Chief Information Security Officer
Open Date: 10/29/2018
Date Initial Screening Begins:
Minimum Education/Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Technology or a closely related field with 3 years of experience managing a comprehensive information security program or a Master's degree and 1 year of experience.
Special Instructions to Applicant: East Carolina University requires applicants to submit a candidate profile online in order to be considered for the position. Candidates must also submit a cover letter, resume and a list of three references, including contact information, online.
Job Duties: The Chief Information Security Officer (CISO) reports to the University Chief Information Officer and serves as a senior advisor to executive leadership on information security vision, strategy and direction. The CISO works collaboratively with all university divisions and partners (e.g., Academic Affairs, Administrative Affairs, Health Sciences, Research, Athletics, partner health service organizations, etc.) to establish information security and IT risk management functions that support the University in fulfilling its strategic goals, business obligations and compliance requirements. The CISO manages the University Information Security Program, which is composed of policies, processes and employee responsibilities. The Program provides administrative structure and direction to departmental heads and university administrators on protecting the information under their care. The CISO also manages the University's Information Security Awareness Program, which delivers educational activities and resources to the ECU community to develop campus awareness of current best practices in information security. The CISO coordinates the University IT Risk Management Program and advises university leadership on the identification and understanding of information and IT-related risks. The CISO oversees the University's response to and reporting of information security incidents, and provides guidance to incident investigations where appropriate. The CISO also leads or contributes to compliance projects as assigned, such as for federal, international and state laws, as well as for contracts and other external requirements relevant to the handling of university information. The CISO serves as the University point of contact for information security related requests from federal and state agencies, state auditors, and other external entities. The CISO collaborates with peers at UNC institutions as well as universities across the country to research, identify, and share solutions to common information security issues. The CISO is the official UNC Systems Information Technology Security Council (ITSC) representative for the University. The CISO supervises the Information Security team, directs team projects and budget, and supports the implementation of CIO strategies and directives.