Job Information
Michigan Technological University Chief Information Security Officer in Houghton, Michigan
Department: Information Technology
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
If you require any auxiliary aids, services, or other accommodations to apply for employment, or for an interview, at Michigan Technological University, please notify the Human Resources office at 906-487-2280 or .
Job Description Summary
This person will be responsible for developing and delivering a security strategy. This environment consists of 1,400 employees, 36,000 network devices, and 800 servers. This candidate will be the primary security architect for technology. This position is in Houghton, MI and is a hybrid work position. Must be in-person in office frequently and can only live 2 hours max from campus.
Essential Duties & Responsibilities (other duties may be assigned)
Supervisory responsibilities for a staff of 2 people.
Direct budgetary responsibilities in the $650k - $700k range, within a $12M total budget for the IT area.
Lead incident response teams and forensic investigations and monitor resources for attacks.
Collaborate with staff to educate and train them on security risks and response techniques.
Provide reports to keep executive management and external agencies informed.
Work with the Office of Risk Management and General Counsel as needed.
Develop, implement, and administer technical security standards, a suite of security services, and security risk.
Perform vulnerability assessments and evaluate the risk.
Lead the development and implementation of effective policies and practices to secure data and ensure security and compliance.
Stay up to date on security incidents and act as the primary contact.
Act as liaison with law enforcement and government agencies.
Provide direction and guidance in evaluating information security risks and monitor compliance with security standards and policies.
Prepare short and long-term strategic and operating plans.
Advise operating units at all levels on security issues, best practices, and vulnerabilities.
Develop and enforce security protocols.
Ensure compliance with company, state, and federal regulations.
Stay up to date on all emerging technology and improve best practices among employees.
Required Education, Certifications, Licensures (minimum requirements)
Must be able to obtain U.S. Department of Defense Security Clearance or already have it.
Must be a US Citizen (no dual citizenship).
Required Experience (minimum requirements)
Required professional experience working with network technologies and protocols, firewalls, intrusion detection and prevention systems.
Required professional experience and working knowledge of regulator rules, frameworks, and controls, such as HIPAA, HITECH, GLBA, and PCI-DSS.
Required previous experience designing and implementing controls related to NIST-800 series, DFARS, HIPAA, PCI-DSS, or similar.
Desirable Education and/or Experience
Master's degree preferred with 5+ years in Information Technology/Information Security.
Previous experience in a higher education leadership role.
Security ce