Framingham State University is a vibrant comprehensive liberal arts institution located in the MetroWest suburbs of Boston, which integrates an academically challenging liberal arts education with workforce preparation programs. Founded in 1839, FSU enrolls about 4,000 undergraduates and 1,200 graduate and professional students. FSU offers 35 bachelor's degrees with 55 specialized concentrations, 63 minors, and 26 master's degree programs, in a highly personalized teaching environment. Our community takes pride in empowering student success by providing a superior education, leading research and innovation opportunities, and a strong first-year experience.
At FSU, we are deeply committed to inclusive excellence, encouraging a supportive, diverse and collaborative learning environment, and providing culturally relevant education. We are honored that our commitment earned FSU six Higher Education Excellence in Diversity (HEED) Awards from INSIGHT Into Diversity and that we are the only public institution in Massachusetts recognized in 2018, 2019, and 2020. FSU is designated as an emerging Hispanic-Serving Institution by the Hispanic Association of Colleges and Universities and also belongs to the Howard Hughes Medical Institute (HHMI) Inclusive Excellence community, providing national leadership in science education and exploring strategies that will lead to more inclusive science education. We encourage applications from those who share our commitment to promoting a diverse, welcoming, and inclusive community.
Our founding motto, LIVE TO THE TRUTH, was said at the end of each class by beloved first principal, Cyrus Peirce, who sought to discover and teach "truth in theory and principle...truth in spirit and motive...truth in manner and form...truth intellectual and truth moral." Principal Bagnall found this motto "speaks of sincerity of spirit...of intensity of effort, of resolution to succeed, of joy in achievement." LIVE TO THE TRUTH continues to guide our institution in practice and endeavor. If you share in this quest for truth and a commitment to living it fully, make the next chapter of your career the best chapter at Framingham State University.
The Information Security Officer is a member of the leadership team within the Information Technology Services (ITS) organization with responsibility for the comprehensive information security program. This includes (but is not limited to); the review, evaluation, and implementation of controls to reduce the overall risks associated with information that is under the stewardship of the University, related technological infrastructure, and third-party product or service providers. This position also administers information security training and awareness programs. Responsibilities include the monitoring, investigation, response, and remediation of vulnerabilities, threats, and breaches of Framingham State's cybersecurity as may be necessary. The Information Security Officer also proposes, drafts, and maintains all documented security policies and procedures designed to mitigate such risks.
The Information Security Officer plays an important role in formulating and executing strategies that contribute toward the University being a productive and enjoyable place to teach, learn and work. This includes (but is not limited to); ensuring generally accepted best practices for securing information and technological infrastructure are adopted by partnering with colleagues within ITS, users of Framingham State's information systems, other internal stakeholders, and vendors as part of the organization's objectives and improvement of IT services in support of Framingham State University's overall operations and strategic priorities.
Associate Vice President and Chief Information Officer
EXAMPLES OF SPECIFIC DUTIES AND RESPONSIBILITIES:
Leads the implementation of the controls, best practices, policies, and procedures as described or referred to in the University's Comprehensive Written Information Security Program (WISP)
Monitors changes in legislation related to cybersecurity and information security, and updates the University's Comprehensive WISP as needed.
Leads the development of annual and long-range security strategies, compliance goals, capability maturity models, performance metrics, reporting mechanisms, and program services that demonstrate measurable improvements to cybersecurity at the University over time.
Assumes responsibility for designated portions of the University's IT service offerings as the Service Owner and/or Process Manager and provides program and project management for assigned initiatives requiring a structured approach to defining a scope of work, resource planning and coordination, controlling costs, and mitigating risks.
Works with university leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the university to effectively address state and federal statutory and regulatory requirements.
Coordinates and tracks all information technology and security-related assessments/audits including the scope of audits, colleges/units involved, timelines, auditing/assessing agencies, and outcomes. Works with auditors/assessors as appropriate to keep audit/assessment focus in scope, maintain excellent relationships with audit/assessment entities and provide a consistent perspective that continually puts the institution in its best light. Provides guidance, evaluation, and advocacy on audit responses. Handles the administration, planning, and coordination associated with follow-up to findings and recommendations from audits and assessments.
Develops a strategy for dealing with an increasing number of internal and external assessments, audits, and compliance checks.
Develops and administers designated budget allocations and serves as the assigned contract manager for agreements with third-party product and service providers.
Reviews contracts for departmental third-party product and service providers for appropriate and required information security and privacy protections.
Initiates and leads ongoing efforts to identify, inform and involve key stakeholders in the process of making joint decisions and engaging in productive collaborations with colleagues and constituents as part of managing the administration of policies, programs, and services.
Monitors areas of potential risk to information security, and cybersecurity more generally identify vulnerabilities and threats and takes appropriate action to help prevent, mitigate or remediate situations that might inflict financial, operational, or reputational damage to the University.
Periodically reviews and assesses logs, access controls, vulnerability scans, and patch management programs as required to ensure that documented standard operating procedures are consistent with best practice, up to date, and are being followed. Adjustments to standard operating procedures will be made as needed. Any/all findings will be noted, remediated, and reported.
Convenes a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise or situations that warrant attention in order to prevent or mitigate the risk of an incident occurring.
Convenes Ad Hoc Security Committee as appropriate and provides leadership for breach response and notification actions for the University.
Provides consultative guidance to members of academic and administrative departments as well as students on how to secure information, protect information technology, and employ generally accepted best practices for cybersecurity.
Works closely with the other colleagues within the University and third-party product and service providers to ensure supported information systems and technological infrastructure are compliant with federal, state, and industry regulations to protect institutional data, systems, personal information, and privacy.
Works closely with the other colleagues within the University and third-party product and service providers to maintain documentation of Framingham State's contingency and business continuity plans to ensure a defined scope of information technology services can be restored within agreed-upon timeframes in the event of a disaster or major cybersecurity incident.
Participate in local, regional, and national peer organizations to stay abreast of information security issues and regulatory changes affecting higher education at the state and national level.
Participate in national policy and practice discussions on information security and communicate to campus regularly about those topics.
Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
Provides insights, consultative advice, and expertise as a contributing member of committees, task forces, and advisory groups charged with formulating University-wide strategies, setting operational objectives, instituting policies, and achieving goals associated with compliance, audits, and risk management.
Performs other duties as may be assigned by the Associate Vice President and Chief Information Officer.
Accountable for ensuring that affirmative action, equal opportunity, and diversity are integrally tied to all actions and decisions in areas of responsibility.
All of the work associated with the duties and responsibilities for this position is ordinarily performed at Framingham State's main campus, and may be done periodically from a remote location consistent with the conditional provisions specified within University's Telework Guidelines and in accordance with an approved Telework Agreement.
Academic credential of a Bachelor's degree
Excellent technical, organizational, planning, documentation, and communications skills
Project management experience
5+ years progressive experience in a computer-related field
Some degree of experience in policy and planning, compliance, and operations as described in the preceding section titled "Duties and Responsibilities"
Prior experience as an Information Security professional
Experience working for a College or University within Information Technology Services
Certifications and other credentials for Management of Information Security
This is a full-time, exempt, benefits-eligible position in the Association of Professional Administrators (APA) bargaining unit with a title of (Information Security Officer). The salary range is $80,000 - $90,000.
It is the policy of Framingham State University that all employees be fully vaccinated against COVID-19, including booster if eligible, before they begin employment. Proof of the COVID-19 vaccine is required of all individuals hired by FSU, to be verified after a verbal offer of employment has been accepted, and before employment begins. Prospective employees may submit a request for a medical or religious exemption to the COVID-19 vaccination requirement to Human Resources. Furthermore, FSU employees must wear a mask inside certain campus spaces.
Framingham State University conducts criminal history and sexual offender record checks on recommended finalists prior to final employment for all positions.
Framingham State University is an equal opportunity/affirmative action employer.
Members of underrepresented groups, minorities, women, veterans, persons with disabilities, and all persons committed to diversity and inclusive excellence are strongly encouraged to apply.
Candidates must apply online by submitting:
Equity and Inclusion Statement
Names and contact information for three (3) professional references.
*The Equity and Inclusion Statement is an opportunity for candidates to discuss professional skills, experience and/or willingness to engage in activities that would enhance the university's efforts to promote a diverse, equitable, and inclusive community. Equity and inclusion statements will be considered as part of a transparent and comprehensive review of candidate application materials.
For full consideration, application materials must be received by July 4, 2022. However, applications may continue to be reviewed until the position is filled.
Framingham State University only accepts application materials through our online application system. We are unable to accept application materials through mail, email, fax, or hand delivery. If you experience technical issues with the online application process, please submit a helpdesk ticket.
Framingham State University understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance, please contact the Human Resources Office at 508-626-4530 or email@example.com.