- Entry level
- No Education
- Salary to negotiate
Chief Info Security Officer-Exec Mgt
Job no: 625685
Work type: Executive Management
Major Administrative Unit / College: Information Technology Services
Department: It Services Security 40000819
Salary: Salary Commensurate with Experience
Location: East Lansing
Categories: Non-Union, Full Time (90-100%), Executive Management, Information Technology
Position SummaryMichigan State University (MSU) Information Technology provides primary leadership for strategic, financial, and policy initiatives affecting information technology (IT) across the university. We offer technology resources that support MSU's mission of providing education, conducting research, and advancing engagement.
Under the general direction of the Senior Vice President and Chief Information Officer (CIO) for Information Technology Services, the Chief Information Security Officer (CISO) is responsible for MSU's total information security needs and the development and delivery of a comprehensive information security strategy and privacy program to ensure university information assets are adequately protected.
The CISO is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the university. The MSU CISO will work with key IT offices, data custodians, governance groups, and stakeholders in the development of security and application policies and best practices; oversees the effective dissemination of policies, standards, and procedures to the university community; establishes annual and long-range security and compliance goals; defines security strategies, metrics, reporting mechanisms, and services for continual program improvements; stays abreast of information security issues and regulatory changes affecting higher education at the state and national level and communicates to the campus community on a regular basis.
The CISO serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of the customer, business partner, employee and business information in compliance with the organization's information security policies. A key element of this role is working with executive management to determine acceptable levels of risk for the organization. The CISO must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
The ideal candidate is a thought leader, a consensus builder, and an integrator of people and processes. As the leader of the security program, the CISO must also be able to coordinate disparate drivers and constraints, while maintaining objectivity and an understanding that security is a major contributor to the universities' business's activities, and must align and support the university's ability to deliver its goals and objectives.
Minimum RequirementsKnowledge equivalent to that which normally would be acquired by completing a four year college degree program; five to eight years of related progressively more
responsible or expansive work experience in project management, application design and programming, data center operations, system
programming, database administration, office automation, production analysis, client computing, consulting services, financial management,
long range planning, data security, educational technology, and/or management; or an equivalent combination of education and experience.
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information
Security Manager (CISM), Certified Information Systems Auditor (CISA} or other similar credentials.
Desired Qualifications• 8 to 10 years of experience in a combination of risk management, information security and
IT jobs. At least four must be in a senior leadership role. Employment history must demonstrate increasing
levels of responsibility.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to
communicate security and risk-related concepts to technical and nontechnical audiences.
• Proven track record and experience in developing information security policies and procedures, as well as
successfully executing programs that meet the objectives of excellence in a dynamic environment.
• Must be a critical thinker, with strong problem-solving skills.
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the
ability to work well in a demanding, dynamic environment and meet overall objectives.
• Project management skills: financial/budget management, scheduling and resource management.
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
Required Application MaterialsCV and 3 letters of reference knowledgeable of your work
Review of Applications Begins On12/16/2019
MSU StatementMichigan State University has been advancing the common good with uncommon will for more than 160 years. One of the top research universities in the world, MSU pushes the boundaries of discovery and forges enduring partnerships to solve the most pressing global challenges while providing life-changing opportunities to a diverse and inclusive academic community through more than 200 programs of study in 17 degree-granting colleges.
Advertised: Dec 2, 2019 Eastern Standard Time
Applications close: Dec 1, 2021 Eastern Standard Time
- ms project