INFORMATION SECURITY OFFICER
YesHours of Work:
8:00 AM - 5:00 PM M-FPosting Number:
TSU202326Official TSU Title:
INFORMATION SECURITY OFFICERGrant Title:
N/AJob Description Summary / TWC Summary:
Under general supervision serves as the Information Security Officer for Texas Southern University as prescribed by state policy. Plans, coordinates and implements security measures to safeguard information resources. Reviews violations of computer security procedures and coordinates with appropriate authorities to avoid repeat violations. Develops and coordinates the implementation and testing of plans to continue or restore data processing activities in case of disaster. Coordinates with users to establish priority activities according to the important of business. Serves as the institutions Information Security Officer responsible for determining enterprise information security policy and strategy. Oversees the development, implementation, and enforcement of information security standards and procedures. Ensures that all information systems are functional correctly regarding secure policy. In charge of IT risk evaluations, audits, and security incident investigation. Reports relevant information and data regarding information security to the state and oversight agencies.Essential Duties Summary:
•Develops, implements and maintains the university risk management and disaster recovery programs for Information Technology, including managing the periodic testing of the disaster recovery plan designed to protect against the potential effects of disaster.
•Identifies vulnerabilities that may cause inappropriate or accidental access, disclosure, modification or destruction of information; establishes security controls to eliminate or minimize their potential effects.
•Ensures the university critical or sensitive information resources are identified, all information resources are assigned ownership, and that the duties of owners are prescribed.
•Serves as the university’s internal and external point of contact for information security matters, and keeps management aware of legal and regulatory changes affecting information security, privacy and computer crime.
•Manages the development, implementation and testing of security controls and methods; directs efforts for including safeguards in the development or acquisition of automated information systems.
•Ensures user lists are current and auditable; oversees procedures for password control; reports to management on university’s security posture, including problem areas and recommended improvements.
•Ensures proper backup procedures are established and followed; establishes procedures to monitor and ensure compliance with established security and risk management policies and procedures.
•Serves as a liaison with the Texas Department of Information Resources and other relevant oversight agencies, and provides required reporting.
•Coordinates with Internal Audit to develop effective automated information systems relative to information security and risk management.
•Monitors information security controls and protocols and ensures adherence to regulatory and statutory requirements aligned with standardized security frameworks.
•Coordinates with programming and technical managers on matters related to the planning, development, implementation or modification of information security risk management policies and procedures.
•Establishes training programs to ensure that staff are educated and aware of their roles and responsibilities in regards to information security and risk management.
•Performs other job-related duties as assigned.
$84,429.00 - $105,536.00Education:
Bachelor’s degree (B.A. or B.S.) or higher in Information Technology, Business or closely related field.Required Licensing/Certification:
Certification as a Certified Information Security Service Professional (CISSP) is required. Certification(s) as follows: Certification Information Security Auditor (CISA); Certified information Security Manager (CISM); Cisco Certified Network Professional (CCNP); Cisco Certified Network Associate – Security (CCNA) preferred.Knowledge, Skills, and Abilities:
•Federal, State, Local, and County laws.
•Policies, procedures, and practices.
•Banner and other Oracle based ERP systems.
•Microsoft Office Professional or similar application.
•Effective customer service.
•Problem-solving and decision-making.
•Multitasking and time management.
•Both verbal and written communication.
•Prepare detailed reports.
•Prepare accurate data.
•Use Banner or similar data base.
Seven (7) to nine (9) years of directly related experience.Working/Environmental Conditions:
Routine office environment.
Sitting or standing in one location much of the time.
Some stooping, lifting or carrying objects light weight may be required.
Use of video display terminal.
It is the policy of Texas Southern University to provide a work environment that is free from discrimination for all persons regardless of race, color, religion, sex, age, national origin, individuals with disability, sexual orientation, or protected veteran status in its programs, activities, admissions or employment policies. This policy of equal opportunity is strictly observed in all University employment-related activities such as advertising, recruiting, interviewing, testing, employment training, compensation, promotion, termination, and employment benefits. This policy expressly prohibits harassment and discrimination in employment based on race, color, religion, gender, gender identity, genetic history, national origin, individuals with disability, age, citizenship status, or protected veteran status. This policy shall be adhered to in accordance with the provisions of all applicable federal, state and local laws, including, but not limited to, Title VII of the Civil Rights Act.
YesSpecial Instructions to Applicants:
Open to all applicants.