Director, Information Security
Job no: 494156
Location: Moon Campus
Position Department: Office of General Counsel
Position Type: Staff Full-Time
The Director, Information Security is responsible for leading the development, implementation, testing, and maintenance of the Information Security Program (ISP) for the University, identifying and recommending best practices to mitigate information security risks, developing metrics to indicate our information risk position, and communicating those metrics. A critical role of the position is to ensure that the current threat management processes are maintained,updated, and continually improved to ensure that the University manages the level of risk inherent in a higher education institution. The Director will participate in the development of other information-related University policies, and serve as the contact point for internal and external security audits and investigations.
- Develop, implement, and maintain a comprehensive risk-based Information Security Program (ISP) that addresses information security, privacy, integrity, and availability and provides input into the university’s Enterprise Risk Management program.
- Develop and maintain the information security framework (based on the NIST 800-53 controls).
- Lead the University's ISP Steering Committee, and lead the development and enforcement of university-wide security policies.
- Drive the development of plans, procedures, and metrics that support the ISP. Communicate progress against those plans and metrics.
- Provide leadership and guidance in regard to security best practices for application development, access control, incident response, security awareness, governance, administration, and other related areas.
- Provide or coordinate the information technology response to internal and external audits, including commercial partner security assessments.
- Maintain and update the security vendor management process to ensure safe computing across all third-parties.
- Develop and maintain the risk inventory, while implementing risk mitigation strategies where appropriate.
- Responsible for the hiring, coaching, development and reviewing performance of staff.
- On occasion may need to drive or have reliable transportation to travel on behalf of the University.
- Bachelors Degree or equivalent experience required.
- A minimum of 5 years experience in security management, or a successful track record of implementing security programs resulting in certification.
- Proven ability to develop and maintain a risk-based information security program that addresses information security, privacy, integrity, and availability.
- Record of implementing cyber-security programs and frameworks.
- Experience in managing vulnerability management processes.
- Practical experience in a technical security area such as security architecture, security operations, incident management, networking, etc.
- Ability to develop plans and execute a complex effort involving the application of technical security solutions and security management best practices.
- Strong interpersonal skills, including teamwork, facilitation, and negotiation.
- Excellent analytical and technical skills.
- Excellent planning and organizational skills.
- This position may be asked to work hours outside of a normal work day to ensure the security of our electronic information to cover a 24/7 – 365 days/year operation.
- CISSP (Certified Information Security Systems Professional), GIAC (Global Information Assurance Certification), or other industry certification preferred.
- Valid drivers license or reliable transportation to travel on behalf of the University is required.
Act 153 Clearance Required: Yes
Required To Pass a Motor Vehicle Report Check: Yes
Required to Pass a Credit Check: Yes
Additional Posting Information: None
Special Applicant Instructions: None
Commitment to Diversity:
Robert Morris University is committed to increasing diversity in our community and actively pursues individuals from all backgrounds. Additionally, RMU complies with all applicable federal, state and local laws and provides equal opportunity in all educational programs and activities, admission of students and conditions of employment for all qualified individuals regardless of race, color, sex, religion, age, disability, sexual orientation, or national origin.
Advertised: Eastern Standard Time
Back to search results Apply now Refer a friend