Appointment Type : Officer of Administration, 12-Month Renewable Contract
Annual FTE: 1.0 FTE
Closing Date : Application Review begins February 28, 2013; open until filled
Information Services (IS) is the central information technology unit for the University of Oregon. IS provides and supports campus-wide services in the areas of technology support, enterprise applications, middleware, information security, systems and operations, and data networking and telecommunications. IS also includes the Advanced Network Technology Center and works closely with the Network for Education and Research in Oregon.
The University of Oregon was established in 1876. It offers a breadth and depth of curricula through its 270 academic programs and provides the opportunity to work at a respected research university with a strong holistic, liberal arts foundation. The UO also has a history of political and social involvement that embraces diverse beliefs, cultures, and values, and it is committed to environmental responsibility.
Eugene is the home of the University of Oregon. Located in the lush Willamette Valley, Eugene is renown for outdoor pursuits like running, cycling, rafting, and fishing, as well as arts, music, crafts, brewing, wine-making, and community-supported agriculture. With branches in Portland and on the Oregon coast, the UO is deeply connected to Oregon's natural and cultural treasures.
The Chief Information Security Officer (CISO) is responsible for overall planning, development, implementation, and oversight of the University’s campus-wide information security program. The CISO works collaboratively with the campus community to establish information security programs, including: information security policy, practices, and standards; information security awareness and training; information security incident response and management; risk assessment and management; and information security-related IT architecture. Additionally, the CISO serves as the primary information security liaison to federal, state, local and professional organizations.
The CISO reports to the Vice Provost for Information Services and Chief Information Officer (VP/CIO) and serves on the Information Services (IS) Leadership Team. The position will supervise 2-3 information security staff, lead cross-functional teams, and will have budget authority for the Information Security Group.
Duties and Responsibilities
- Coordinate Campus Information Security Program: Under the general direction of the VP/CIO, coordinates the development, implementation and maintenance of the University’s campus-wide information security program. In collaboration with the campus community, assume overall responsibility for developing and maintaining the campus information security roadmap for ensuring the security of campus technology services, computer systems, data networks, and data. Establish and maintain information security programs, including: policy, practices, and standards; awareness and training; incident response and management; and relevant IT architecture.
- Manage Information Security Group: Directs and manages the Information Security Group. Provides vision and direction to the Group. Manages the Group budget consistent with campus and organizational goals. Ensure the delivery of a suite of high quality information security services to the campus. Provide an annual operating plan for the Information Security Group, including an annual budget. Develop and implement appropriate professional development and training programs for the Group. Maintain the appropriate knowledge, skills, and abilities for the position.
- Information Services Leadership: Participate in strategic planning and development of annual goals and objectives for the IS division, with special attention to providing leadership for those related to information security. Serve as a member of the IS Leadership Team to work toward the achievement of division goals and objectives.
- Liaison: Serves as liaison to federal, state, local, and professional organizations. Provide leadership and visibility in the area of information security for the University of Oregon and the state of Oregon. Serves as primary contact for information security vendors and contractors.
- Perform special projects and other duties as assigned.
- Bachelor’s degree from an accredited college or university required
- Extensive knowledge of and experience in information security
- Excellent interpersonal, verbal and written communication skills
- Experience in managing as well as in negotiating vendor contracts and agreements with end users, service providers and regulatory agencies
- Experience supervising, coaching, and mentoring information technology professionals
- Successful experience working, collaborating and establishing credibility and relationships with senior leadership, colleagues and customers
- Ability to deal efficiently and effectively with a wide range of vendors
- Candidates with experience serving the needs of diverse populations are strongly desired
- US citizenship, permanent legal resident status or other current employment eligibility under prevailing law
Position is subject to a criminal background check.
- Demonstrated experience with developing and providing an information security awareness and training program
- Demonstrated experience with developing and maintaining information security policies
- Experience with information security related issues involving identity and access management, intrusion detection, forensics, incident management, risk management and/or auditing
- Technical experience in network administration, system administration, application development, database administration, and/or data center operations
- Knowledge of information security and compliance related issues involving FERPA, HIPPA, PCI-DSS, ITAR, copyright and software piracy, and similar policies and laws
- Preference will be given to those with experience leading and managing information security services in a medium/large research university or similar environment
- CISSP or equivalent certification
- Advanced degree from an accredited college or university
Salary is competitive and commensurate with qualifications and experience.
The University of Oregon provides an excellent benefits package including health, dental, insurance, retirement plan, employee tuition rates (transferable to immediate family members under specific circumstances) and excellent vacation and sick leave provisions.
This position is open until filled. To ensure consideration, all materials should arrive by February 28, 2013.
Complete applications must include the following:
The application materials should be packaged as a single PDF file, using the applicant’s last name as the document name, and emailed to email@example.com .
- A letter of application demonstrating how you meet the qualifications and addressing your interest in the position.
- A current résumé.
- The names, addresses, phone numbers and email addresses of three current references who can comment on your qualifications for this position. References will be kept confidential, and candidates will be notified before references are contacted.
Please reference Position #13014 and the applicant’s last name in the subject of the email.
Incomplete or improperly submitted applications may be excluded from consideration.
The University of Oregon is an equal opportunity affirmative action institution committed to cultural diversity and compliance with the Americans with Disabilities Act.