Deputy Chief Information Security Officer (Internal Department Posting)
About The Position
The Deputy Chief Information Security Officer assists the Chief Information Security Officer (CISO) in providing operational and technical support for the University’s information security program. This role helps ensure the confidentiality, integrity, and availability of information assets, data, and systems. The Deputy CISO works closely with the CISO to implement security policies, standards, procedures, and controls, and helps coordinate the integration of security strategies and initiatives across all campuses and units. This position reports directly to the Chief Information Security Officer and collaborates with IT leadership, research computing, and campus stakeholders to support security capabilities that align with institutional objectives.
Requirements
- Bachelor's degree in Computer Science, Management of Information Systems Technology, Information Technology, or other directly related information technology major.
- Eight years of progressive information security experience, including supporting security operations and/or governance, risk, and compliance functions in a complex environment; demonstrated success implementing enterprise security programs and leading cross-functional initiatives.
Nice To Haves
- Master’s degree in a related field.
- Professional certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA).
Responsibilities
- Assist the CISO in developing, implementing, and improving the University’s information security program and control environment.
- Support the translation of the CISO’s strategy into actionable plans; help manage day-to-day security operations and resource prioritization across security domains (GRC, IAM, incident response, vulnerability management, architecture/engineering, and awareness).
- Help maintain and enforce information security policies, standards, and procedures; assist in monitoring compliance across academic, research, and administrative units.
- Support alignment with relevant frameworks and regulations (e.g., NIST CSF/800-53, ISO/IEC 27001/27002, CIS Controls, HIPAA, FERPA, GLBA, PCI DSS) and assist with assessments and audits.
- Help maintain and test the incident response plan; assist with incident detection, containment, eradication, recovery, and post-incident reviews.
- Support business continuity and disaster recovery planning in partnership with relevant teams to ensure resilient operations.
- Assist with vendor and third-party risk management, including contract reviews, due diligence, and ongoing monitoring.
- Promotes a culture of security awareness among university staff, faculty, and students through training programs and awareness communications.
- Support data governance and privacy safeguards in collaboration with legal, audit, research compliance, and data stewards.
- Help promote a culture of security by assisting with the design and delivery of role-based training, exercises, and campus-wide communications tailored to faculty, staff, students, and researchers.
- Assist in preparing metrics, dashboards, and risk reports for the CISO and executive leadership; support briefings to governance bodies and external stakeholders as needed.
- Support collaboration with campus IT leaders to integrate security into projects, procurements, and change management processes.
- Assist in supervising managers and professional staff; help recruit, coach, and develop a high-performing, service-oriented security team.
- May serve as acting CISO when delegated or in the CISO’s absence.
- Performs miscellaneous job-related duties as assigned.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
501-1,000 employees
