Chief Info Security Officer
$142,660-199,600; commensurate with experience
A. POSITION PURPOSE
The Chief Information Security Officer (CISO) is responsible for maintaining and enhancing cybersecurity infrastructure deterrents and creating an information security-conscious culture across Santa Clara University. The CISO works collaboratively with the CIO, senior university executives, the Office of General Counsel, campus Information Services staff, and other members of the campus community to create an information security plan and vision; to develop, implement, communicate, and evaluate electronic security policies and practices to protect the university’s information assets; and to ensure the university complies with state and federal laws and regulations.
The CISO provides vision and leadership for the planning (strategic and tactical), budgeting, technology evaluation and selection, implementation and assessment of the University’s information security systems. They facilitate the creation and implementation of policies, procedures, processes, and strategies for the adoption and utilization of the University’s security technologies.
The CISO provides leadership to and management of assigned staff, including hiring, training, managing, and establishing projects and resource priorities. They manage direct reports to promote teamwork and to develop professional and technical qualities necessary in order to meet the goals and objectives of IS and the University. They function as a member of the senior leadership team of the Information Services Division and act as directed as a representative of the Division to University and external constituencies. They recommend, initiate, and implement improvements to cybersecurity, and contribute constructive suggestions for change or improvement in other IS areas.
The CISO will build consensus and develop collegial, collaborative working relationships with a broad range of constituencies in support of the IS mission. They determine the most appropriate and effective means of successfully implementing cybersecurity technology solutions for the user community. They coordinate their activities with the CIO in support of University priorities and strategic plans.
The CISO will have a passion for providing excellent customer service, and a focus on continual improvement across all units; a commitment to supporting innovative cyberinfrastructure technologies; and a desire to identify and deliver the best possible cybersecurity technology resources and services to meet the needs of the campus community.
B. ESSENTIAL DUTIES AND RESPONSIBILITIES
1. Management and Strategy
2. Coordination and Collaboration
3. Resource Planning
4. Service Delivery
5. Service Optimization
8. Unit Administration - Information Security Office
9. Other duties as assigned.
C. PROVIDES WORK DIRECTION
D. GENERAL GUIDELINES
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The items below are representative of the knowledge, skills, abilities, education, and experience required or preferred.
This position requires the ability to effectively establish and maintain cooperative working relationships within a diverse multicultural environment.
1. Knowledge, Skills and Abilities
Knowledge of information technology, campus technology, and information security issues and trends in higher education, and ability to continually develop new knowledge regarding the same.
Ability to listen and understand customer needs.
Ability to plan, implement, and evaluate customer service initiatives.
Ability to work in a collaborative environment, as either a member or leader of a team, to meet deadlines and achieve goals.
Ability to manage a diverse workforce to provide excellent customer service.
Self-motivated and shows initiative.
Ability to successfully manage multiple projects simultaneously.
Proven track record in project planning and project management.
Ability to exercise independent judgment and engage in critical thinking and problem solving.
Ability to work effectively under pressure in a busy (often chaotic) and demanding information services environment, while maintaining a sense of humor.
Ability to explain technical issues and policies to non-technical people.
Ability to give presentations on technical issues to a broad range of audiences.
Ability to foster and maintain good working relationships with faculty, administrators, students, senior management, and other leaders.
Ability to handle sensitive matters with diplomacy and the ability to mediate between competing parties.
Ability to maintain confidentiality and manage confidential information.
Must possess impeccable integrity.
Ability to speak truth to power.
Appreciation for the University’s mission, vision, values, priorities, procedures, and policies.
Ability to plan and execute cybersecurity initiatives strategically, tactically, and expansively.
Deep technical skills in one or more of the technical domains that they supervise.
Experience managing cybersecurity systems delivery in a large, complex IT environment, involving multifaceted multi-year projects and technical teams.
Experience developing plans for short- and long-range infrastructure projects, including strategies, budgets, and schedules.
Experience developing and maintaining annual operational and capital budgets.
Experience providing leadership and supervision of staff including position responsibilities, position planning, recruitment, retention, compensation, training/development, and evaluation; this also includes experience promoting and monitoring diversity in the recruitment process.
Understanding of the full spectrum of cybersecurity technologies.
Solid understanding of and experience with enterprise level IT security programs, best
practices, and/or standards.
Solid understanding of IT security management systems and frameworks (NIST, ISO, etc.)
Broad understanding and awareness of compliance issues related to information resources in a higher education environment, including GDPR, GLBA, FERPA, and HIPAA.
Understanding of relational databases.
Understanding of server virtualization environments, preferably VMware.
Understanding of high availability, disaster recovery and data replication architectures, ideally both internally-hosted and cloud-based.
Understanding of Microsoft Active Directory.
Understanding of, and preferably experience working in, cloud-based computing environments, preferably Google Cloud (GCP).
Experience leading the development and implementation of standard operating procedures and policies with an emphasis on maintaining and ensuring operational continuity and security of the University’s information assets.
Experience with technical assessment, selection, and implementation of new infrastructure technologies.
Understanding of, and preferably experience with, local and hosted networking components, servers, switches, routers, management tools, LAN/WAN, TCP/IP, Ethernet, DNS, virtual appliances and devices.
Experience with Network Access Control (NAC) solutions.
Varied and strong background that would include implementation of higher education cybersecurity systems.
Specific understanding of industry trends and standards.
Experience negotiating contracts with vendors.
Bachelor’s Degree from an accredited institution of higher education required. Advanced degree preferred.
Minimum of twelve years of experience, with a focus on providing excellent customer service to support technology in support of an organization’s mission.
F. PHYSICAL DEMANDS
The physical demands described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. In accordance with the Americans with Disabilities Act, as amended, the California Fair Employment & Housing Act, and all other applicable laws, SCU provides reasonable accommodations for qualified persons with disabilities. A qualified individual is a person who meets skill, experience, education, or other requirements of the position, and who can perform the essential functions of the position with or without reasonable accommodation.
Considerable time is spent at a desk using a computer terminal.
Required to travel to other buildings on the campus.
Required to attend conference and training sessions within Bay Area or in- or out-of-state locations.
Required to travel to outside customers, vendors or suppliers.
G. WORK ENVIRONMENT
The work environment characteristics described below are representative of those an employee encounters while performing the essential functions of this job.
Typical office environment.
Mostly indoor office environment with windows.
Offices with equipment noise.
Offices with frequent interruptions.
Equal Opportunity/Notice of Nondiscrimination
Santa Clara University is an equal opportunity/equal access/affirmative action employer fully committed to achieving a diverse workforce and complies with all Federal and California State laws, regulations, and executive orders regarding non-discrimination and affirmative action. Applications from members of historically underrepresented groups are especially encouraged. For a complete copy of Santa Clara University’s equal opportunity and nondiscrimination policies, see https://www.scu.edu/title-ix/policies-reports/
Title IX of the Education Amendments of 1972
Santa Clara University does not discriminate in its employment practices or in its educational programs or activities on the basis of sex/gender, and prohibits retaliation against any person opposing discrimination or participating in any discrimination investigation or complaint process internally or externally. The Title IX Coordinator and Section 504 and ADA Coordinator is Jenna Elliott, Interim Director of Equal Opportunity and Title IX, 408-551-3043, email@example.com , www.scu.edu/title-ix. Inquiries can also be made to the Assistant Secretary of Education within the Office for Civil Rights (OCR).
Clery Notice of Availability
Santa Clara University annually collects information about campus crimes and other reportable incidents in accordance with the federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act. To view the Santa Clara University report, please go to the Campus Safety Services website. To request a paper copy please call Campus Safety at (408) 554-4441. The report includes the type of crime, venue, and number of occurrences.
Americans with Disabilities Act
Santa Clara University affirms its' commitment to employ qualified individuals with disabilities within the workplace and to comply with the Americans with Disability Act. All applicants desiring an accommodation should contact the Department of Human Resources, and 408-554-5750 and request to speak to Indu Ahluwalia by phone at 408-554-5750 or by email at firstname.lastname@example.org.
***When applying, please note that you saw the job posted on the NOVAworks Job Board. If you need help with your resumé, please see a NOVAworks Career Advisor.
Located in the heart of Silicon Valley, Santa Clara University blends high-tech innovation with a social consciousness grounded in the Jesuit educational tradition.
We are committed to leaving the world a better place. We pursue new technology, encourage creativity, engage with our communities, and share an entrepreneurial mindset. Our goal is to help shape the next generation of leaders and global thinkers.
Santa Clara's undergraduate and graduate programs span areas ranging from psychology to sustainable-energy engineering and from theatre arts to business analytics.