USACares Jobs

Job Information

Cochise College Chief Information Security Officer in Sierraista, Arizona

This job was posted by : For more information, please see: Position Summary: The Chief Information Security Officer (CISO) is responsible for the development, implementation and maintenance of the college's information security program, facilitating information security compliance, advising senior leadership on security direction and resource investments, and establishing and implementing appropriate policies to manage information security risk.Essential Functions: As defined under the Americans with Disabilities Act, may include any of the following tasks, knowledge, skills, and other characteristics. This list is ILLUSTRATIVE ONLY, and is not a comprehensive listing of all functions and tasks performed by incumbents of this class.Note: Cochise College requires a post offer, pre-employment background screening of all employees. This position is open until filled with priority to applications received by May 29, 2020. Duties and Responsibilities:Duties and Responsibilities: Within the scope of college policies and procedures, this position:Responsible for the strategic and tactical leadership of the college's information security programManages college-wide information security governance processes, serves as chair of the Information Security Team, leads the establishment of an information security office, manages project priorities related to information security, and serves as primary lead for information security incident responseEstablishes annual and long-range information security and compliance goals, defines information security strategies, metrics, reporting mechanisms and program services; and creates maturity models and a roadmap for continual program improvementsLeads the development and implementation of effective policies and practices to secure protected and sensitive data and ensures information security and compliance with relevant compliance laws, regulations and related requirementsLeads efforts to internally assess, evaluate, and make recommendations to senior administration regarding the adequacy of the security controls for the colleges information and technology systemsOversees internal technology audits and works with government audit agencies, and outside consultants as appropriate on required information security assessments and auditsCoordinates and tracks all information security related audits including scope of audits, colleges/units involved, timelines, auditing agencies and outcomes, and provides guidance, evaluation and advocacy on audit responsesWorks with college leadership to build a cohesive information security and compliance programs for the college to effectively address state and federal statutory and regulatory requirementsStays informed of information security issues and regulatory changes affecting higher education at the state and national level, participates in national policy and practice discussions, and communicates to college leadership on a regular basis regarding topics. Engages in professional development to maintain continual growth in professional skills and knowledge essential to the positionPerforms other related duties as assigned General Expectations: Employees are expected to accomplish assigned duties in an efficient, effective and competent manner and to strive for improvement and excellence in all work performed. Additionally, employees must understand the comprehensive role of the community college and cooperate and work harmoniously with students, faculty and staff, and the public. Employees will follow all college policies, rules, regulations and guidelines as they relate to this position. Education and Experience; Knowledge, Skills and Abilities:Education and Experience Requirements:Bachelor's degree in information security or a related field from a regionally accredited institution of higher learning recognized by the US Department of Education6 years of related experience in information security or a related fieldPreference may be given to individuals with industry specific certifications, including GIAC/SANS (Global Information Assurance Certification/System Administration, Network, and Security), CISSP (Certified Information Systems Security Professional), CISM/A (Certified Information Security Manager/Auditor), CompTIA Security+, Certified Ethical Hacker, CCSP (Certified Cloud Security Professional) An equivalent combination of education and/or experience from which comparable knowledge, skills and abilities has been achieved may be considered. Knowledge, Skills and Abilities:Knowledge of and ability to follow college policies and proceduresKnowledge of Microsoft Office suiteKnowledge of state and federal information security regulatory requirements (GLBA, FERPA, etc.)Knowledge of IT Security Frameworks (NIST, IHECF, etc.)Skill communicating technical information to non-technical audiences both verbally and in writingSkill in project management, time management, and initiation and execution of tasksSkill in presenting ideas and concepts orally and in writingAbility to communicate effectively, verbally and in writing, and to relate to others in a professional, helpful mannerAbility to assess cybersecurity policies, standards, and procedures for key c