Elon University seeks an experienced, energetic, engaging and visionary leader who wants to become part of an exciting, vibrant community of information technology professionals supporting the Elon mission: providing a comprehensive, high-quality education that engages students through teaching, learning and discovery. Information Technology plays a vital and ever-expanding role in the institutional mission. Elon's information technology environment is centralized with strong leadership and coordination from the Assistant Vice President for Technology and Chief Information Officer (CIO) and direct report units. The university seeks a strong, knowledgeable leader to assist in providing vision, broad-based planning, and significant hands-on responsibility as the Information Security Director. This position reports to the Assistant Vice President and CIO, is a member of the CIO Council and serves a key role working closely with IT leadership, administration, academic leaders, and the campus community. The director is an advocate for the institutions total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the university. The director leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security policy, significant role in data governance, advises leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the campus level.
Master’s preferred or commensurate educational background. CISSP Preferred
Full Time/Part Time: Full-Time Regular
Length Of Experience:
6-10 years of experience in Information Security with progressive leadership.
Essential Duties and Responsibilities:
Responsible for the strategic leadership of the University’s information security program.
Provide guidance and counsel to administration, academic leaders, and the campus community while working closely with the AVP/CIO and members of the IT leadership team, working closely with appropriate in defining objectives for information security, while building relationships and goodwill.
Work with campus leadership to oversee the formation and operations of a university-wide information security organization that is dedicated to a common goal of appropriately applied information security practices.
Manage institution-wide information security governance processes; chair the Information Security Advisory Committee collaborating on the security program and project priorities.
Lead information security planning conversations to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology.
Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
Stay abreast of information security issues and regulatory changes affecting higher education at the state national, and international level, participate in national policy and practice discussions, and communicate to campus on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
Provide leadership philosophy for the information security area to create a strong bridge between organizations, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies and practices for the campus.
Represent the university on committees associated with the information security and data protection.
Other duties as assigned and special projects. Policy, Compliance and Audit
Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University’s information and technology systems.
Work with Internal Auditor and outside consultants as appropriate on required security assessments and audits.
Coordinate and track all information technology and security related audits including scope of audits, units involved, timelines, auditors and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses.
Work with university leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the university to effectively address state and federal statutory and regulatory requirements.
Develop a strategy for creating partnerships with other offices performing a variety of audits, compliance checks and external assessment processes for internal/external auditors, PCI, FERPA, HIPAA, and FISMA. Outreach, Education and Training
Work closely with IT leaders, technical experts, deans and administrative leaders across campus on a wide variety of security issues that require an in-depth understanding of the IT environment in their units, as well as the research landscape, federal regulations and compliance that pertain to their unit’s research areas.
Create education and awareness programs and advise operating units at all levels on information security related vulnerabilities, risks, and appropriate mitigations.
Work with all IT units to build awareness and a sense of common purpose around security.
Pursue student security initiatives to address unique needs in protecting identity theft, mobile social media security and online reputation initiatives. Data Risk Management and Incident Response
Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Group as needed, or requested, in addressing and investigating security incidences that arise.
Convene the Executive Data Security Committee as appropriate and provide leadership for breach response and notification actions for the University.
Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
Examine impacts of new technologies on the institution's overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
Elon University has built a national reputation as the premier student-centered liberal arts university that values strong relationships between students and their faculty and staff mentors. Elon's 6,700 students prepare to become the ethical leaders the world needs, putting their knowledge into action on campus, in the community and around the globe. Elon is known for academic excellence across the curriculum, and for experiential learning programs in study abroad, undergraduate research, leadership, interfaith dialogue, civic engagement and community service. Elon is ranked the nation's #1 master's-level university for study abroad and is a top-producer of Fulbright Student Scholars and Peace Corps volunteers. U.S. News & World Report recognizes Elon more than any other university in the nation for academic programs that
Elon University has built a national reputation as the premier student-centered environment for engaged, experiential learning, with an emphasis on strong personal relationships between students and their faculty and staff mentors. Elon students are ambitious, creative and determined problem-solvers who are passionate about making the world a better place. Elon's 6,045 undergraduate and 746 graduate students come from 49 states and 58 other countries. Elon sends more undergraduate students to study abroad than any other master’s-level university in the nation and the core curriculum includes a strong global focus. More than 425 full-time faculty members teach in six academic units: Elon College, the College of Arts and Sciences; the Martha and Spencer Love School of Business; the School of Communications; the School of Education; the School of Health Sciences; and the School of Law. Elon's four-year graduation rate of 78 percent ranks in the top 10 percent of U.S. private universities. The student-faculty ratio is 12-1, and the average class size is 20. The university's 636-acre residential campus is consistently recognized as one of the nation's finest environments for learning. I...n the 2018 "America's Best Colleges" guide, U.S. News & World Report recognizes Elon more often than any other university in the nation for eight academic programs that are focused on student success. U.S. News also ranks Elon #1 among Southern master's-level universities, with #1 rankings for undergraduate teaching and innovation. Princeton Review ranks Elon among the nation's 382 "best colleges." The Wall Street Journal/Times Higher Education ranks Elon #33 in the nation and #1 in North Carolina in student engagement, and Kiplinger's Personal Finance magazine names Elon one of the nation's "best value" private universities. The Elon Phoenix NCAA Division I athletic program is a member of the Colonial Athletic Association.