Information Technology Security Officer – HigherEdJobs | #itjobs | #infosec | #cybersecurity | #informationsecurity

Information Technology Security Officer
No sponsorship by Xavier University of Louisiana for position. Some relocation

This position reports to the Asst. Vice President/Deputy CIO for the Office of Technology Administration. The incumbent
sets security policies, standards, and processes, utilizes a risk-based methodology to inform work, anticipates threats and identifies
potential impact. The ITSO designs and implements roles, responsibilities, and operational efforts supporting a clear vision and strategy
for information security throughout the University. Provide security leadership in support of the enterprise as it relates to IT network
security, IT security governance, security monitoring, and security awareness. This individual shall manage the planning, development,
installation, and operations of IT security solutions by evaluating current and future business requirements.

The ITSO shall develop,
maintain, communicate and execute security project plans and schedules, prioritizes requirements, and organize teams where applicable. Work
across organizational boundaries and with functional users. Ensure products and solutions are compatible with existing and future
environmental integration. Identify, evaluate and resolve security-related business issues. Work on abstract problems across all functional
areas within ITC.

Primary Responsibilities:

  • Develops and sets information security policy for the
  • Responsible for planning and reviewing periodic risk assessments to drive security program
  • Responsible for developing, documenting, and directing implementation of a comprehensive information security program
    and prioritized roadmap to protect communications, systems, information, and assets from anticipated threats, both internal and
  • Work proactively to define and prioritize the implementation of physical, administrative, and technical controls
    appropriate for the University’s security program and in compliance with policies, applicable laws, and regulations
  • Leads the
    implementation of security controls, practices, and policies through collaboration with technical staff inside and outside
  • Directs the use of external, third-party resources to scan for vulnerabilities and conduct penetration
  • Continuously ensures compliance with laws and regulations applicable to academic, research, and business data and
  • Determines and oversees periodic security audits
  • Manages projects associated with IT security audits
  • At the
    direction of human Resources and/or the Office of the President, leads ITC activities related to data access reporting, data collection, and
    securing evidence in disciplinary and legal matters and security breaches
  • Provides strategic and tactical security guidance for
    programs, projects, and data management and use agreements that may involve security controls, including evaluation of the architecture,
    hardware, software and technical controls
  • Leads enterprise information security incident response services and
  • Directs the development and delivery of a security awareness training program for employees, contractors, and other
  • Establishes a metrics-driven dashboard to evaluate the effectiveness of the information security program
  • Maintains a
    current understanding of the IT threat landscape for the industry
  • Manages institution-wide information security governance
  • Must be available to provide support and consultation outside normal business hours, including occasional evenings,
    holidays, or weekends, within reasonable professional obligation and expectation
  • This has been designated as an essential position
    based on the duties of the job and the functions performed. Positions that are designated as such are required to report to work/remain at
    work even if classes are cancelled and the campus is working on limited operations in an emergency.


  • Anticipate operational issues and develops preventive measures.
  • Solve problems impacting the area in a
    systematic and clear manner that can be understood by management and colleagues.
  • Analyze existing operations and make
    recommendations for the improvement and strengthening of IT security throughout all IT systems, business processes, and service

Minimum Qualifications

  • A strong understanding of information security regulatory requirements
    and compliance issues.
  • Knowledge of general security concepts and methods such as vulnerability assessments, privacy assessments,
    intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and
  • Understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security
    technologies (firewalls, IDS/IPS, etc.), databases (Oracle, mysql, MS-SQL), and application programming/scripting languages (C, Java, Perl,
  • Demonstrated ability to develop new engagement opportunities in the information security advisory space within the higher
    education industry.
  • Bachelor’s degree from a college or university accredited by a U.S. Department of Education (DOE) or
    internationally recognized accrediting organization
  • At least 7 years full-time experience in information
  • Experience developing or contributing to the development of security policies
  • Ability to plan,
    manage, and maintain a complex, long-term, organization-wide program
  • Demonstrated experience working, collaborating, and
    establishing credibility and relationships with senior leadership, colleagues, and customers
  • Excellent oral, written, and
    interpersonal communication skills as evidenced in the cover letter, resume, and interview process
  • Familiarity with cyber security
    frameworks, including NIST
  • Excellent leadership and teaming skills.


  • Knowledge of Banner or other ERP system used in higher education
  • Encryption Technologies
  • CAS,
    LDAP, RSA, and other authentication technologies
  • Experience developing IAM strategies, architectures and integration a
  • Experience with common security and privacy legislation and regulations (e.g. PCIDSS, FERPA, HIPPA, etc.)
  • Experience
    coordinating with key stakeholder groups, such as internal audits
  • Professional certification (e.g. CISSP, CISO, CERT,
  • Project management of information security projects including development of project charters and plans; management of project
    execution and successful implementation of the planned solution.
  • Demonstrate ability to learn new systems and technologies

Applicants must submit:

  • Complete Job Application
  • Letter of
  • Resume’
  • Three letters of reference
  • Three references with contacts’ information on
  • Reference letters and application letters should be work related

Please apply by: July 30, 2020

Equal Opportunity Statement
The Xavier University of Louisiana is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. The University is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities.

If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact:
Sharlene LeBlanc
Office of Human Resources
Employment Coordinator
(504) 520-7537

© Copyright 2020 Internet Employment Linkage, Inc.

Source link

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.