George Mason University
Chief Information Security Officer (CISO)
George Mason University, Greendale, Wisconsin, United States, 53129
Chief Information Security Officer (CISO)
Campus Site, Fairfax, VA, Workplace Type, Hybrid Eligible
Job Category:
Administrative or Professional Faculty Job Type:
Full-Time Work Schedule:
Full-time (1.0 FTE, 40 hrs/wk) Salary:
Salary commensurate with education and experience Criminal Background Check:
Yes Security Clearance Check:
Yes About the Department: Mason's Information Technology Services (ITS) organization provides information technology resources, systems, services, tools, and training to the university community. ITS's mission is to advance Mason’s strategic goals, support learning, enable scholarly endeavors, and improve institutional management by effectively leveraging the resources of ITS's supporting groups. About the Position: George Mason University recognizes the importance of information security and has a targeted focus on data as an asset. The Chief Information Security Officer (CISO) ensures that Mason has the right leadership, processes, technology, and tools to effectively meet current and future information security threats. The CISO provides vision and leadership to oversee and enhance an information security program for the university’s central systems and its decentralized computing environment, while also supporting information technology risk and compliance objectives in the process. The CISO reports to Mason’s Vice President for Information Technology and Chief Information Officer (CIO) and will be a member of the ITS leadership team. The CISO provides leadership for the development of information security strategy, policy, standards, architecture, processes, and assessments to ensure that information assets and critical processes are adequately protected with acceptable levels of controls. The CISO builds and implements a broad-based strategic roadmap for security. The CISO has substantial influence and direction over IT Security, Network Security, and the budget issues that arise in determining necessary Information Security steps. The CISO manages the information security organization, including its staff; evolving the overall information security management program; enforcing adoption of standards and practices; and balancing information security requirements with other business objectives. Responsibilities: Policy and Program Leadership: Develops, communicates, and oversees the implementation of a strategic, comprehensive information security and risk roadmap for Mason and for ITS. Works with Mason leadership to identify risks to the confidentiality, integrity, and availability of university systems and data. Provides leadership in the enforcement of security and associated policies. Provides leadership to the ITSO in the analysis, discussion, and development of security policy, standards, and practices, and guides the acquisition of advanced security technology. Provides guidance and influences the university with regard to network and computing security needs in selecting hardware and software technologies. Collaborates with and supports IT colleagues to monitor, assess, and test security solutions. Compliance, Audit, and Standards: Develops and enhances an information security governance framework to guide Mason’s information security compliance efforts. Coordinates and tracks information security related audits at all internal, state, and federal levels. Ensures that the ITSO provides timely and documented responses to security concerns of IT projects. Assists with the assessment of business requirements, advises administration and campus personnel on IT security products, services and solutions. Develops and implements plans to ensure compliance with applicable laws, regulations, and requirements. For purposes of GLBA compliance, serves as or is accountable to designate a ‘qualified individual’ responsible for overseeing, implementing, and enforcing the information security program. Ensures that Mason’s IT Security policies are up to date and provides appropriate protections for Mason. Manages a broad range of complex security and risk-related issues in information technology. Continually evaluates risks and acts expeditiously in making decisions and recommendations. Evaluates Mason’s security environment and provides strategic risk guidance for technical controls. Assists in establishing best practices and procedures for information assurance, disaster recovery, and business continuity. Leads, plans, coordinates, and participates in required training exercises for incident response and disaster recovery. Leads and coordinates institutional responses to security incidents. Tracks security incidents and administers a Mason-wide IT Security Risk Management Program. Works with IT and communications teams to address communication needs associated with security incidents. Directs teams in deployment and management of appropriate security tools. Provides consultation, guidance, and investigation regarding information security, policy, and security education and training. Documents and publishes security standards, processes, and procedures that the university community is expected to meet. Develops and enhances an information security and risk management awareness training program. Provides recommendations on security best practices and designates approved security software for Mason use. Required Qualifications: Master’s degree in related field or equivalent combination of education and experience. Extensive mid/senior level leadership and managerial experience. Extensive cybersecurity experience with IT security standards or frameworks. Extensive experience with security policy and administration. Demonstrated experience with evolving state-of-the-art information security technologies. Expert leadership experience. Experience with information system auditing. Demonstrated experience in crises management and response. Expertise in risk management approaches. Demonstrated accomplishments in program leadership, policy development, and project management. Demonstrated strong interpersonal and communications skills. Demonstrated ability to communicate technical concepts and solutions. Demonstrated ability to work with senior university staff. Knowledge of computer forensic investigation methodology. Integrity and high standards of personal and professional conduct. Top Secret clearance or ability to obtain one within 6 months of hire. Required industry certifications such as CISSP, CCISO, or CISM. Preferred Qualifications: Experience working in a higher education or a research environment. Direct knowledge in the specific technical areas of systems administration, applications development, database administration, network operations, or data center operations. Instructions to Applicants: For full consideration, applicants must apply for the
Chief Information Security Officer (CISO)
at
https://jobs.gmu.edu/ . Complete and submit the online application to include three professional references with contact information, and provide a cover letter and resume.
#J-18808-Ljbffr
Campus Site, Fairfax, VA, Workplace Type, Hybrid Eligible
Job Category:
Administrative or Professional Faculty Job Type:
Full-Time Work Schedule:
Full-time (1.0 FTE, 40 hrs/wk) Salary:
Salary commensurate with education and experience Criminal Background Check:
Yes Security Clearance Check:
Yes About the Department: Mason's Information Technology Services (ITS) organization provides information technology resources, systems, services, tools, and training to the university community. ITS's mission is to advance Mason’s strategic goals, support learning, enable scholarly endeavors, and improve institutional management by effectively leveraging the resources of ITS's supporting groups. About the Position: George Mason University recognizes the importance of information security and has a targeted focus on data as an asset. The Chief Information Security Officer (CISO) ensures that Mason has the right leadership, processes, technology, and tools to effectively meet current and future information security threats. The CISO provides vision and leadership to oversee and enhance an information security program for the university’s central systems and its decentralized computing environment, while also supporting information technology risk and compliance objectives in the process. The CISO reports to Mason’s Vice President for Information Technology and Chief Information Officer (CIO) and will be a member of the ITS leadership team. The CISO provides leadership for the development of information security strategy, policy, standards, architecture, processes, and assessments to ensure that information assets and critical processes are adequately protected with acceptable levels of controls. The CISO builds and implements a broad-based strategic roadmap for security. The CISO has substantial influence and direction over IT Security, Network Security, and the budget issues that arise in determining necessary Information Security steps. The CISO manages the information security organization, including its staff; evolving the overall information security management program; enforcing adoption of standards and practices; and balancing information security requirements with other business objectives. Responsibilities: Policy and Program Leadership: Develops, communicates, and oversees the implementation of a strategic, comprehensive information security and risk roadmap for Mason and for ITS. Works with Mason leadership to identify risks to the confidentiality, integrity, and availability of university systems and data. Provides leadership in the enforcement of security and associated policies. Provides leadership to the ITSO in the analysis, discussion, and development of security policy, standards, and practices, and guides the acquisition of advanced security technology. Provides guidance and influences the university with regard to network and computing security needs in selecting hardware and software technologies. Collaborates with and supports IT colleagues to monitor, assess, and test security solutions. Compliance, Audit, and Standards: Develops and enhances an information security governance framework to guide Mason’s information security compliance efforts. Coordinates and tracks information security related audits at all internal, state, and federal levels. Ensures that the ITSO provides timely and documented responses to security concerns of IT projects. Assists with the assessment of business requirements, advises administration and campus personnel on IT security products, services and solutions. Develops and implements plans to ensure compliance with applicable laws, regulations, and requirements. For purposes of GLBA compliance, serves as or is accountable to designate a ‘qualified individual’ responsible for overseeing, implementing, and enforcing the information security program. Ensures that Mason’s IT Security policies are up to date and provides appropriate protections for Mason. Manages a broad range of complex security and risk-related issues in information technology. Continually evaluates risks and acts expeditiously in making decisions and recommendations. Evaluates Mason’s security environment and provides strategic risk guidance for technical controls. Assists in establishing best practices and procedures for information assurance, disaster recovery, and business continuity. Leads, plans, coordinates, and participates in required training exercises for incident response and disaster recovery. Leads and coordinates institutional responses to security incidents. Tracks security incidents and administers a Mason-wide IT Security Risk Management Program. Works with IT and communications teams to address communication needs associated with security incidents. Directs teams in deployment and management of appropriate security tools. Provides consultation, guidance, and investigation regarding information security, policy, and security education and training. Documents and publishes security standards, processes, and procedures that the university community is expected to meet. Develops and enhances an information security and risk management awareness training program. Provides recommendations on security best practices and designates approved security software for Mason use. Required Qualifications: Master’s degree in related field or equivalent combination of education and experience. Extensive mid/senior level leadership and managerial experience. Extensive cybersecurity experience with IT security standards or frameworks. Extensive experience with security policy and administration. Demonstrated experience with evolving state-of-the-art information security technologies. Expert leadership experience. Experience with information system auditing. Demonstrated experience in crises management and response. Expertise in risk management approaches. Demonstrated accomplishments in program leadership, policy development, and project management. Demonstrated strong interpersonal and communications skills. Demonstrated ability to communicate technical concepts and solutions. Demonstrated ability to work with senior university staff. Knowledge of computer forensic investigation methodology. Integrity and high standards of personal and professional conduct. Top Secret clearance or ability to obtain one within 6 months of hire. Required industry certifications such as CISSP, CCISO, or CISM. Preferred Qualifications: Experience working in a higher education or a research environment. Direct knowledge in the specific technical areas of systems administration, applications development, database administration, network operations, or data center operations. Instructions to Applicants: For full consideration, applicants must apply for the
Chief Information Security Officer (CISO)
at
https://jobs.gmu.edu/ . Complete and submit the online application to include three professional references with contact information, and provide a cover letter and resume.
#J-18808-Ljbffr