Chief Information Security Officer

Job description

Job no: 500155
Work type: Management (MPP)
Location: San Diego
Categories: MPP, At-Will, Full Time, Information Systems & Technology

Position SummaryThe mission of the IT Division is to develop the long-term infrastructure, services, and strategy necessary to support the University’s mission of learning, discovery, and engagement. The IT Division has the stewardship responsibility for core IT assets on campus and the obligation to provide the services, training, and community building necessary to realize the benefits of those investments across the San Diego State University community.The Chief Information Security Officer reports directly to the Vice President & CIO providing leadership, management, and planning of all information, security functions. This position is responsible, under the general direction of the Vice President & CIO, for leading security efforts including development of policy and procedures, incident response, implementation and ongoing operational support of enterprise security services, technical consultation, and educational outreach to ensure the confidentiality, integrity, and availability of the University’s computing and information resources. This position is accountable for the Information Security Group budget and staff including budgeting, employee development, and long-term planning.For more information regarding Information Technology, click here.This is a full-time (1.0 time-base), benefits-eligible, at-will position. This position is designated exempt under FLSA and is not eligible for overtime compensation. Standard SDSU work hours are Monday – Friday, 8:00 a.m. to 4:30 p.m., but may vary based on operational needs.Candidate QualificationsSan Diego State University (SDSU) seeks a Chief Information Security Officer (CISO) who is an exceptional leader with a diverse and expansive skillset including extensive knowledge and a comprehensive background in information technology security. This candidate will possess leadership proficiency in cybersecurity to develop long-term vision and strategy, including tactical implementation ability, for information security and compliance. The ideal candidate is an inclusive collaborator and consensus builder who can effectively lead complex change across a diverse and expansive Information Technology (IT) and campus community. The CISO candidate will possess a demonstrated record of experience, qualification, and achievement in such areas as eDiscovery, IT investigations, digital forensics, information privacy, information risk management, identity, and access management, information technology controls for financial and other regulated or other critical core systems, and an understanding of governance risk and compliance (i.e. PCI DSS, HIPAA, SOC2, NIST, ISO 27001 and ISO 27002).The candidate will have a strong record of achievement with a commitment to public service including exposure and understanding of higher education IT environments. The candidate will have a demonstrated high level of personal integrity, with qualities that bring key attributes of communication, flexibility, and partnership into the IT security enterprise. Finally, ideal candidates will show that CISOs are most effective when they bring a sense of partnership to the campus by amplifying their dedication and vision for the organization’s information security environment. They realize that every day may bring new challenges and opportunities, and must effectively communicate important, sometimes critical, and complicated information, to executives and stakeholders alike.Education and ExperienceBachelor’s degree in Information Security, Cyber Security, Computer Science, Information Management Systems or relevant fieldMinimum of 5 years experience progressively responsible experience in Information TechnologyMinimum of 3 years progressively responsible experience in security and privacy best practices and procedures in enterprise level environments including; incident response, security management, knowledge of appropriate information security legislature, and development of training and outreach campaigns to foster securityAdvanced knowledge of Information Technology operating environments including the knowledge of system and network administration, operating systems, and system patch managementProgressive experience in the areas of Personnel, Project, and Budget ManagementExperience with enterprise security tools including data loss prevention, vulnerability management, anti-malware, and intrusion detection and prevention systemsKnowledgeable on NIST Cybersecurity Framework. ISO 27001 and ISO 27002. SOC2 Preferred Qualifications and Specialized SkillsMaster’s degree in relevant fieldCertified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA)Advanced network administration experience including knowledge of network protocols, firewalls, and associated risks Advanced skills and experience with ERP systems, including issues regarding access and authorization, with specific knowledge of Ellucian and Oracle security protocolsStrong experience with Identity Finder, Qualys, Sourcefire, McAfee ePO, and intrusion protection appliances in a higher education environment. Experience working in a higher education information technology environmentCompensation and BenefitsSan Diego State University will offer a competitive salary based on the qualifications and experience of the selected candidate. San Diego State University also offers a rich benefits package that includes:Extensive Leave benefits: 14 paid holidays, 24 vacation days, and 12 sick days per year;Retirement security through a CalPERS defined benefit pension (with CalPERS and UC Retirement Plan reciprocity) and retiree healthcare benefits;An array of health, dental, and vision coverage at no-cost or low-cost to the employee; andCalifornia State University system fee reduction program (fee waiver) for the employee or their qualified dependentSupplemental InformationInitial review of the required application materials, including cover letters and resumes, will begin on May 24, 2021. To receive full consideration, apply by May 23, 2021. The position will remain open until filled.The person holding this position is considered a ‘mandated reporter’ under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment. San Diego State University is not a sponsoring agency for staff or management positions (e.g., H-1B visa). Applicants must currently be authorized to work in the United States on a full-time basis. Offers of employment are contingent upon the presentation of documents that demonstrate a person's identity and authorization to work in the United States, which are consistent with the provisions of the Immigration Reform and Control Act. A background check (including a criminal records check) must be completed satisfactorily before any candidate can be offered a position with the CSU. Failure to satisfactorily complete the background check may affect the application status of applicants or continued employment of current CSU employees who apply for the position.SDSU is a smoke-free campus. For more information, please click here.SDSU is an equal opportunity employer and does not discriminate against persons on the basis of race, religion, national origin, sexual orientation, gender, gender identity and expression, marital status, age, disability, pregnancy, medical condition, or covered veteran status.Applicants with disabilities and applicants who require assistance completing an application may contact Casie Martinez at 619-273-3343 or [email protected]

Advertised: Apr 26, 2021 (9:00 AM) Pacific Daylight Time
Applications close: Open until filled




Diversity Profile: University



View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 4/27/2021
Application Due: 6/26/2021
Work Type: Full Time