Assistant Vice President, Chief Information Security Officer

Assistant Vice President, Chief Information Security Officer About This Role

Reporting to the Associate Vice President and CIO, the CISO will provide the necessary vision and leadership to develop and implement a strategic technological security operations unit and associated plan for strengthening K-State's IT infrastructure and systems. As part of the CIO's leadership team, the CISO will work closely with other senior leaders and oversee the implementation and expansion of technologies across campus, establish and maintain IT and security best practices, and effectively communicate risk and necessary risk-prevention measures to all members of the community.

The CISO will recruit and mentor a team consisting of a Director of Data Security and Privacy, Cyber Security Risk and Compliance Analyst, six full‑time security engineers, and 4-5 student workers and will promote an organizational culture committed to timely, effective, and user‑friendly customer service. The CISO will possess robust skills in budget planning, financial oversight, and resource management tailored to information security operations.

The CISO will lead day‑to‑day detection and response technologies to improve the University’s cyber posture. They will lead system improvements related to research that will reduce redundancies, provide efficiencies, promote collaboration, improve response timeliness, and enhance the integrity of the data. The CISO will work with third‑party security vendors and threat‑detection platforms to maximize the benefits of these purchases. Developing a maturing security operations group and working in collaboration with the Academic IT Directors within each college, the VP of Research, the Office of Information Technology leadership team, and research faculty across the institution will be key to the CISO's success.

The CISO will also collaborate with necessary vendor partners to safeguard K-State data and resources and ensure compliance with the changing laws and applicable government policies regulating K-State's security and data protection.

View the CISO position profile on our website: https://(Use the "Apply for this Job" box below).%

Kansas State University’s Division of Information Technology, led by the Associate Vice President and CIO, Thomas Bunton, is committed to providing excellent IT services to the K-State community in support of the teaching, learning, research, and service missions. They offer a wide range of information, technology, and communications services. They provide leadership for developing and delivering computing and digital resources to K-State students, faculty and staff.

In addition to the operation and management of IT Services, the Division comprises the administrative service functions of HR, finance, and communications. The Division coordinates and manages central IT business services including Enterprise Systems, Portfolio & Project Governance, Infrastructure & Operations, Academic Applications, Information Security, and Academic IT, and Research Technology.

Learn more about Kansas State University: https:///

Learn more about Manhattan, Kansas: http://.org

This position is On‑site.

• Bachelor’s degree plus ten (10) years of relevant experience.
• Academic foundation, critical thinking and analytical skills necessary to guide complex university functions with credibility and strategic insight.
• Competencies developed and validated through a formal degree program.

• A bachelor’s or master’s degree in Computer Science, Information Systems, Cybersecurity, or a related field.
• Additional certifications in information security (e.g., CISSP, CISM, CEH, GIAC).
• Extensive experience in developing and managing comprehensive information security programs, including but not limited to cybersecurity strategies, risk management, data protection, and compliance frameworks.
• Strong leadership and team development skills, with a proven ability to build, manage, and mentor multidisciplinary cybersecurity teams.
• Deep understanding of information security technologies, trends, best practices, and regulatory requirements, with experience in designing and implementing detection and response security controls and measures.