Skip to main content

Information Security Officer

Employer
Christopher Newport University
Location
Newport News, VA
View more categoriesView less categories
Administrative Jobs
Institutional & Business Affairs, Safety & Security
Employment Type
Full Time
Institution Type
Four-Year Institution
Working Title:

Information Security Officer

Position Number:

FA388

FLSA:

Exempt

Appointment Type:

Full Time

Sensitive Position:

Yes

Sensitive Position Statement:

A sensitive position requires a fingerprint-based criminal history check. This is a sensitive position.

Campus Security Authority:

Yes

Campus Security Authority Statement:

This position is designated as a Campus Security Authority. A Campus Security Authority (or CSA) is defined as an “official of the institution with significant responsibility for student and campus activities”. A CSA is required to immediately report any crime that is reported to them to the University Police who will then review, evaluate, and investigate the reported crime. Annual training is required by the Department of Education for all personnel who have been designated as a Campus Security Authority.

Designated Personnel:

Yes

Designated Personnel Statement:

This position is a “designated position” meaning this position could potentially be required to work (depending on the event) during an emergency closing.

Statement of Economic Interest:

No

Statement of Economic Interest Statement:

This does NOT require a Statement of Personal Economic Interest.


Restricted Position:

No

Restricted Position Statement:

A restricted position would be subject to availability of funding. This is NOT a restricted position.

Chief Objective of Position:

Christopher Newport University’s Information Security Officer (ISO) serves as the leader of the University’s information security program for the information technology enterprise. Working closely with the leadership of Information Technology Services (ITS) and campus stakeholders, the ISO is responsible for ensuring the operational security and compliance of the university’s technology services. The ISO is responsible for building a proactive and agile security program, identifying cyber threats and risks, mitigating and/or resolving vulnerabilities, and engaging with the Christopher Newport community for cybersecurity best practices in the use and administration of information technology resources.

Work Tasks:

  • Program Leadership
    • Leads Information Technology cybersecurity program in support of academic, research, and administrative information systems and technology.
    • Manages Christopher Newport’s information security team including hiring, training, developing, and evaluating all staff and student workers.
  • Policy, Compliance and Audit
    • Develops and maintains cybersecurity policies and standards for university information technology infrastructure and data.
    • Implements and maintains one or more risk management frameworks in order to protect all information technology infrastructure and assets from external and internal threats.
    • Serves as the University’s GLBA qualified individual and, as such, fulfills responsibilities required of the GLBA qualified individual.
    • Ensures CNU cybersecurity compliance and serves as a key point of contact with university affiliated audit and compliance personnel.
    • Maintains and reviews commercial, governmental, and academic IT policies, standards and guidelines, ensuring the University follows established best practices.
  • Security Awareness and Training
    • Oversees the information security training program for University employees, and manages ongoing security awareness and role-based security training for faculty, staff, and students.
  • Risk Management, Security Operations, Projects, and Incident Response
    • Manages IT security operations, overseeing cybersecurity monitoring, detection, and management platforms. Identifies risks and vulnerabilities; engaging with stakeholders in security responses.
    • Participates in the University Change Management process and evaluates changes for security risks.
    • Engages with the university’s research stakeholders, ensuring research computing and data is appropriately secured.
    • Assists in the development of a comprehensive continuity of operations and disaster recovery plans.
    • Manages crisis situations, which may involve complex information security issues and leads events through completion including overseeing and reporting all forensic activity.
  • Develop and maintain very positive and professional customer service and/or relations within the office/department and with all constituencies to include students, faculty, staff, guests, and employees. Demonstrates a positive and professional attitude and treats everyone with dignity and respect. Fully support the “Student’s First” value at CNU and routinely goes the extra mile in providing service.
  • This position is designated as a “responsible employee” who has the authority to redress sexual violence, who has the duty to report incidents of sexual violence or other student misconduct, or who a student could reasonably believe has this authority or duty.
  • Safety issues are reviewed and communicated to ensure a safe and healthy workplace and a reduction in work-related absence.
  • Perform other duties as assigned.

Knowledge, Skills, Abilities (KSA's) related to position:

  • Possesses working knowledge of all areas within IT Services including information security, systems, network infrastructure, identity management, application development, and endpoint security
  • Significant knowledge and awareness of security trends, legislation, and policy applicable for a higher education environment or comparable work environment
  • Comprehensive knowledge of current information security threats, weaknesses and vulnerabilities and good working knowledge of zero-day exploits
  • Ability produce and manage IT security corrective action plans.
  • Demonstrated ability to model professional integrity and behavior
  • Excellent organization and planning skills
  • Superior communication skills, including the ability to write complex technical documentation for varied audiences

Required Education:

Master’s Degree or a Bachelor’s Degree and experience that equates to an advanced degree.

Additional Consideration - Education:

Master’s Degree in Systems, Computer Science, Computer Engineering or a related field, or a Bachelor’s Degree in Information Systems, Computer Science, or Computer Engineering.

Cybersecurity certifications including CISSP, CCSP, CISM, CISA, GSLC, OSCP, or commensurate credentials.

Experience Required:

  • Experience leading, supervising, and facilitating technical security teams
  • Experience building and maintaining information security programs
  • In-depth experience participating in incident response planning and security breach investigations
  • Demonstrated experience delivering security awareness and training programs
  • Experience evaluating, administering and executing enterprise security programs

Additional Consideration - Experience:

  • Experience leading, supervising, and facilitating higher education technical security teams
  • Familiarity with continuity of operations, business impact analysis, disaster recovery, and risk management frameworks
  • Experience serving as incident commander during information security incidents
  • Experience developing and mentoring cybersecurity personnel

Salary Information:

Starting at $114,000, commensurate with education and experience.

CNU Information:

Christopher Newport University is anchored in excellence, and that is reflected in our ranking as the #1 regional public university in Virginia and #3 among regional public universities in the South. We are an inclusive and kind community, founded on our shared values of honor, scholarship, service and leadership. We offer an outstanding liberal arts education provided by dedicated, gifted teacher-scholars who are supported by a compassionate team of faculty and staff. Our 4,500 undergraduate and graduate students pursue more than 90 areas of study, as they live and learn on a largely residential campus. CNU’s on-campus performing and visual arts centers offer Broadway shows, world-class performances, engaging exhibitions, transformative lectures and classes, and more. Our athletics program is the winningest at any level in Virginia.

Christopher Newport University is in the heart of Newport News, a vibrant city with breathtaking scenery and unique experiences. The city and region offer affordable neighborhoods, local and name-brand shops, diverse dining options, local parks and water access, and fun recreational opportunities. Whatever your interests and goals, you belong at CNU! For further details and information about Christopher Newport, visit cnu.edu.

Posting Number:

AP372P

Number of Vacancies:

1

Posting Date:

11/18/2024

Review Begin Date:

01/06/2025

Application Instructions:

Interested parties are requested to submit a cover letter; current resume; and the names, addresses, and telephone numbers of at least three professional references at the time of application.

This position will be posted until filled, however for priority consideration, please apply by January 6, 2025.

Search finalists are required to complete a CNU sponsored background check.

Christopher Newport University (CNU) will make a reasonable effort to accommodate persons with disabilities in the application and/or interview process. Persons with disabilities who require accommodation should contact the CNU Human Resources Office by calling (757) 594-7145.

Quick Link for Internal Postings:

https://jobs.cnu.edu/postings/18452

EEO/Diversity Statement(s):

Christopher Newport University, an EO Employer, is fully Committed to Access and Opportunity.

Notice of Non-Discrimination & Title IX Policy Statement

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert