Information Security Officer
Union College · Schenectady, NY · 3 wk ago
Information Technology$95k–$100k/yrFull-time
Essential Responsibilities and Duties
- Cook up the College’s information security program.
- Set and maintain information security programs in collaboration with the campus community including policy and standards.
- Provide information security awareness and training; incident response and management; risk assessment and management; and relevant IT architecture to ensure the security of all sensitive data collected, processed, stored, and transmitted.
- Develop and maintain the campus information security roadmap for ensuring the security of technology services, computer systems, data networks, and data.
- Conduct and review ongoing vulnerability assessments of IT systems and coordinate periodic information security assessments at an organizational level.
- Develop, maintain, and review security configuration data in security software and/or services.
- Audit firewall rules maintained by the network managed service vendor.
- Inspect system, network log, and event data for integrity and anomalies when necessary.
- Participate in strategic planning and development of goals and objectives.
- Track and implement information security initiatives with ITS staff.
- Facilitate the communication of policies, practices, and awareness to the College community.
- Manage and coordinate incident response procedures to track and address information, system and network security incidents, alleged policy violations, and external requests or complaints.
- Assist in vendor and/or product assessments to evaluate information security risks.
- Perform additional duties as assigned; duties, responsibilities, and activities may change at any time with or without notice.
Qualifications
- Bachelor’s degree or the equivalent in education and experience or a combination of relevant education, training, certifications, and work experience.
- Minimum five years of relevant experience in information security or related field.
- Experience working in higher education preferred.
- Experience presenting complex security concepts to a variety of audiences or groups (e.g. end-user training, security conference presentations, executive-level briefings).
- Familiarity with information security and data breach law, standards; and federal, state, and local regulations including PCI, FERPA, HIPAA, and NIST 800 series.
- Knowledge of network and authentication protocols, encryption types, and information security technologies.
- Experience with data networking, VPN, next-generation firewalls, network access controls, security information and event management (SIEM), authentication protocols, data encryption, and other relevant technologies.
- CISSP, GIAC or similar certification(s) preferred.
- Ability to work independently and as a member of a team, establish priorities, and work collaboratively as a member of a diverse community.
- Collaborative, constructive, and positive approach to work.
- Excellent oral, written, and interpersonal communication skills, including strong relationship skills.
- Attention to detail in both completion of work and documenting work products.
- Effective time management practices, applied in a fast-paced environment.
Pay
The annual salary range for this position is $95,000 to $100,000. Except for roles with a set rate of pay, the wage/salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to departmental budgets, qualifications, experience, education, licenses, specialty, and training. The stated hiring rate/range represents the College’s good faith and reasonable estimate of the rate/range of possible compensation at the time of posting.