Director of Information Security - 501195

Employer
University of Richmond
Location
Richmond, VA

View more

Administrative Jobs
Institutional & Business Affairs, Safety & Security
Employment Type
Full Time
Institution Type
Four-Year Institution

Job Details

Director of Information Security - 501195

SUMMARY:

The Director of Information Security (The Director) has the authority and responsibility to strategically and tactically lead and manage the University’s information security and security risk programs. The Director will develop, review, and implement information security and privacy policies, procedures, and guidelines for the University's information technology (IT) environments. The Director will identify key areas of risk, recommend and implement appropriate security controls and monitoring systems. The Director will be the primary Information Services point of contact for internal and external law enforcement personnel when they are investigating a related case.

**Cover Letter and Resume are required to be fully considered for this opening**

RESPONSIBILITIES

Information Security Leadership

  • Partner with University executive, academic and business units to help them meet security and compliance requirements.
  • Establish and lead an Information Security Committee to develop strategic information security requirements and to implement appropriate preventative and remedial measures to minimize risk.
  • Develop, implement and maintain information security policies, procedures, and guidelines for the university's computing and networking environments. Annually review to assess efficacy and make updates.
  • Independently perform risk assessments and work closely with internal and external auditors to preempt, mitigate, and swiftly respond to audit findings to remediate.
  • Maintain and improve the University’s Cybersecurity Incident Response Program to include policy, procedure, analysis and documentation of incidents as well as conduct periodic incident response training and exercises.
  • Manage information security projects and initiatives for the University by collaborating and communicating in an inclusive manner with key stakeholders and subject-matter experts.
  • Recommend and manage security budgets, projects and systems to ensure adequate resourcing of university information security programs
  • Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.

Information Security Awareness and Training

  • Develop and implement a University-wide information security awareness education and training program for all faculty, staff, and students.
  • Design and deliver security workshops and training.

Information Security Administration

  • Manage the University’s enterprise endpoint protection platform.
  • Manage the University’s vulnerability management program.
  • Manage intrusion detection and response function to include determines rules and alerts.
  • Manage and maintain site security certificates.
  • Coordinate the handling and resolution of security breaches, systems intrusions, and abuse.
  • Respond to requests for information from legal and or law enforcement in a timely, accurate, and confidential manner.
  • Work with the CIO and outside security consulting firms to periodically conduct external assessments of the University’s information security posture.
  • Routinely monitor and audit compliance with all information security procedures and policies to ensure consistency of internal controls across departments.
  • Participate in requests for proposals (RFP) and vendor meetings to evaluate information security needs of new applications and software-as-a-service offerings.
  • Update the technical portion of the annual Payment Card Industry-Data Security Standard (PCI-DSS) assessment for the University.
  • Assess relevant IT purchases to ensure they support security and compliance requirements.
  • Remain current of IT security industry topics and trends including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

QUALIFICATIONS:

  • Thorough knowledge of information security principles and best practices.
  • Working knowledge of key regulations practices including HIPAA, FERPA, GLBA, GDPR, and PCI.
  • Thorough knowledge of networking and distributed computing, routing, n-tier software, web application architectures, and networked file systems.
  • Thorough knowledge of TCP/IP protocols, firewalls, VLANS, intrusion detection, wired and wireless network infrastructure and monitoring.
  • Working knowledge of on-premise, cloud, and mobile computing environments, including Microsoft Windows, Apple Macintosh, Linux, scripting languages, and security best practices.
  • Thorough knowledge and demonstrated ability to perform risk assessments, risk impact analysis, mitigations and contingencies as applied to information security.
  • Experience with and demonstrated ability to perform vulnerability assessments and utilize antivirus tools and platforms, web application firewall, and SIEM tools.
  • Excellent oral and written communication, facilitation, collaboration, and consultation skills.
  • A keen understanding of human based attack surface areas such as social engineering the risks they represent.
  • Ability to influence university members not limited to faculty, staff, university senior leadership, academic leaders, and deans.
  • Demonstrated ability to work collaboratively and to complete tasks and projects working with others across the University at all levels.
  • Ability to use discretion when handling confidential information.
  • Ability to create and implement plans that translate strategic requirements into actionable steps.
  • Demonstrated analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a rapidly changing environment.
  • Ability to present ideas in both business-friendly and IT-friendly language.
  • Highly self-motivated and directed.
  • Keen attention to detail.

EDUCATION & EXPERIENCE:

  • Bachelor’s degree in Information Security, Information Systems, or Computer Science or relevant experience.
  • Certified Information Systems Security Professional (CISSP) or other equivalent certifications preferred.
  • 5+ years information security experience.
  • 1+ years networking experience.
  • 1+ years Windows and/or Linux server administration experience.
  • 1+ years of project management experience preferred.

WORK HOURS:

  • Full-time, exempt position
  • Monday – Friday, 8:30 a.m. - 5:00 p.m.; 7.75 hrs./day; 38.75 hrs./week
  • Must be available to work on an as needed basis during critical times
  • Flexibility to work 3 days on campus and 2 days remote

SALARY STRUCTURE:
Pay Grade 11 (Hiring range $98,709.00 to $135,722.00 annually)

ABOUT UR:

At the University of Richmond, we’re creative, inclusive, and determined. We’re Spiders, and our mission is to create positive change in the UR community and beyond. Located minutes from downtown Richmond, Virginia, the University of Richmond (www.richmond.edu) blends the intimacy of a small college with exceptional academic, research, and cultural opportunities usually found only at large institutions. There’s only one place like Richmond.

UR is committed to developing a diverse faculty, staff and student body, and to modeling an inclusive campus community which values the expression of differences in ways that promote excellence in teaching, learning, personal development and institutional success. In keeping with this commitment, our academic community welcomes candidates from diverse backgrounds and candidates who support diversity. EOE

Organization

Working at University of Richmond

Founded in 1830, the University of Richmond is one of America's premier private universities. The University blends the intimacy of a small college with exceptional academic, research, and cultural opportunities usually found only at large institutions. A nationally ranked liberal arts university, Richmond offers a unique combination of undergraduate and graduate programs through its schools of arts and sciencesbusinessleadership studieslaw, and continuing studies. The 350-acre suburban campus, including a 10-acre lake, is consistently cited by The Princeton Review as one of the most beautiful campuses in the nation.

With approximately 3,000 undergraduate students, Richmond offers 55 majors, 42 minors, and 12 concentrations at the bachelor's level. Graduate students can choose from six master's degrees programs, an MBA program, a juris doctorate, and six dual-degree programs in law. Continuing studies options include programs at the associate, bachelor, and master levels, in addition to numerous non-credit offerings.

Richmond faculty members are outstanding leaders in their fields. Of the 312 full-time faculty at the University, 98 percent hold doctorate or terminal degrees. Richmond has a student-faculty ratio of 9:1, with zero classes taught by teaching assistants. Our faculty members are in the classrooms and the labs, working closely with students to maximize their educational experiences.

U.S. News & World Report ranked Richmond one of the best liberal arts universities in the nation and in the top 35 for undergraduate research. BusinessWeek ranked The Robins School of Business in the top 20 nationally and fourth for academic quality, as well as among the top 15 part-time MBA programs. Kiplinger’s Personal Finance magazine named Richmond in the top 25 for best value among private colleges and universities

As locals like to say, Richmond is "easy to love" because of its rich history, stunning architecture, natural beauty and quality of life. It's been named one of the top cities in which to live and work by numerous national sources, including Forbes magazine. As the capital of Virginia, Richmond is home to the state legislature, a growing number of Fortune 500 companies and industries ranging from finance to agriculture. In fact, Forbes also recently ranked Richmond as the sixth best city to get a job in the U.S. Nearly one million people live in the Greater Richmond region and enjoy an array of cultural opportunities including 35 museums; numerous theatre companies; a symphony, a ballet and an opera; a thriving public forum; three professional, minor-league sports teams; a coliseum for major concerts and sporting events; and much more. Located just 100 miles south of Washington, D.C., Richmond is only 90 minutes from Virginia's beaches and 90 minutes from the spectacular Blue Ridge Mountains.

UR is committed to developing a diverse faculty, staff and student body, and to modeling an inclusive campus community which values the expression of differences in ways that promote excellence in teaching, learning, personal development and institutional success.  In keeping with this commitment, our academic community welcomes candidates from diverse backgrounds and candidates who support diversity. EOE

Find Us
Location
United States

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert