Chief Information Security Officer

JOB SUMMARY

Under the general direction of the VPIT and CIO, the Chief Information Security Officer (CISO) oversees Information Security for the University including the central Information Technology Services (ITS) and the decentralized University IT departments.

For activities related to the above responsibilities, the CISO is a member of the senior leadership team for ITS. The CISO leads the Information Security activities for the University, including creating a security enterprise IT architecture, developing and implementing security policy, management of information security incidents, and ensuring the University is following best security practices.

The CISO coordinates and participates in high-level technology assessment, program planning and reporting for the University of Connecticut. The CISO attends conferences and training, and interacts with external peers as required to maintain knowledge of current security issues, applicable federal and state laws and regulations, and best practices.

DUTIES AND RESPONSIBILITIES

• Develops and maintains a long-term strategic IT Security plan for the University.
• Provides leadership and direction to the University on security-related issues.
• Works closely with the University’s Central IT Department along with the decentralized University IT departments on issues pertaining to Security.
• Works with all University IT entities to ensure the highest compliance with all security regulations and best practices.
• Collaborates and coordinates with the UConn Health Chief Information Security Officer on enterprise-wide IT security initiatives and planning including new technologies, policies, and procedures related to security.
• Oversees the ITS Information Systems Security unit including:
  • Develops and promotes staffing requirements with responsibility for staff planning, overseeing hiring, assessment as well as personnel policies and procedures.
  • Represents ITS at all grievance hearings, fact findings, pre-disciplinary hearings, and other labor-related issues.
• Acts as the University’s IT compliance officer, engaging with internal and external regulating groups.
• Directs the creation of security enterprise IT architecture for the University.
• Provides oversight for developing and implementing security policy including the management of information security incidents.
• Interacts with ITS senior leadership team, IT planning and governance committees, and IT leader working groups to ensure coordination of consistent application of policies and standards across all security systems and services, as well as ensure the appropriate management of security-related risks.
• Performs other duties as required.

MINIMUM QUALIFICATIONS

• Bachelor’s degree in IT Security or a closely related field from an accredited college or university with a minimum of five (5) years experience in high-level technology computing or related technology areas, or a Bachelor’s degree and other relevant education and training from an accredited college or university with a minimum of ten (10) years in high-level technology computing or related technology areas.
• Experience with security technologies, best practices, and government regulation for compliance.
• Experience in managing personnel and resources.
• Experience with implementing security best practices in a large, complex, and highly decentralized organization.
• Familiarity with the security aspects of networking, software development, systems design, information architecture, and security technologies.
• Current knowledge of IT security-related regulations and best practices.
• Experience in developing and implementing IT policies, procedures, and standards.
• Demonstrated ability to act decisively and solve problems through creative and strategic thinking.
• Ability to identify key issues in complex situations, evaluate options, and initiate strategies for resolution.
• Ability to translate long-term strategies into day-to-day operations with demonstrated experience in aligning resources with goals.
• Proven leader with strong management and communication skills who has the ability to effectively communicate security risks and mitigation strategies to senior leadership.
• Ability to implement change through collaborative leadership that encourages teamwork, and knowledge sharing and creates a learning organization.
• Excellent interpersonal skills with a demonstrated ability to develop and maintain constructive and professional relationships with a wide variety of individuals are required.

PREFERRED QUALIFICATIONS

• Master’s degree in Information Security or other related field as well as nationally recognized certifications in Information Security Management.
• Extensive experience implementing security best practices in a large complex and highly decentralized organization.
• Experience as a senior executive responsible for leading organizational change.
• Expertise in Enterprise Architecture, Identity Management, single sign-on, and Enterprise security-related technologies is highly desirable.

APPOINTMENT TERMS

This is a full-time, permanent position. The University offers a competitive salary and outstanding benefits, including employee and dependent tuition waivers at UConn, and a highly desirable work environment. For additional information regarding benefits visit: https://hr.uconn.edu/benefits-beyond-pay/ . 

TERMS AND CONDITIONS OF EMPLOYMENT

Employment of the successful candidate is contingent upon the successful completion of a pre-employment criminal background check.

TO APPLY

Please apply online at https://hr.uconn.edu/jobs , Staff Positions, Search #498178 to upload a resume, cover letter, and contact information for three (3) professional references.

This job posting is scheduled to be removed at 11:55 p.m. Eastern time on February 9, 2024. 

All employees are subject to adherence to the State Code of Ethics which may be found at http://www.ct.gov/ethics/site/default.asp .

All members of the University of Connecticut are expected to exhibit appreciation of, and contribute to, an inclusive, respectful, and diverse environment for the University community.

The University of Connecticut aspires to create a community built on collaboration and belonging and has actively sought to create an inclusive culture within the workforce. The success of the University is dependent on the willingness of our diverse employee and student populations to share their rich perspectives and backgrounds in a respectful manner. This makes it essential for each member of our community to feel secure and welcomed and to thoroughly understand and believe that their ideas are respected by all. We strongly respect each individual employee’s unique experiences and perspectives and encourage all members of the community to do the same.  All applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

The University of Connecticut is an AA/EEO Employer.