Director - Cybersecurity Officer

Requisition: ES

Hiring Salary: Yearly-Administrative

Department: Office of the Chief Technology Officer

• Bachelor's degree in computer science, information security, cybersecurity, or a related field from an accredited institution.
• Five years of experience in cybersecurity or information security, with at least 2 years in a leadership or director‑level role in any Information Technology field.
• Experience managing a team of cybersecurity analysts is strongly preferred.
• Security professional‑level certification (e.g., CISSP, CISM, CISA, OSCP) is required; additional security certifications are highly desirable, such as Security+, CEH, or CCSP.
• Relevant experience in a large state institution of higher education is desirable.
• Additional education may be considered in lieu of experience.

Performs highly advanced or managerial (senior‑level) cybersecurity analysis work providing direction and guidance in strategic operations and planning. Oversees the prevention of data breaches and the monitoring of and reacting to cyber‑related attacks. Directs the analysis and assessment of vulnerabilities in the infrastructure, investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Provides leadership and guidance to staff, ensuring best practices in cybersecurity are followed and continuously improved.

• Develops and implements the strategic vision for Information Security, ensuring alignment with organizational goals.
• Directs the deployment of cybersecurity infrastructure and protects critical infrastructure services.
• Directs and/or conducts research related to cybersecurity trends and technology, and evaluates cybersecurity trends, tools, and techniques for potential application to infrastructure and research areas.
• Oversees cybersecurity management initiatives by continuously evaluating and improving cybersecurity analysis processes, tools, and methodologies.
• Oversees detection activities and advises on cybersecurity threats and vulnerabilities.
• Oversees the initiation, implementation, and development of incident response plans and recovery programs; the evaluation and obtainment of forensics tools; the review of intrusion and misuse detection reports; and the guidance for corrective action.
• Develops and implements appropriate safeguards to ensure system resiliency.
• Develops cybersecurity awareness training programs for employees, contractors, and users; and facilitates cyber preparedness exercises.
• Acts as a point of escalation for issues, oversees governance and reporting mechanisms, and drives process improvements to enhance efficiency.
• Promotes innovative practices and represents Information Security in strategic discussions.
• Provides leadership, vision, and management to a department.
• Develops activities, policies, procedures, and departmental culture that facilitate, promote, and sustain collaboration with the campus community.
• Develops, documents, and implements internal control policies, standards, and procedures to ensure fiscal, regulatory, confidentiality, and security accountability.
• Responsible for organizing, planning, and evaluating personnel, work assignments, supervision, training, and technical direction of staff.
• Evaluates programs and services to identify areas of strengths and necessary improvements.
• Develops strategies and processes to optimize operations for the department.
• Ensures compliance with applicable state and federal laws, University policy and divisional directives.
• Directs day‑to‑day operations of the cybersecurity department.
• Provides accurate and timely reports to professional staff.
• Makes decisions about objectives, operating procedures, and policies.
• Responsible for the department administration, including budget preparation and control.
• Serves on committees as requested.
• Performs other related duties as assigned.