Information Security Officer
UNC Asheville Overview: UNC Asheville is committed to promoting diversity and a work environment that encourages knowledge of, respect for, and the ability to engage with those of other cultures or backgrounds. Staff members are encouraged to take an active role to engage in the institution's efforts in promoting diversity and inclusion throughout the workplace. The successful candidate will be expected to foster an inclusive work culture where uniqueness of beliefs, backgrounds, talents, capabilities and ways of living are respected and welcomed.
Located in the Blue Ridge Mountains in Western North Carolina, UNC Asheville is the designated public liberal arts campus in the University of North Carolina system. UNC Asheville is nationally known for the quality of our student-centered teaching, mentoring of undergraduates in research, interdisciplinary learning, and striving to be an inclusive campus community.
UNC Asheville's commitment to increasing and sustaining the diversity of our faculty, staff, and students is reflected in our strategic plan goals of diversity and inclusion, and social sustainability. (http://www3.unca.edu/spcms3/) Women, traditionally under-represented minorities, and people with disabilities are encouraged to apply.
Title: Information Security Officer
Division: Strategy and Information Analytics
Department: Information Technology Services
Position Summary: The Information Security Officer plays an integral part in the development, implementation, and compliance of technical security across UNC Asheville. The officer is responsible for managing security risks related to information security, business continuity planning, crisis management, privacy, and compliance. In addition, the officer ensures all staff members are trained on enterprise and governmental security requirements through awareness programs.
In conjunction and in collaboration with other ITS systems and applications administrators, this position will assist in conducting network and information systems audits meant to identify, harden, and mitigate against potential and actual security threats in the form of scanning, monitoring, and testing the UNC Asheville network and systems for vulnerabilities. This position shall assist ITS management in ensuring the compliance of University systems to federal, state and local laws, rules and ordinances; will develop controls to enforce IT security policies and compliance; will advise on the development, documentation and maintenance of disaster recovery plans; and may review risk assessments and support cyber incident response plans.
The Information Security Officer should have knowledge and implementation experience of/with security tools including but not limited to: vulnerability scanning, prevention, penetration testing, firewall administration, etc. that are utilized to protect, prevent, and remediate IT security threats.
Position Number: 005068
Months per Year: 12 Months
Full Time/Part_Time: Full-Time
Posting Detail Information
Posting Number: E0188
Required Education/Experience/Skills: Bachelor's degree in Computer Science, Computer Engineering or an Information Security degree or closely related field from an appropriately accredited institution; or Bachelor's degree from an appropriately accredited institution and three years of progressive experience in IT Security or closely related area.
- Bachelor's degree in Computer Science, Computer Engineering, or Information Security: Master's degree preferred
- Professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
- Strong decision-making capabilities, with a proven ability to weigh relative costs/benefits of potential actions and identify most appropriate options
- Experience working in a higher education environment preferred
- Consulting and general industry experience
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the University community
Knowledge Skills and Abilities:
- A proven ability to analyze user department needs, make proactive recommendations to improve existing processes and identify where technology changes may reduce security risks
- Knowledge and experience with the Banner SIS / ERP system, Windows, Linux, Oracle, Microsoft SQL Server, Cisco Networking and Firewalls, and web technologies are preferred
- Knowledge of national and international regulatory compliances and frameworks such as ISO , SOX , GDPR , CCPA , HIPAA , and/or PCI D is preferred
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
- Ability to respond to high pressure dynamic changing environments
- Have the ability to work as a team member and exhibit the ability to advance technical skills
Recruitment Range: $68,000-$81,450
Work Schedule and Hours: Typical office hours are Monday-Friday from 8:00am-5:00pm, additional hours on evenings and weekends as needed to meet the needs of the department and university.
Posting Date: 07/23/2019
Open Until Filled: Yes
Anticipated Start Date:
Special Instructions to the Applicant: This position is considered open until filled. The review of application materials will begin on August 10, 2019, and will continue until the position is filled.
Applications must be submitted online no later than 11:59 p.m. ( EST ) on the closing date for each specific position. Please note that any documents submitted to Human Resources or the hiring departments become property of UNC Asheville and will not be returned.
Official verification from each college/university you have attended are required upon employment, and will be requested directly from the college/university by Human Resources or from the National Student Clearinghouse. Any expense will be the responsibility of the employee. Educational degrees must be from an appropriately accredited institution.
If no applicants apply who meet the required competency and training and experience requirements, management may consider other applicants. Salary would be determined based on competencies, equity, budget, and market considerations.
It is the policy of UNC Asheville to conduct pre-employment background investigations on all candidates selected for employment. If hired, the candidate will be required to submit proof of eligibility to work in the United States. New employees are paid only by direct deposit to the financial institution of their choice.