Job Description Summary
This person will be responsible for developing and delivering a security strategy. This environment consists of 1,400 employees, 36,000 network devices, and 800 servers. This candidate will be the primary security architect for technology. This position is in Houghton, MI and is a hybrid work position. Must be in-person in office frequently and can only live 2 hours max from campus.
Essential Duties & Responsibilities (other duties may be assigned)
• Supervisory responsibilities for a staff of 2 people.
• Direct budgetary responsibilities in the $650k – $700k range, within a $12M total budget for the IT area.
• Lead incident response teams and forensic investigations and monitor resources for attacks.
• Collaborate with staff to educate and train them on security risks and response techniques.
• Provide reports to keep executive management and external agencies informed.
• Work with the Office of Risk Management and General Counsel as needed.
• Develop, implement, and administer technical security standards, a suite of security services, and security risk.
• Perform vulnerability assessments and evaluate the risk.
• Lead the development and implementation of effective policies and practices to secure data and ensure security and compliance.
• Stay up to date on security incidents and act as the primary contact.
• Act as liaison with law enforcement and government agencies.
• Provide direction and guidance in evaluating information security risks and monitor compliance with security standards and policies.
• Prepare short and long-term strategic and operating plans.
• Advise operating units at all levels on security issues, best practices, and vulnerabilities.
• Develop and enforce security protocols.
• Ensure compliance with company, state, and federal regulations.
• Stay up to date on all emerging technology and improve best practices among employees.
Required Education, Certifications, Licensures (minimum requirements)
• Must be able to obtain U.S. Department of Defense Security Clearance or already have it.
• Must be a US Citizen (no dual citizenship).
Required Experience (minimum requirements)
• Required professional experience working with network technologies and protocols, firewalls, intrusion detection and prevention systems.
• Required professional experience and working knowledge of regulator rules, frameworks, and controls, such as HIPAA, HITECH, GLBA, and PCI-DSS.
• Required previous experience designing and implementing controls related to NIST-800 series, DFARS, HIPAA, PCI-DSS, or similar.
Desirable Education and/or Experience
• Master’s degree preferred with 5+ years in Information Technology/Information Security.
• Previous experience in a higher education leadership role.
• Security certification such as CISSP or GIAC.
Required Knowledge, Skills, and/or Abilities (minimum requirements)
• Must be in-person in the office frequently and can only live 2 hours max from campus.
• Demonstrated ability to communicate effectively across cultural boundaries and work harmoniously with diverse groups of students, faculty, and staff.
Desirable Knowledge, Skills, and/or Abilities
• Demonstrate ability to advise senior management and governing board on enterprise-level security risks.
• Experience in security analysis.
• Experience leading incident response teams or forensic investigations.
• Lead and manage a team of security professionals.
• Demonstrated ability to effectively design and implement complex systems.
• Demonstrated ability to assess and mitigate risk.
• Knowledge and understanding of emerging technologies such as virtualized systems and networks, next-generation firewalls, and honeypots.
• Knowledge of at least one programming or scripting language.
• Skill in organizing resources and establishing priorities while working in a fast-paced environment.
Work Environment and/or Physical Demands
The work environment and/or physical demands described here are representative of those an employee may encounter while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.
Work will be done in an office environment where noise levels are usually low to moderate
Frequent repetitive hand/wrist motions and finger manipulation
Required Training and Other Conditions of Employment
Every employee at Michigan Technological University will receive the following 4 required trainings; additional training may be required by the department.
Required University Training:
Employee Safety Overview
Anti-Harassment, Discrimination, Retaliation Training
Annual Data Security Training
- Annual Title IX Training
Offers of employment are contingent upon and not considered finalized until the required background check has been performed and the results received and assessed.
Other Conditions of Employment:
The successful applicant will be responsible for ensuring eligibility for employment in the United States on or before the effective date of the appointment. Visa sponsorship is unavailable at this time. This is not an E-Verified Position.
Michigan Technological University is an Equal Opportunity Educational Institution/Equal Opportunity Employer that provides equal opportunity for all, including protected veterans and individuals with disabilities
|Full-Time Equivalent (FTE) % (1=100%) || |
Title of Position Supervisor
Chief Information Officer
|Internal & External Posting |
Special Instructions to Applicants (if applicable)