||Chief Information Security Officer
|About the University
||Western Washington University, with over 15,000 students in seven colleges and the graduate school, is nationally recognized for its educational programs, students and faculty. The campus is located in Bellingham, Washington, a coastal community of 83,000 overlooking Bellingham Bay, the San Juan Islands and the North Cascades Mountain range. The city lies 90 miles north of Seattle and 60 miles south of Vancouver, British Columbia. Western is the highest-ranking public, master’s-granting university in the Pacific Northwest, according to the 2017 U.S. News & World Report rankings.
|About the Department
The Information Technology Services department (http://www.wwu.edu/vpit) encompasses three central areas:
- Academic Technology & User Services (ATUS)
ATUS is the face of information technology at Western, providing desktop services and support for teaching and learning.
- Enterprise Application Services (EAS)
EAS is responsible for the implementation, maintenance and evolution of Western's enterprise applications.
- Enterprise Infrastructure Services (EIS)
EIS provides the underlying infrastructure and core information technology services for the university.
Information Technology Services supports the university's mission to bring together individuals of diverse backgrounds and perspectives in an inclusive, student-centered university that develops the potential of learners and the well-being of communities. We encourage applications from women, people of color, people with disabilities, veterans, and other candidates from underrepresented backgrounds and with diverse experiences interested in this opportunity.
|About the Position
As our Chief Information Security Officer (CISO), you will play a unique and crucial role in serving the university's increasing information security needs in the years ahead. You will report to the Vice Provost for Information Technology/CIO and also supervise the existing Information Security Officer position.
Your responsibilities will include:
- Coordination of the University's information security program:
- Under the general direction of the VPIT/CIO, coordinate the development, implementation, and maintenance of the University's information security program
- In collaboration with the University community, assume overall responsibility for developing and maintaining the campus information security roadmap for ensuring the security of technology services, computer systems, data networks and data
- Establish and maintain information security programs, including: policy, practices, and standards; awareness and training; incident response and management; IT risk management; and relevant IT architecture
- Managing the information security team:
- Direct and manage the information security team comprised of one full-time security professional
- Provide vision and direction to the information security team
- Ensure the delivery of a suite of high-quality information security services to the University
- Develop and implement appropriate professional training programs for the team
- Maintain the appropriate knowledge, skills and abilities for the position
- Provide information security leadership:
- Participate in strategic planning and development of goals and objectives, with special attention to providing leadership for those related to information security
- Serve as primary ITS contact for information technology security incidents affecting the institution
- Serve as security liaison:
- Serve as liaison to federal, state, local and professional organziations
- Serve as primary contact for information security vendors and contractors
- Bachelor's degree from an accredited college or university, especially in computer science, management information systems, information security, business or public administration
- Eight or more years of experience in the Information Technology field with direct experience in the specific technical areas of systems administration, applications development, database administration, network operations and/or data center operations
- Six or more years of experience in the information security field
- Ability to work with sensitive/confidential information and to handle such information as required by federal and state law, and Western regulations/policies
- Experience presenting complex security concepts to a variety of audiences or groups (e.g. end-user training, security conference presentations, executive-level briefings)
- Successful pass of a criminal background check
- Intellectual curiosity and a drive for excellence
- Ability to work in a collaborative, technical, team-driven environment
- Excellent written and verbal communication skills (demonstrated)
- Proven team leadership and management skills
- Project planning/management experience
- Experience with evolving information security technologies and approaches
- Ability to work in a fast-paced, production environment
- Willingness and ability to provide off-hours support
- Experience in and/or a commitment to cultivating learning environments that are equitable and inclusive of IT users with diverse social identities and backgrounds
- Master's degree from an accredited college or university
- Experience working in a large enterprise IT environment
- Experience managing both locally hosted and remotely/cloud-hosted systems
- Experience with virtualization technologies, such as VMware ESX, Microsfot Hyper-V, Xen, KVM, etc.
- GIAC/GSEC, CISM, CISSP, etc. certification
- Experience with SaaS, IaaS, and/or PaaS; identity and access management solutions; IDS/IPS and firewalls; SAML, SSO, or authentication protocols
- Knowledge and experience with cryptography and associated best practices
- Knowledge of information security standards; and federal, state, and local regulations including PCI, FERPA, HIPAA, and NIST 800
- Experience working in higher education
||$125,000 - $143,000 depending on qualifications and experience
Required application materials:
- Cover letter addressing the required and preferred qualifications
- Names and contact information for three professional references
- Provide specific reference to the diversity requirement for this position. Please address your experience in and/or a commitment to cultivating learning environments that are equitable and inclusive of IT users with diverse social identities and backgrounds. You may address the diversity requirement in your cover letter or resume, or in a separate statement regarding diversity.
|Closing Date Notes
||Application review begins February 26, 2018; position is open until filled