Serve as Chief Information Security Officer (CISO) for Radford University. As a key member of the Information Technology Services (ITS) leadership team, this position will provide strategic vision, planning, oversight and operations for a comprehensive security program to ensure the confidentiality, integrity and availability of University systems. Collaborate with the ITS leadership team to develop and maintain information technology security plans, risk assessments, and information technology security policies. Coordinate the deployment of security related products and the annual IT security awareness training program. Conduct security assessments of cloud hosted systems. Perform internal reviews and vulnerability scans to evaluate the security of University systems. Conduct regular table top exercises and drills to enhance preparedness of the ITS team and systems.
Education/experience An advanced degree in Computer Science, Information Systems or related field and demonstrated relevant work experience, or an equivalent combination of education, training and experience.
Equal Opportunity/Affirmative Action Statement Radford University does not discriminate with regard to race, color, sex, sexual orientation, disability, age, veteran status, national origin, religion, or political affiliation in the administration of its educational programs, activities, admission or employment practices.
Broad knowledge of computer security issues, requirements and trends. Strong interpersonal and communication skills, plus the ability to achieve goals through collaboration and cooperation. Demonstrated ability to work effectively with an array of constituencies. Experience monitoring and analyzing the security of IT systems. Knowledge of multi-platform environments and security considerations for each platform. Demonstrated analytical, problem solving, leadership, project management and customer service skills.
Preferred Qualifications Professional certification (CISSP, GIAC, CISA, CISM, etc.) is preferred. Experience providing education and training programs on security policies and practices to a range of technical and non-technical constituents. Demonstrated ability to design, specify, manage and maintain an information security program. Experience dealing with incident response and in maintaining and safeguarding institutional data.