The Chief Information Security Officer / Director of Information Security participates in ITS strategic planning efforts to align with Colgate University's mission, Third Century Plan, and the DEI commitment to grow and strengthen the Information Security at Colgate University. Specific Accountabilities include but are not limited to: Maintaining an expert level of understanding of higher ed trends and the work of faculty, students, and staff that ensures a secure technology environment that enables creativity and success.;
Maintaining a comprehensive working knowledge of federal, state, local laws and regulations, and industry standards (together in this document referred to as Laws and Regulations), where compliance requires specific data or information security policies, practices, reporting, or audits. These Laws and Regulations include, but are not limited to, HIPAA, FERPA, Higher Education Opportunity Act (HEOA), CCPA, GDPR, PCIDSS.
Maintaining and continuing growth of the University's identity and access management initiatives.
Developing detailed procedures for system access and permissions to support auditing and detection of compliance issues; Developing effective procedures for regular system and server patches and vulnerability management, based on university best practices.
Advising on the effective use of network security equipment, including firewalls and intrusion protection systems.
Maintaining expert-level knowledge of Cloud infrastructures, including IAAS, PAAS, and SAAS, and help the University maintain a secure cloud presence.
Developing and delivering user-friendly training for end-users, data stewards, system administrators, and others as required in support of the above.
Establishing benchmarks and tracking metrics that reflect the effectiveness of University data and information security policy and practice and provide feedback for future development opportunities.
Conducting periodic security audits of the IT environment, develop reports, document results, recommend changes, supervision of implementation plans.
Lead the development, maintenance, and annual evaluation of incident response, including forensics and investigations in the event of a data breach or incident, as well as business continuity and disaster recovery plans.
Participate in University-wide working groups and committees representing and advocating for the interests of a secure and private data environment.
Represent the University as a participant of institutional security collaborations (REN-ISAC, Higher Education Information Security Council, NY 6, etc.).
Maintaining a working knowledge and technical understanding of the interrelationships and interdependencies between and among the systems, services, and products provided and supported by ITS.
Professional experience and a record of success in the accountabilities of the position.
Technical proficiency in enterprise systems and infrastructure sufficient to credibly work with technical staff to implement security policies and practices.
Excellent communication skills.
Ability to work both independently and within a team. Willing to collaborate, share ideas openly, and learn.
Must be capable of working tactfully and collegially with a diverse group of faculty, staff, and students on a regular basis.
Experience in a higher education setting.
One or more applicable Information Security certifications such as Certified Information Systems Security Professional (CISSP).
A minimum of a Bachelor's Degree in Information Technology, or a related degree preferred, or a combination of education and experience from which comparable skills are attained.
Colgate is committed to attracting and retaining a diverse faculty, staff, and student population.
We strive to be an inclusive community — one that embraces and values diversity (in the broadest sense possible) in an environment of mutual respect, communication, and engagement. A variety of cultures and perspectives enriches the quality of campus life, and the opportunity to share different views and experiences is at the core of Colgate's educational enterprise.
These differences can include but are not limited to: race; ethnicity; gender and gender expression; sexual orientation; socioeconomic status; geographic background; national origin; culture; age; mental, cognitive, and physical abilities; religious beliefs; and political beliefs.
As a result, we ask all candidates seeking consideration for the Chief Information Security Officer / Director of Information Security position to submit a diversity statement with their application materials.
It is the policy of Colgate University not to discriminate against any employee or applicant for employment on the basis of their race, color, creed, religion, age, sex, pregnancy, national origin, marital status, disability, protected Veterans status, sexual orientation, gender identity or expression, genetic information, being or having been victims of domestic violence or stalking, familial status, or any other categories covered by law. Colgate is an Equal Opportunity/Affirmative Action employer. Candidates from historically underrepresented groups, women, persons with disabilities, and protected veterans are encouraged to apply.
Internal Number: 3055
About Colgate University
Colgate University is a highly selective residential liberal arts institution distinguished by academic excellence and interdisciplinary inquiry. Located on a beautiful campus in upstate New York, Colgate takes pride in the active engagement of its students and faculty in local, national, and global communities.