Chief Information Security Officer (CISO)

Full Job Description

• Leads the College’s cybersecurity strategy and oversees the Office of Information Security, ensuring the effective management and implementation of essential cybersecurity frameworks, table stakes documents, and governance policies.
• Responsible for centrally coordinated services through specialized units, including cybersecurity training and awareness, enterprise risk management, incident response, security operations, information security finance and planning, and compliance oversight.
• Provides a forward-thinking information security vision that empowers the College to achieve its strategic goals by embedding robust cybersecurity practices into all facets of the organization.
• Fosters a culture of security excellence, transparency, and collaboration while structuring cybersecurity services to be responsive and aligned with the needs of the academic community.
• Develops and maintains effective cybersecurity governance in partnership with business owners, ensuring IT acts as a trusted facilitator among stakeholders and enables secure, compliant, and innovative operations across the College.

• Develop and maintain a university-wide information security plan and assessment standard, establishing robust technical controls and solutions to mitigate risks and safeguard critical infrastructure supporting enterprise applications, learning technologies, and research computing.

• Partner with academic and administrative leaders to enhance the security, effectiveness, and efficiency of instructional and research programs by implementing innovative and prudent information security technologies and practices.

• Collaborate with university leadership, faculty, and staff to ensure the information security strategy addresses the comprehensive needs of all stakeholders.

Champion cross-functional collaboration throughout the university to foster integrated planning, shared responsibility, and professional relationships that facilitate the development and deployment of common security solutions.

Leverage collective expertise and investments across the institution to proactively address emerging threats, ensure compliance, and maintain readiness for evolving cybersecurity challenges.

Oversee the division’s information security operations and services, ensuring timely, high-quality, and cost-effective delivery aligned with the college’s values and strategic objectives.

Develop and manage budget plans, prioritizing initiatives that maintain robust and reliable security measures, while also accommodating requests for new security services and enhancements to existing protocols.

Lead efforts

• Develop, implement, and continuously monitor policies and practices to safeguard the College’s technology infrastructure and institutional data, including data classification, retention, and privacy policies that protect sensitive information and align with risk management frameworks.to recruit, retain, develop, and evaluate highly qualified information security professionals to support and advance the college’s cybersecurity posture.

PLEASE APPLY HERE: https://jobs.cofc.edu/postings/17679

Requirements

• A bachelor’s degree in business administration or a technology field, plus at least seven years of relevant leadership and professional experience—or an equivalent combination of education, training, and work history—is required.
• Relevant experience includes risk management, information security, or IT roles with increasing responsibility and leadership. Strong communication and collaboration skills are needed, along with the ability to explain security and risk concepts to both technical and nontechnical audiences.
• Candidates with an equivalent combination of experience and/or education are encouraged to apply.

Qualifications

• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic academic environment.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Demonstrated ability to be a critical thinker, with strong problem-solving skills, a high degree of initiative, dependability, and the ability to work with diverse constituencies.
• Knowledge and understanding of relevant legal and regulatory requirements, such as Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA), General Data Protection Regulation (GDPR), Digital Millennium Copyright Act (DMCA), etc.
• Demonstrated experience establishing and maintaining data classification schemes, retention schedules, and privacy controls consistent with institutional policy and applicable regulations.

• Certified Information Systems Security Professional (CISSP) required.

Additional Information

Applications should include the applicant’s full name, position, institution/organization, and email address.

Applications should consist of the following documents, to be submitted electronically in .pdf format:

1) a detailed letter of interest;
2) a full resume with relevant administrative responsibilities and accomplishments; and
3) a list of five professional references, including names, phone numbers, and email addresses, noting the candidate’s relationship with each reference.

Benefits

• Insurance: Health/Dental/Vision
• Life Insurance
• Paid Leave: Sick/Annual/Parental
• Retirement
• Long Term Disability
• Paid Holidays
• Free CARTA Bus Service
• Employee Tuition Assistance Program (ETAP)
• Employee Assistance Program (EAP)

Full Benefits Package – Click Here