Chief Information Security Officer
: Job Details :

Category: Administration Subscribe: Department: Information Technology Locations: Poughkeepsie, NY Posted: Apr 8, 2024 Closes: Open Until Filled Type: Full-time Position ID: 174476 About Dutchess Community College:Located in the heart of New York's beautiful and historic mid-Hudson Valley, just 90 minutes north of New York City, Dutchess Community College (DCC) is one of 64 colleges within the State University of New York, the largest comprehensive public higher education system in the country.DCC's strategic direction is guided by four lenses through which we view our work: Students. Learning. Community. Growth. We are committed to respecting individuality, embracing diversity, being student-ready, partnering with and serving our community inclusively. The College welcomes and seeks to grow pools of prospective employees who share and are anxious to support the institution's core values: Excellence. Collaboration. Engagement. Equity. Innovation.Job Description:Under the direction of the President or designee, the Chief Information Security Officer (CISO) is responsible for the development and delivery of a comprehensive information security and privacy program. This program is college-wide and includes all formats of information communication for all authorized users. Protecting information and infrastructure from internal or external threats and ensuring the compliance of all statutory and regulatory requirements regarding information access, security and privacy is of the utmost concern.ROLE AND RESPONSIBILITIESThe CISO is responsible for the development and implementation of information security policies, standards and procedures to ensure the College is compliant with industry standards for information and cybersecurity. Performs ongoing security risk assessments. Develops procedures for auditing and incident prevention and response. Serves as the official campus contact for information security and privacy along with law enforcement entities, external auditors and agencies. Maintains breach insurance coverage policy and supporting information security policy. Development and delivery of an education and training program on security and privacy matters for the College. Maintains security devices such as routers, firewalls and other networking hardware/software.The CISO provides oversight and directions of DCC's IT operations including:* Direct and approve the design of security systems and IT Controls;* Develop and recommend policies and procedures to handle security incidents and coordinate investigative activities;* Ensure that disaster recovery and business continuity plans are in place and tested;* Develop and implement security policies, controls and cyber incident response planning;* Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;* Maintain a current understanding of the IT threat landscape for the industry;* Ensure compliance with changing laws and applicable regulations and translate that knowledge to identification of risks and implementation of actionable plans;* Schedule periodic security audits;* Oversee identity and access management and policies;* Implement cyber security policies and procedures including communication and compliance;* Manage all teams, employees, contractors and third-party vendors involved in IT security;* Provide training and mentoring to security team members;* Develop and implement a training plan for students, faculty, staff and community, including security awareness training;* Monitor and update the cyber security strategy to leverage new technology and threat information;* Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget;* Communicate best practices and risk management strategies to campus community; and* Other duties as assigned.Requirements:KNOWLEDGE, SKILLS AND ABILITIES* Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST* Excellent written and verbal communication skills and high level of personal integrity* Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams* Experience with contract and vendor negotiations and management including managed services* Specific experience in Agile (scaled) software development or other best in class development practices* Experience with Cloud computing/Elastic computing across virtualized environments* Strong understanding of a wide variety of cybersecurity attacks, threats, threat analysis, ethical hacking and system auditing coupled with experience with incident management* Experience with adherence to and influencing global cybersecurity regulations. Strong knowledge of network infrastructure, routing, switching, servers, clients, and mobile computing* Able to align and connect business strategies with technology solutions that will mitigate risk* Proven ability to interface and develop relationships with governmental agencies who can assist with threat assessments and worldwide security issues.* Ability to communicate complex technical challenges in a non-technical and simplified manner to business audienceMinimum Qualifications:* Bachelor's degree in Computer Science, Engineering or related discipline from a regionally accredited college or university required.* Minimum five (5) to eight (8) years of experience in information security, information technology or related field.* Certifications such as CCNA, CCIE, CISSP, CISM, GIAC, MCSE, CCSP or equivalent, CEH are preferred.* Knowledge of networking protocols and communications.* Advanced technical or business degree, preferred.Additional Information:Working Conditions:The performance of this work is primarily in-person and on-site. Flexible hours required; some travel will be necessary.Classification/Salary:This is a Management Confidential position and the salary range is $120,000 - $135,000.DCC offers an exceptional benefits package including Retirement, Medical, Vision and Dental, and PTO.Employment will require a criminal background screening. It will also require references answer questions about known Title IX, sexual violence and sexual harassment violations.Dutchess Community College is an AA/EOE employer. As part of the State University of New York (SUNY), in its continuing effort to seek equity in education and employment, and in support of federal and state anti-discrimination legislation, has adopted a policy to provide an educational and employment environment free from unlawful discrimination on the basis of race, color, national origin, religion, creed, age, sex, sexual orientation, disability, gender identity, familial status, pregnancy, predisposing genetic characteristics, military status, domestic violence victim status, or criminal conviction.Application Instructions:To be considered please submit an online application, resume and cover letter electronically by clicking on the APPLY NOW button below.All required documents must be uploaded in order for your application to be reviewed and considered. Please click here to login to check/edit your profile or to upload additional documents.Please click CONTACT US if you need assistance applying through this website.