Information Security Officer
University of Colorado System Administration

Information Security Officer

Information Security Officer - 28851 University Staff 

Description 
Who We Are:

System Administration, which also houses the Office of the President, is located in the uptown neighborhood of Denver with a few smaller offices located on the campuses.  Many of our departments support the educational and research missions of the four University of Colorado campuses, but System Administration is not considered a campus. We provide diverse opportunities for professional development, innovation, and collaboration with talented staff and faculty.  Learn more about CU System Administration.

University Information Systems (UIS) provides technical services and enterprise applications to the University of Colorado campuses and the Office of the President. UIS is committed to excellence in customer service and technical expertise. Through the development of enterprise applications, UIS supports the University as a whole with systems used by students, faculty, human resources employees, finance employees, and others.

Position Summary:

The Chief Information Security Officer (CISO) and the campus Information Security Officers jointly oversee the University of Colorado's efforts to protect its computing and information assets and to comply with information-related privacy and security laws and regulations. The CISO is within the Office of Information Security, which oversees university-wide policies, standards and processes for information security. Each Information Security Officer and their team is located within campus-specific organizations and oversees security operations, risk management, compliance, and campus-level policies and procedures.

The System Administration division of the University of Colorado provides several shared services (employee services, procurement services, financial services, legal counsel, enterprise resource planning systems, etc.) to the multi-campus University of Colorado system, serving tens of thousands of users. University Information Services (UIS) manages university-wide technology services that support these shared services, including enterprise systems like finance, student information systems, human capital management, electronic research administration, and document management.

The Information Security Officer for System Administration is an Assistant Director-level position within University Information Services and is accountable for information security monitoring, incident response, vulnerability management, technical security assessments, risk assessments, security planning and compliance guidance for this division of the university. The Information Security Officer sits on the University Information Services leadership team, providing security leadership and guidance across the IT department. The position is also responsible for team leadership and personnel management for the UIS information security team. This position reports to the Chief Information Security Officer.

Where You Will Work:

This position has the ability to work remotely within the United States.

Diversity and Equity:

The University of Colorado System Administration Office is committed to recruiting and supporting a diverse workforce. The university strives to promote a culture of inclusiveness, respect, communication and understanding. We encourage applications from women, ethnic minorities, persons with disabilities, persons within the LGBTQ+ community and all veterans.

Duties & Responsibilities:

Duties and responsibilities of the position include, but are not limited to: 

Security Leadership

Be an active member in the IT leadership team in University Information Services, helping set both security direction for the IT department, as well as participating in overall department discussions and decisions. Coordinate with IT leadership peers to ensure their areas have appropriate guidance and goals for information security Establish appropriate division-level information security policies, procedures and guidelines in alignment with systemwide security policies and standards. Provide guidance to units on the implementation of security policies, standards and procedures. Establish appropriate division-level information security training and awareness to supplement systemwide security awareness and training content and processes.

Security Program Management

Ensure security program for the System Administration division of CU is aligned to organizational policies and priorities, as well as compliance needs Ensure the team meets the organizations needs for security monitoring and response, security assessments (vulnerability management, application security assessments) Assist security team members in establishing roadmaps for information security services and tools Adapt security program offerings to match changing technology and security landscapes Provide reporting and transparency to CIO, CISO and other leadership

Risk and Compliance Management

Perform and document security risk assessments for UIS services and projects Stay informed on emerging information security trends and threats Represent information security in project and technology review processes Escalate risks to the CIO and CISO as appropriate

Security Team Leadership

Set work priorities for the security team that are aligned to broader organizational priorities Provide guidance, feedback and coaching to the security team members Maintain fluid communication both within the team and with other teams Meet university expectations for personnel management (performance management, etc.)

What We Offer:

Salary: The anticipated hiring range has been established at $140,000 - $155,000.

The salary of the finalist(s) selected for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, specialty and training.

The above salary range (or hiring range) represents the University's good faith and reasonable estimate of the range of possible compensation at the time of posting.

Benefits: The University of Colorado offers an excellent benefits package including:

Medical: Multiple plan options Dental: Multiple plan options Additional Insurance: Disability, Life, Vision and Wellness Retirement 401(a) Plan: Employer contributes 10% of your gross pay Paid Time Off: Accruals over the year Vacation Days: 22 Sick Days: 15 Holiday Days: 10

Tuition Benefit: System employees have the benefit on all campuses  ECO Pass: RTD Bus and light rail service Additional Perks & Programs: Click here to access a few more Perks and Programs
Click here to access our Total Compensation Calculator to see what your total rewards could be at CU. This position is a University Staff position.

Additional taxable fringe benefits may be available.

More information on benefits programs, including eligibility, is available at www.cu.edu/employee-services/.

Qualifications:

Minimum Qualifications:

Please ensure your resume includes any and all relevant experience to be accurately assessed against these qualifications.  You must meet all minimum requirements listed at the time of application to be considered for this role.

Bachelor's degree from an accredited institution of higher education, or equivalent professional experience (professional experience may be substituted for the educational requirement on a year-for-year basis). Six (6) years of additional experience in an information security focused role Two (2) years of experience in a managerial or supervisory role, which includes managing personnel, developing/mentoring direct reports, and completing performance reviews to ensure continuous improvement, high performance, and employee retention (may be concurrent with the above experience)

Preferred Qualifications:

Experience working directly for a higher education and/or public sector organization
• A total of eight (8) years of experience in an information security focused role
A total of three (3) years of experience in a managerial or supervisory role, which includes managing personnel, developing/mentoring direct reports, and completing performance reviews to ensure continuous improvement, high performance, and employee retention (may be concurrent with the above experience) Experience working with information security and compliance for ERP (enterprise resource planning) systems Hands-on experience in one or more areas of information security technologies (vulnerability management, monitoring, incident response, SIEM, endpoint security, cloud security tools, etc.) Experience collaborating with multiple departments Experience presenting complex issues to audiences with a wide variety of backgrounds Pertinent certifications

Knowledge, Skills, and Abilities:

To be successful in this position, candidates will need the following:

Knowledge

Knowledge of technology and information security and compliance and its enterprise application.  Knowledge of cybersecurity and privacy principles Knowledge of laws and regulations surrounding information security and privacy (HIPAA, FERPA, GLBA, etc.)

Skills

Skill in evaluating information for reliability, validity and relevance Skill in preparing reports and briefings Skill in identifying how security risks apply to the organization Skill in working with stakeholders to identify needs, report status, manage changes

Abilities

Ability to communicate complex information in a well-organized manner through verbal, written or visual means Ability to effectively collaborate with team members in-person and remotely Ability to think analytically and critically Ability to develop short and long term plans that impact multiple teams Ability to handle highly-sensitive and confidential information with appropriate discretion. Ability to exercise independence and autonomy in performing duties while maintaining an ongoing communication/dialog with supervisor Ability to establish and manage effective working relationships in a network / matrix environment with other departments, groups and staff with whom work must be coordinated or interfaced

How to Apply:

For full consideration, please attach the following as separate documents to your application:

A cover letter identifying the job specific minimum qualifications you possess A resume including any and all relevant experience to be accurately assessed against the qualifications listed in the posting.

Please ensure you check the “Job Specific Attachments” box next to each document on the “Required Documents” page of the application for the appropriate documents to be attached.

When to Apply:

For full consideration completed applications must be submitted by February 24, 2023.  Reference checking is a standard step in our hiring process. You may be asked to provide contact information, including email addresses, for up to five references as part of the search process for this position. *Please note: All application materials must be submitted through CU Careers; emailed materials will not be considered.*

Background Check Statement:

The University of Colorado is committed to providing a safe and productive learning and living community. To achieve that goal, we conduct background investigations for all final applicants being considered for employment. Background investigations include a criminal history record check, and when appropriate, a financial and/or motor vehicle history. The Immigration Reform and Control Act requires that a verification of employment eligibility be documented for all new employees by the end of the third day of work. The University of Colorado is committed to diversity and equality in education and employment.

ADA Statement:

We are committed to an inclusive and barrier-free search process. We provide accommodations for applicants requesting accommodation through the search process such as alternative formats of this posting.  Individuals with disabilities in need of accommodations throughout the search process should contact the ADA Coordinator at: systemhr@cu.edu.
         Application Materials Required: Cover Letter, Resume/CV     

Job Category: Information Technology 

Primary Location: Denver Department: S0001 -- System Administration - 53001 - IT Security 

Schedule: Full-time 

Posting Date: Feb 2, 2023 

Unposting Date: Ongoing Posting Contact Name: System HR Posting Contact Email: SystemHR@cu.edu Position Number: 00806182

To apply, visit https://cu.taleo.net/careersection/2/jobdetail.ftl?job=28851&lang=en







Copyright ©2022 Jobelephant.com Inc. All rights reserved.

Posted by the FREE value-added recruitment advertising agency
jeid-8b41cb85d489304e93a427f00f2f6e6c

This job has expired.