Chief Information Security Officer

Pre-Employment Requirements:

• You must complete and submit an electronic application for employment to be considered. Resumes will not be accepted in lieu of completing an electronic application.
• Applicants seeking Veteran’s Preference must attach a DD 214 form or those seeking National Guard Preference must attach as NG23A form. Certificate of Release or Discharge from Active Duty with your application during the process of applying to the job posting.
• Final candidates are subject to criminal background checks, and education/license verification prior to employment.
• North Carolina Central University participates in E-Verify. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States.

• Accrued Vacation and Sick Leave
• Community Service Leave
• NCFlex – Vision, Dental, Flexible Spending Account, Life Insurance and more
• 11-12 Paid Holidays
• Teachers and State Employees Retirement System (TSERS)
• Optional Supplemental Plans – 401k, 403b, 457b and 457
• Employee Assistance Program (EAP)
• Campus Recreation Center Discount
• University Bookstore Discount and more.

Position Information

Position/Classification Title: Chief Campus IT Security Administrator

Working Title: Chief Information Security Officer

Position Number: 601921

FLSA: Exempt

Appointment Type: Permanent - Full Time

Tenure Track: No

FTE: 1 = 40 hours/week, 12 months

Department Hiring Range: $51,000 - $119,361

EEO-1 Category: Professionals

SOC Code: 11-3021 - Computer and Information Systems Managers

Position Overview: Be an Eagle - Where Purpose Takes Flight! Are you ready to make an impact? At North Carolina Central University (NCCU), we are more than an institution—we are a community rooted in a legacy of excellence and transformation. A historically Black university located in Durham, North Carolina, also known as ‘The City of Medicine,’ NCCU has been a cornerstone of education since 1910, fostering innovation and progress. Join our team and enjoy a comprehensive benefits package and exclusive perks designed to support your work-life balance. At NCCU, your professional growth will be nurtured, and your contributions will help shape the future for our students and the community we serve. Become part of a legacy that drives change and achievement. An opportunity awaits you at NCCU, where your purpose can take flight. Visit NCCU.edu.

Primary Function of Organizational Unit: North Carolina Central University’s Information Technology Services (ITS) provides information technology services to schools and departments, administrators, staff, students and the growing population of on-line and distance education students. The objectives of ITS is to Improve the operational effectiveness and efficiency of the administrators, faculty and staff at NCCU through the use of technology, enhance the teaching, learning and research process through the use of technology and to provide adequate support of the technology that is deployed.

Primary Purpose of Position: The Chief Information Security Officer (CISO) reports to the Chief Information Officer (CIO), is a member of the CIO leadership team and serves a key role in university leadership, working closely with senior administration, academic leaders, and the campus community. The CISO is an advocate for North Carolina Central University’s overall information security technology needs and awareness planning. This position will provide vision and leadership for developing and supporting security initiatives. The Chief Information Security Officer directs the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues. This individual is also responsible for auditing existing systems, while directing the administration of security policies, activities, and standards.

Required Knowledge, Skills, and Abilities: The emphasis of this position is on IT Security and Compliance leadership and judgment, with a sophisticated ability to work with other leaders and to set the best balance between security strategies and other priorities at the campus level. Experience as an Information Security Officer, developing and administering an information security program including policies and procedures in a complex higher education environment is highly desirable. The position requires an intelligent, articulate, consensus-building, and persuasive leader who can work effectively with senior administration, academic leaders, and the campus community and communicate information security-related concepts to a broad range of technical and non-technical staff. Demonstrated experience advising and collaborating with senior management is required. The ability to work in a team/collaborative environment with a broad range of constituencies is essential. Proven leadership ability is essential to success in this role. Excellent knowledge of technology environments, including information security, building security, and defense solutions. Experience in planning and executing security policies and standards development. Good understanding of computer systems characteristics, features, and integration capabilities. Knowledge of COBIT, ISO, ITIL, CMS, NIST and other standards is essential. Ability to exhibit maturity, reliability, composure, and stability under pressure as required for handling on-the-job challenges is essential. Must be able to give and receive constructive criticism and feedback. Demonstrated success in working with Internal Audit, System Auditors, outside consultants and/or Office of the State Auditor in a lead capacity to coordinate representation of institutional technology systems and practices is highly desired. Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment is highly desirable. Working knowledge and experience in the policy and regulatory environment of information security, particularly in higher education, is highly desirable. A bachelor’s degree in Management Information Science or other related field and/or an advanced degree is preferred. Professional certification such as CISSP or CCISO is highly desirable. Candidates lacking such certification may be competitive if they present comparable credentials or involvement in continuous professional development.

Licenses or Certification required by Statute or Regulation: Yes

Equal Opportunity Employer: North Carolina Central University is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.

Primary Responsibilities and Duties:

Function: Strategic Analysis and Planning

• Participate as a member of the University’s senior management team in governance processes of the organization’s security strategies.
• Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology.
• Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
• Stay abreast of information security issues and regulatory changes affecting higher education at the state and national level, participate in national policy and practice discussions, and communicate to campus on a regular basis about those topics.
• Develop and provide ongoing IT Security Awareness initiatives and communication for students, faculty and staff.
• Lead ongoing development and review of Information Technology security policies and procedures, disaster recovery planning/testing and risk assessments.
• Provide leadership, direction and guidance in assessing and evaluating information security risks, monitor compliance with security standards and policies, and make recommendations to the CIO and IT Security Council.
• Develop a strategy for cohesively dealing with audits, compliance checks and external assessment processes for internal / external auditors, PCI, NIST, HIPAA and other applicable standards.

Function: Operations Management

• Work with campus leadership to oversee the formation and operations of university-wide information security resources and policies organized toward a common cause in information security.
• Oversee the office of IT Security & Compliance and staff.
• Examine impacts of new technologies on North Carolina Central University’s overall information security.
• Works closely with the IT department on corporate technology development to fully secure information, computer, network, and processing systems.
• Responsible for the cyber security of North Carolina Central University’s information systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
• Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
• Keep abreast of security incidents and act as primary control point during significant information security incidents.
• Maintain and convene the Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidents.

Function: Instructional

• Recommend and implement changes in security policies and practices in accordance with changes in local or federal law and industry best-practices frameworks.
• Responsible for working with agencies, coordinating and tracking all information technology and security related audits including scope of audits, colleges/units involved, timelines, auditing agencies and outcomes.
• Represent the university on committees and boards associated with the University of North Carolina consortia and in national and regional consortiums and collaborations.

Posting Number: EPA02825P

Open Date: 04/11/2023

Date desired for closing or initial review: 04/24/2023

Close Date: Open Until Filled

Date Position Available:

Special Instructions to Applicants:

Pre-Employment Requirements:

• You must complete and submit an electronic application for employment to be considered. Resumes will not be accepted in lieu of completing an electronic application.
• Applicants seeking Veteran’s Preference must attach a DD 214 form or those seeking National Guard Preference must attach as NG23A form. Certificate of Release or Discharge from Active Duty with your application during the process of applying to the job posting.
• Final candidates are subject to criminal background checks, and education/license verification prior to employment.
• North Carolina Central University participates in E-Verify. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States.

• Accrued Vacation and Sick Leave
• Community Service Leave
• NCFlex – Vision, Dental, Flexible Spending Account, Life Insurance and more
• 11-12 Paid Holidays
• Teachers and State Employees Retirement System (TSERS)
• Optional Supplemental Plans – 401k, 403b, 457b and 457
• Employee Assistance Program (EAP)
• Campus Recreation Center Discount
• University Bookstore Discount and more.

Required Documents:

• Resume/CV
• Cover Letter
• Unofficial Transcripts (official required from selected candidate)
• List of References

Optional Documents:

• DD-214 (Veterans Only)

Required fields are indicated with an asterisk (*).