The Chief Information Security Officer (CISO) reports to the Chief Information Officer (CIO), is a member of the CIO leadership team and serves a key role in university leadership, working closely with senior administration, academic leaders, and the campus community. The CISO is an advocate for North Carolina Central University’s overall information security technology needs and awareness planning. This position will provide vision and leadership for developing and supporting security initiatives. The Chief Information Security Officer directs the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues. This individual is also responsible for auditing existing systems, while directing the administration of security policies, activities, and standards.
The emphasis of this position is on IT Security and Compliance leadership and judgment, with a sophisticated ability to work with other leaders and to set the best balance between security strategies and other priorities at the campus level.
Experience as an Information Security Officer, developing and administering an information security program including policies and procedures in a complex higher education environment is highly desirable.
The position requires an intelligent, articulate, consensus-building, and persuasive leader who can work effectively with senior administration, academic leaders, and the campus community and communicate information security-related concepts to a broad range of technical and non-technical staff.
Demonstrated experience advising and collaborating with senior management is required.
The ability to work in a team/collaborative environment with a broad range of constituencies is essential.
Proven leadership ability is essential to success in this role.Excellent knowledge of technology environments, including information security, building security, and defense solutions.
Experience in planning and executing security policies and standards development.
Good understanding of computer systems characteristics, features, and integration capabilities.
Knowledge of COBIT, ISO, ITIL, CMS, NIST and other standards is essential
Ability to exhibit maturity, reliability, composure, and stability under pressure as required for handling on-the-job challenges is essential. Must be able to give and receive constructive criticism and feedback.
Demonstrated success in working with Internal Audit, System Auditors, outside consultants and/or Office of the State Auditor in a lead capacity to coordinate representation of institutional technology systems and practices is highly desired.
Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment is highly desirable.
Working knowledge and experience in the policy and regulatory environment of information security, particularly in higher education, is highly desirable.
A bachelor’s degree in Management Information Science or other related field and/or an advanced degree is preferred. Professional certification such as CISSP or CCISO is highly desirable. Candidates lacking such certification may be competitive if they present comparable credentials or involvement in continuous professional development.
Professional certification such as CISSP or CCISO is highly desirable.