Director, Information Security
Reporting to the Vice President for Information Technology, the Director for Information Security is a member of the senior leadership team for Barnard College Information Technology (BCIT). This position plays a key role working with constituents across the college for the development and delivery of a comprehensive information security strategy to optimize the security posture of the college in a matrix security organization.
1. Provide strategic leadership and vision for the college's information security program.
2. Provide guidance and counsel to the Vice President for Information Technology and key members of the college leadership team, working closely with the administration, academic, and the campus community in defining objectives for information security, while building relationships and goodwill.
3. Working in partnership with members of the BCIT leadership team, architect appropriate technological, procedural, and educational/training security practices that result in an appropriate level of information security for Barnard.
4. Partner with all departments across the college to integrate security into operational processes. (e.g., General Counsel, Risk Management, Human Resources, etc.)
5. While there are no direct reports, this person must indirectly manage exempt employees and actively influence (faculty and staff) leadership throughout the college to assure the successful implementation and maintenance of the security program.
6. Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidents that arise.
7. Serve as a liaison to Columbia University IT to ensure collaboration and coordination of security practices.
8. Responsible for relationship building, creative problem solving, and proficient management of projects, resources, and new technologies in a dynamic environment.
9. Foster and strengthen working relationships with the Barnard community, external vendors, and partners.
10. Lead, manage, and ensure communication on cross-functional IT projects to successful completion within a collegial environment.
11. Develop and maintain multiple project plans; define scope and objectives for security initiatives across all relevant IT projects.
12. Keep current on and communicate IT and information security related topics possibly affecting Barnard and ensure technologies used are consistent with the college's IT architecture standards.
13. Contribute to the development and implementation of effective strategies for the utilization of human and technology IT resources and capabilities.
14. Develop and promote an information security awareness culture within IT and the campus as a whole.
15. Deliver timely Information Security Reports to IT senior management.
16. Develop and manage the IT audit program.
17. Other projects and duties as requested by the Vice President for IT.
A Bachelor of Arts or Science degree from accredited college or university.
Eight to ten years of progressive experience with security policy development, security education, cloud and web application security, SAAS solutions, network security, network penetration testing, application vulnerability assessments, risk analysis, and compliance management.
Demonstrable experience managing a comprehensive enterprise-wide information security and IT risk management program to ensure the confidentiality, integrity, and availability of information owned, controlled, or processed by the organization.
Experience with compliance, disaster recovery planning and testing, auditing, risk management, business resumption planning, and contingency planning is important.