Chief Information Security Officer

Company: Austin Community College
Location: Austin
Posted on: January 23, 2025

Job Description:

Chief Information Security OfficerChief Information Security OfficerApply locations Highland Business Center time type Full time posted on Posted 10 Days Ago time left to apply End Date: February 9, 2025 (27 days left to apply) job requisition id R-5933Job Posting Closing Times: Job postings are removed from advertising at 12:00 A.M. on the closing date e.g., at midnight on the day before the closing date.If you are a current Austin Community College employee, please click this link to apply through your Workday account.Austin Community College is a public two-year institution that serves a multicultural population of approximately 41,000 credit students each Fall and Spring semester. We embrace our identity as a community college, as reflected in our mission statement. We promote student success and community development by providing affordable access, through traditional and distance learning modes, to higher education and workforce training, including appropriate applied baccalaureate degrees, in our service area.As a community college committed to our mission, we seek to recruit and retain a workforce that:

• Values intellectual curiosity and innovative teaching
• Is attracted by the college's mission to promote equitable access to educational opportunities
• Cares about student success and collaborates on strategies to facilitate success for populations including; first generation college students, low-income students, and students from underserved communities.
• Focused on student academic achievement and postgraduate outcomes
• Welcomes difference and models respectful interaction with others
• Engages with the community both within and outside of ACCJob Posting Title: Chief Information Security OfficerJob Description Summary: Reporting to the CIO, the Chief Information Security Officer (CISO) is a key role on the leadership team of the college's IT department. This position is responsible for the security of the college's data and information assets, including all student, financial and employee datasets. This role has purview over the operational day-to-day measures used to secure the college's data, applications and infrastructure. This role also owns the strategic initiatives undertaken to continually enhance the college's information security posture.The CISO will be responsible and accountable for the successful implementation of well-defined security related projects, and the college's operational practices related to information security.Job Description:Description of Duties and Tasks
  • Leading and successfully completing projects aimed at improving the college's security posture with minimal supervision.
  • Building out and maintaining an information security team that is able to satisfy the cybersecurity needs of the college.
  • Mitigating risks associated with data breaches and data leaks.
  • Establishing, maintaining and continuously testing infrastructure aimed at operational recovery from outages related to cybersecurity incidents.
  • Continual testing of the college's environment for security vulnerabilities.
  • Staying current on risks and trends in the world of cybersecurity and reporting on such to the college's leadership team.
  • Providing overall day-to-day direction to a team of information security professionals and 3rd party providers.
  • Contributing to the development of the college's technology roadmap.
  • Partnering with peers, both within and outside of the IT department to accomplish shared goals.
  • Defining goals for the teams reporting to the CISO based on the goals of the broader IT organization.
  • Ensuring team goals are met and work is successfully completed.
  • Defining the operating model for the information security team using the ITIL framework and ITSM tools.
  • Reporting data in various formats showing the performance of the information security team and making recommendations for changes/improvements as needed to enhance performance.
  • Providing leadership and coaching for InfoSec team members as needed.
  • Establishing and managing relationships with 3rd party product and service providers as needed to accomplish defined goals.
  • Acting as technical sponsor for all projects within your areas of responsibility.
  • Ensuring information security project requirements, scope, budgets and timelines are well-defined.
  • Ensuring security projects are well-managed and are being executed as per established expectations.
  • Administrative aspects of people management for the InfoSec team.
  • Managing the operating budget for the InfoSec team as well as budgets for cybersecurity related projects.
  • Establishing and/or maturing formal standards and practices in the following areas:
  • Identity & Access Management (IAM)
  • Secure data capture
  • Secure data storage, transfer and retrieval
  • Data security policy development, training and risk management
  • Other related duties as assigned.Knowledge
    • Strong working knowledge of various data security frameworks, including NIST, ISO and SOC.
    • Working knowledge of a wide range of technologies and best practices in securing them.
    • Expert knowledge of the key concepts in user and identity access management.
    • Working knowledge of security governance risk and compliance (GRC).
    • Working knowledge of the concepts of data privacy regulations, including FERPA requirements or similar regulated data classifications.
    • Knowledge of best practices in security training and awareness.
    • Strong knowledge of tools and techniques for data security and data recovery.
    • Working knowledge of technology budget planning and budget management concepts.
    • Knowledge of standard accounting practices.
    • Knowledge of formal PMI-based project management practices.
    • Knowledge of ITIL-based IT Service Management (ITSM) concepts.Skills
      • Extremely strong people management skills are required.
      • Demonstrated expertise in IT project planning, development and implementation.
      • Highly skilled at vulnerability assessment, testing and reporting.
      • Managing external partners in the completion of project work as well as outsourced operational work.
      • Strong business and financial acumen.
      • Demonstrated expertise is various aspects of data security.
      • Excellent analytical, conceptual thinking and strategic planning skills.
      • Influencing skill, including the ability to show the business value of technical initiatives.
      • Excellent presentation skills.
      • Must be a self-starter who can operate with minimal direction.
      • Maintaining an established work schedule.
      • Effectively using interpersonal and communications skills.
      • Effectively using organizational and planning skills with attention to detail and follow-through.
      • Maintaining confidentiality of work-related information and materials.
      • Establishing and maintaining effective working relationships.Required Work Experience
        • Five years of experience in Information Security roles of progressively increasing responsibility.
        • Five years of related work experience leading a Cybersecurity organization.
        • Five years experience in a technology leadership role where both project and operational budgeting was a key component of the job.Preferred Work Experience
          • Fifteen years of experience in IT roles of progressively increasing responsibility.
          • Seven years of related work experience leading Cybersecurity teams.
          • Five years experience leading a security team in a highly regulated industry.Required Education
            • Bachelor's degree in a technology or Business related field of study.
            • Experience cannot be substituted for required, applicable educational level.Special Requirements
              • Valid Texas Driver's License and reliable transportation for travel in the Austin area as required.Other Preferred Qualifications
                • Certified Information Systems Security Professional (CISSP) certification.
                • ITIL Foundation-level certification or above.
                • Unexpired PMP or equivalent PMI-based Project Management certification.Physical Requirements
                  • Work is performed in a standard office or similar environment.
                  • Subject to standing, walking, sitting, bending, reaching, pushing, and pulling.
                  • Occasional lifting of objects up to 10 pounds.Safety
                    • Supervise safe operation of unit. Facilitate safety inspections. Take reasonable and prudent actions to eliminate identified hazards.Number of Openings: 1Job Posting Close Date: February 9, 2025Clery ActAs required by the US Department of Education, employees are required to report violations under Title IX and, under the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act (Clery Act), select individuals are required to report crimes.DisclaimerThe above description is an overview of the job. It is not intended to be an all-inclusive list of duties and responsibilities of the job, nor is it an all-inclusive list of the skills and abilities required to do the job.
                      #J-18808-Ljbffr

Keywords: Austin Community College, Austin , Chief Information Security Officer, Executive , Austin, Texas