Department: Information Technology
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
If you require any auxiliary aids, services, or other accommodations to apply for employment, or for an interview, at Michigan Technological University, please notify the Human Resources office at 906-487-2280 or .
Job Description Summary
Responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the university.
Essential Duties & Responsibilities (other duties may be assigned)
1. Act as the primary security architect for the university's technology resources.
2. Lead incident response teams and forensic investigations related to the university's technology resources.
3. Monitor the university's technology resources for attacks.
4. Work with information technology staff to educate them on security risks and train them in assessment and response techniques.
5. Provide reports as directed or requested to keep executive management and external agencies informed of security incidents.
6. Work with the Office of Risk Management and General Counsel as needed to resolve difficult legal security issues.
7. Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
8. Perform vulnerability assessments on the university's resources and evaluate the risk.
9. Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
10. Keep abreast of security incidents and act as primary control point during significant information security incidents.
11. Act as liaison with law enforcement agencies, government agencies, and the court system, when dealing with security incidents.
12. Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
13. Examine impacts of new technologies on the Institution's overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
14. Direct the preparation of short- and long-term strategic and operating plans pertaining to the university's information security program.
15. Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities.
16. Support the vision of the university when developing and enforcing security protocols.
17. Represent the university on committees and boards associated with the information security and in national and regional consortiums and collaborations.
18. Encourage continuous improvement practices among employees. Commit to applying continuous improvement strategies to strategic goals and leadership skills.
19. Ensure compliance with all applicable university, state, and federal regulations.
20. Apply safety-related knowledge, skills, and practices to everyday work.
21. Supervisory Responsibilities: Functional supervision may be exercised over staff and student assistants.
Required Education, Certifications, Licensures (minimum requirements)
* Ability to obtain a U.S. Department of Defense security clearance, which requires United States citizenship. May not possess dual citizenship.
* Bachelor's degree in computer security, computer science, computer engineering or related field, or an equivalent combination of education and professional experience from which comparable knowledge and abilities can be acquired.
Required Experience (minimum requirements)
* Five years of experience in information security, information technology or other fields related to IT security and risk management.
* Professional experience working with networking technologies and protocols.
* Professional experience working with network firewalls and intrusion detection or prevention systems.
* Professional experience with strong analytical and working knowledge of regulatory rules, frameworks, and controls including but not limited to HIPAA, HITECH, GLBA, PCI-DSS, and RFRs.
* Experience designing and implementing controls related to NIST-800 series, DFARS, HIPAA, PCI-DSS, or similar standard
Desirable Education and/or Experience
* Master's degree in computer security, computer science, computer engineering or related field.
* Certification related to security and information response such as CISSP or GIAC.
* Professional experience in a higher education environment.
Required Knowledge, Skills, and/or Abilities (minimum requirements)
* Demonstrate ability to advise senior management and governing board on enterprise-level security risks.
* Excellent oral and written communication skills including the ability to communicate complex security issues to any faculty, staff, supervisors and/or university officials.
* Knowledge and ability to educate and train faculty, staff, and students.
* Effectively collaborate with others to achieve goals.
* Strong creative, innovative, strategic, and visionary qualities.
* Strong prioritization, time management and multitasking skills.
* Skill in organizing resources and establishing priorities while working in a fast-paced environment.
* Lead and manage a team of security professionals.
* Demonstrated ability to effectively... For full info follow application link.
Michigan Technological University is an Equal Opportunity Educational Institution/Equal Opportunity Employer that provides equal opportunity for all, including protected veterans and individuals with disabilities.