Information Security Officer
Under the direction of the CIO: implements agency activities in Information Technology, specifically in the field of Information Security; enforces the organization's security policies and procedures, security awareness program, information security portion of the business continuity and disaster recovery plans and all industry and government compliances issues; and in the design of and development of security procedures to allow the deployment, management, control updating of platform and user specific security policies on a diverse range of internal hardware platforms supporting various software operating systems.
- Assists in the performance of risk assessments and analysis to identify areas of risk and develop security measures and controls for mitigation.
- Assists in the development and implementation of IT system security plans, projects and initiatives.
- Assists in the planning, implementation and coordinating of security measures and controls for information systems to regulate access to computer data and prevent unauthorized modification, destruction, or disclosure of information.
- Monitors use of data files and regulates access to safeguard data in computer files.
- Installs, maintains, and supports information security products/services.
- Works with business owners, IT managers, staff, and vendors to provide timely and efficient IT coordination of security services to meet agency needs.
- May create reports on status of agency information security programs and projects.
- May be required to communicate to senior executives through oral and written reports and presentations.
KNOWLEDGE REQUIRED BY THE POSITION
- Knowledge of current information security technology and software tools.
- Ability to perform information security incident response planning and procedures to include the preservation of electronic evidence to legal standards.
- Ability to apply security architecture to security appliances such as firewalls, host and network intrusion detection to protect IT infrastructure and assets.
- Ability to implement information security disaster recovery and continuity plans.
- Ability to prioritize workload.
- Ability to produce technical writing in information security.
- Knowledge of state and federal regulatory laws and standards for the safeguarding of sensitive information and data.
- Knowledge of federal risk management framework.
The Chief Information Officer (CIO) assigns work in terms of department goals and objectives. The work is reviewed through conferences, reports, and observation of department activities.
Guidelines include USG IT handbook, FVSU Acceptable Use Policy, FVSU Employee handbook, and industry standard security guidelines. These guidelines require judgment, selection, and interpretation in application.
COMPLEXITY/SCOPE OF WORK
- The work consists of varied information security and IT risk management duties.
- The purpose of this position is to develop and enforce IT security policies and procedures. Success in this position helps ensure protection of University information and technology.
- Contacts are typically with system/server administration, network administration, desktop support, distance education, Helpdesk manager, co-workers, various external departments, vendor partners, telecommunications, lab managers, lab assistants, and the FVSU community.
- Contacts are typically to give or exchange information; to provide services; and to resolve problems.
- Training end users will be required from time to time. End users consist of student employees, staff, faculty, and students
PHYSICAL DEMANDS/ WORK ENVIRONMENT
- The work is typically performed while sitting at a desk or table.
- The work is typically performed in an office, library, or computer room.
- The employee occasionally lifts light and heavy objects.
- The work may require early morning, late nights, or weekend work
SUPERVISORY AND MANAGEMENT RESPONSIBILITY
This position has no direct reports at this time, but the position may be responsible for student workers and or Interns.
- Associates Degree from an accredited institute in information technology, computer science, information assurance or a related field
- FOUR years of information technology experience
- Certifications such as A+, NET+
- Bachelor's Degree from an accredited institute in information technology, computer science, information assurance or a related field
- Five years of information technology experience, one of which was in information security or information assurance.
Certifications and Training
The person coming into this position may not have all the preferred qualifications and training. The university will provide training in the following courses and the expectation is that the candidate will be able to attend the training, comprehend the material, pass the certification test, and put that training into use.
The candidate will have to complete the University System of Georgia - InfoSec Awareness Training Courses within six months of hire date.
Additional training one or more of these areas will be required and paid for by the university. Taking the class, passing the certification exam, and maintaining the certification will be the responsibility of the employee.
- Customer service training
- Advanced Security IT training
For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.