Director of Information Security Operations - University Information Services

Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.

Requirements

Director of Information Security Operations - University Information Services

The Director of Information Security Operations serves as the expert on cybersecurity protection, detection, response, and recovery. S/he manages a unified incident command structure during UIS incidents in coordination with the Networking/Operations divisions; develops strategies and plans, in concert with GU's Business Continuity Plans, to provide for timely business resumption in the event a serious disruption; and plans and develops budgets and advocates for the resources required to protect the University's computers, networks, data, and workstations. Reporting to the Chief Information Security Officer, the Director has duties that include but are not limited to:

Evaluation/Assessment

Assesses the security of GU's computers, networks, and data, as well as that of personal workstations that access and/or store data.

Reviews existing security mechanisms.

Maintains regular contact with Local Information Security Personnel and department liaisons to advocate and enforce "best practices" regarding security of data and systems.

Directs efforts for including data security safeguards at the development stages of new automated information systems.

Recommends and enforces the implementation of security practices and procedures.

Oversight

Works with UIS Management, the University Audit Office, Georgetown University Police Department investigators, University Counsel, other high-level university representatives, and local information security personnel to establish, implement and maintain an information security program that supports the academic and administrative use of information technologies in a distributed environment.

Exercises leadership regarding the formation and promulgation of campus-wide standards for security; and reviews relevant policies and procedures in the context of these standards.

Coordinates the selection, installation, implementation, testing, and administration of information security software packages that will protect and monitor the integrity of data, application programs, computer operating systems, and communications networks.

Security Incidents, Emergencies and Other Legal Process

Develops procedures to handle routine and crisis situations, including both operational, day-to-day ‘Incident' response activities as well as unique, critical emergencies.

Organizes a task force when necessary and acts as technical lead in investigations.

As necessary, works with campus security and safety personnel and law enforcement agencies to investigate security breaches.

Education

Promotes security awareness to administrators, department heads and groups representing students, especially in regard to local, state, and federal regulatory conditions and changes affecting the University.

Advises senior university representatives with timely intelligence on security issues and/or events.

Maintains regular contact with the GU Police Department Investigators and Legal Counsel to advise and train on technical aspects of security.

Oversees the periodic reviews of existing security awareness programs to ensure desired effectiveness.

Sponsors and conducts security lectures and training programs for the purpose of raising the awareness of responsibility by clients to safeguard data entrusted to them.

Writes position papers pertaining to data security.

Planning

Consults with the University community to learn and understands the spectrum of current and future University security requirements to assist in security needs assessment of data and systems, and to coordinate effective centralized and distributed responses for these needs.

Performs risk analysis of new technologies.

Develops plans and budgets to meet these needs and requirements.

Audit

In conjunction with the Internal and external auditors, performs periodic audits to assure compliance with security policies and standards; and recommends enhancements in such areas as personnel, communication networks, data access, and confidentiality.

In response to any complaints, audits, if needed, individual workstations using established procedures.

Regulatory Currency

In addition to technical system and security developments, keeps abreast of changes to existing and proposed local and federal legislation and regulatory laws pertaining to information system security and privacy.

Keeps management aware of the regulatory changes that will affect information privacy, information processing and/or security standards and techniques.

Requirements

Bachelor's degree or equivalent with relevant course work in computing, information technologies or related field(s)

5 to 10 years of experience in the computer field, with experience in computer systems and security (Master's degree may substitute for experience)

Professional security certification

Knowledge of audit procedures

Supervisory experience

Knowledge of budget preparation, oversight, and management

Extensive UNIX systems administration skills and a thorough understanding of wired and wireless IP networking

In-depth knowledge of operating systems, such as HP Unix, Linux, Mac and Microsoft Windows environments

In-depth knowledge of security policies and procedures and network systems appropriate to large-scale installations in university environments

Excellent interpersonal, communications, collaborative, and negotiating skills

Understanding and experience implementing technical security controls on a network. Implementing operational measures against the NIST CSF (Identify, Protect, Detect, Respond, Recover)

Experience implementing technical controls, such as firewalls, data leakage protection systems, patching, encryption, vulnerability scanning, and pen testing, among other tactics

Ability to monitor and troubleshoot all security operations and infrastructure

Ability to provide maintenance of all security tools and technology

Understanding of security architecture and how it interfaces with security network operations.

Familiarity with diverse, distributed computing environment (BYOD endpoints, non-centrally managed technology assets)

Availability and willingness to work hours outside the usual business hours of Georgetown University and to carry and use a University-issued cell phone

Preferred qualifications

Master's degree

Experience in higher education

Familiarity with local, state, and federal regulations

Current Georgetown Employees:
If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.

Submission Guidelines:
Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.

Need Assistance:
If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or ideaa@georgetown.edu.

Need some assistance with the application process? Please call 202-687-2500. For more information about the suite of benefits, professional development and community involvement opportunities that make up Georgetown's commitment to its employees, please visit the Georgetown Works website.

EEO Statement:
Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.

Georgetown University is one of the world's leading academic and research institutions, offering a unique educational experience that prepares the next generation of global citizens to lead and make a difference in the world. We are a vibrant community of exceptional students, faculty, alumni and professionals dedicated to real-world applications of our research, scholarship, faith and service.

Established in 1789, Georgetown is the nation's oldest Catholic and Jesuit University. Drawing upon the 450-year-old legacy of Jesuit education, we provide students with a world-class learning experience focused on educating the whole person through exposure to different faiths, cultures and beliefs. Students are challenged to engage in the world and become men and women in the service of others, especially the most vulnerable and disadvantaged members of the community.

These values are at the core of Georgetown's identity, binding members of the community across diverse backgrounds.

To apply, visit: https://georgetown.wd1.myworkdayjobs.com/Georgetown_Admin_Careers/job/Harris-Building/Director-of-Information-Security-Operations_JR03783





Copyright ©2017 Jobelephant.com Inc. All rights reserved.

Posted by the FREE value-added recruitment advertising agency

jeid-97539f904e79463f9f859fd67ddcec7a