work collaboratively with Internal Audit, Campus Police, Office of Sponsored Programs, General Counsel, Chief Compliance Officer, and outside consultants as appropriate
- Perform other duties as assigned.
- Bachelor's degree in a major directly related to the responsibilities of the position
- A minimum of 5-7 years of intensive professional experience
- An equivalent combination of training and experience may be considered in lieu of the preceding requirements
- Excellent broad knowledge and experience with information technology generally, and professional mastery in one or more areas directly relevant to the position
- Relevant security certifications appropriate to the position (e.g. CISSP, CISM, CFCE, CISA, GCFA, GCFE, GIAC, GCIH, etc.)
- Knowledge and experience with relevant security management frameworks (e.g. ISO/IEC 27001, ITIL, COBIT, NIST) as well as appropriate laws and regulations (e.g. FERPA, HIPAA, ITAR, PCI, FISMA, etc.)
- The ability to obtain a security clearance
- Excellent interpersonal, written, and oral communication skills and the ability to communicate effectively with both highly technical and non-technical audiences
- Strong self-initiative and the ability to work independently when necessary
- Ability to work effectively as a positive and engaged member of a high-performing / collaborative team of professionals
- Demonstrated ability to handle multiple priorities in a highly dynamic and fast paced environment
- Demonstrated strong analytical, systems thinking, and problem-solving skills
- Demonstrated sound judgement and decision-making commensurate with the responsibilities of the position, and specifically in maintaining a secured enterprise
- The ability to work weekend/off hours as required.
- Strong understanding of the higher education environment, including systems and business processes in academic, administrative, and research functions
- Strong presence in subject area professional and higher education organizations, including presentations and committee participation
- Previous management, staff supervisory, team building, and leadership experience
- Expert knowledge of networking and systems
- Demonstrated advanced knowledge of cybersecurity operations such as attack surface management, security operations center (SOC) operations, intrusion detection / intrusion prevention systems (IDS/IPS), Security Information and Event Management (SIEM) utilization, advanced threats (such as APTs, global DDOS, internal, etc.) and countermeasures.
General Submission Guidelines:
In order to be considered a candidate for any job at Stevens, you must submit an online application. Please attach a cover letter and resume with each application. Other requirements for consideration may depend on the job.
Still Have Questions?
If you have any questions regarding your application, please contact Jobs@Stevens.edu
Stevens Institute of Technology is an Equal Opportunity Employer. Accordingly, Stevens adheres to an employment policy that prohibits discriminatory practices or harassment against candidates or employees based on legally impermissible factor(s) including, but not necessarily limited to, race, color, religion, creed, sex, national origin, nationality, citizenship status, age, ancestry, marital or domestic partnership or civil union status, familial status, affectional or sexual orientation, gender identity or expression, atypical cellular or blood trait, genetic information, pregnancy or pregnancy-related medical conditions, disability, or any protected military or veteran status.
Stevens is building a diverse faculty, staff and student body and strongly encourages applications from female and minority candidates as well as veterans and individuals with disabilities. Stevens is a federal contractor under the Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA) and the Rehabilitation Act of 1973, as well as other federal statutes.