Information Security Officer
Information Technology Services
Job #542450
First Review: Monday, October 21, 2024
Open Until Filled
At Cal Poly Humboldt, bold hearts and open minds shape the future.
Founded in 1913, Cal Poly Humboldt began as a small college for teachers. Today Humboldt has grown into a comprehensive university with rigorous science and liberal arts programs. Designated a polytechnic in 2022, Cal Poly Humboldt provides hands-on, impactful educational opportunities that lead to meaningful, measurable outcomes for the individual, for the state, and the world.
Cal Poly Humboldt is proud to have nearly 6,000 students of all backgrounds spread across 61 majors, 13 graduate programs, and 4 credential programs — all of whom contribute passion and creativity within their fields and set the stage for a future grounded in equity and sustainability. Hands-on learning, inspired teaching, ground-breaking research, and thought-provoking creative activity happen daily at Humboldt.
Cal Poly Humboldt is a Hispanic-Serving Institution that strives to foster an inclusive and equitable community to support our students of diverse backgrounds. We are committed to achieving the goals of equal opportunity and endeavors to employ faculty and staff of the highest quality committed to working in a multicultural and multiracial community that reflects the diversity of the state.
Finding a better future is a task for the bold and open, the down-to-earth and visionary. Cal Poly Humboldt strives to cultivate these qualities in leaders, innovators, and scholars in every field.
(Job #542450) Administrator II, Information Security Officer, Hiring Range: $10,000 - $13,417/month. This is a full-time, benefited, exempt, 12-month pay plan permanent position in Information Security. This position is an Administrator II in the California State University Management Personnel Plan (MPP). Under this plan, incumbents are subject to normal management reviews and serve at the pleasure of the University President. Additional information can be found at: http://www.calstate.edu/HRAdm/policies/mpp.shtml. This position comes with a premium benefits package that includes outstanding vacation, medical, dental, and vision plans, life insurance, voluntary pre-tax health and dependent care reimbursement accounts, a fee waiver education program, membership in the California Public Employees Retirement System (PERS), and 14 paid holidays per year. Additional benefits information can be found at https://hraps.humboldt.edu/employee-benefits. Please note that this is an internal recruitment open only to active, stateside, Cal Poly Humboldt Employees.
Position Summary:
The Information Security Officer leads the campus-wide information security program within Information Technology Services. Reporting to the Chief Information Officer, the Information Security Officer is responsible for managing information security assessments, planning, operations, awareness, training, intrusion detection/prevention, incident response, risk assessment, and compliance. The Information Security Officer works collaboratively to strike a thoughtful balance between improving security posture, leveraging available resources, enabling necessary functionality to meet business objectives, and enabling innovation.
The Information Security Officer develops and manages information security assessments and operations, evaluating strategic technologies. They lead the interpretation and application of Information Technology policies for the campus, ensuring compliance with system-wide policies, industry standards, and state and federal laws. They also provide ongoing support for Information Technology and Information Security components of campus audits, data governance, and maintaining access to highly confidential data (e.g., campus email content, Human Resources, Payroll, and Health Center) for investigations and secure operations. Additionally, the Information Security Officer gathers information in support of investigations related to labor disputes, litigation, Title IX investigations, criminal activity, and Public Records Access Requests.
In their leadership role, the Information Security Officer leads and manages a team of information security professionals and student workers and coordinates projects across other Information Technology operational teams. They serve as a campus-wide advocate and liaison for all information security matters. The Information Security Officer collaborates with campus stakeholders to enhance the information security program and develop Information Technology security policies ensuring the confidentiality, integrity, and availability of information assets. Additionally, the Information Security Officer collaborates with campus stakeholders to implement departmental procedures and guidelines that align with Information Technology security policies.
The Information Security Officer actively participates in planning, prioritization, projects, and continuous improvement of Information Technology Services operations and customer service. They stay informed about current and emerging risks and trends through professional organizations and networking with CSU Information Security Officers and other peers. The Information Security Officer takes a balanced and collaborative approach to managing risk and enabling faculty, staff, and students to perform mission-critical activities.
The Information Security Officer handles information technology risk assessments and security-related audits and ensures the highest level of confidentiality and integrity.
The Information Security Officer is expected to become familiar with the mission of the University, the University Strategic Plan, and technology infrastructure, systems, and Information Technology plans.
This role may include some remote work, subject to operational needs and administrator approval, with specific duties outlined in a Telecommute Program Form. While telecommuting, all Information Technology Services employees must stay signed in to email and chat programs, staying responsive and available throughout their scheduled remote shifts, as detailed in the Information Technology Services employee handbook.
Key Responsibilities:
Leadership and Team Management
Lead a high-performing team in a collective bargaining environment, including performance management, mentoring, and fostering cross-functional collaboration. Ensure appropriate levels of recognition, professional guidance, and shared accountability.
In collaboration with the Chief Information Officer and Information Technology Services Budget Analyst, plan and oversee annual budget allocations and expenditures for the Information Security department in accordance with university fiscal guidelines.
Information Security Program Management
Program Management: Oversee and manage the campus information security program, including compliance, training, awareness, vulnerability management, intrusion detection/prevention, and incident response. Develop and maintain security plans, annual security priorities, risk assessments, pen tests, and firewall reviews.
Coordinate with the Chief Information Officer, campus leadership, and systemwide team in implementing program objectives. Inform and advise designated individuals about any real or potential risk or threat to the security of campus devices, applications, or data.
Policy and Procedure Oversight: Oversee campus information policies, procedures, and processes. Coordinate with campus leadership and systemwide teams in implementing program objectives. Ensure the development and maintenance of security policies that ensure the confidentiality, integrity, and availability of information assets.
Incident Response Management: Lead and manage the incident handling process, including documentation, protection of evidence, and long-term secure archiving. Act as a liaison with the University Counsel, the Chancellor’s Office, and other stakeholders for incidents involving campus systems and information.
Audit, Risk, and Data Governance
Security Audits and Risk Management: Manage security-related audits and prepare risk assessments and other reports. Conduct security reviews of campus systems, including security scanning, intrusion detection probes, and system log file audits. Classify and report on security events and incidents for trending and data-driven decision-making.
Data Governance: Collaborate with the Chief Technology Officer (CTO) and the Chief Data Officer (CDO) to ensure that the data governance strategy is aligned with the university’s purpose (mission), vision, and goals and that it furthers its strategic plan(s). Jointly work with CTO & CDO to ensure compliance with relevant regulations (e.g., FERPA, HIPAA, etc.) and implement relevant campus policies, procedures, and guidelines.
Collaboration, Communication, & Training
Collaboration & Communication: Collaborate with campus stakeholders, including the Information Technology Services Help Desk and other units within Information Technology Services, to create, enhance, and provide a consistent and effective set of services to the campus community. Provide regular and consistent updates and presentations to campus constituents.
Training and Awareness Programs: Oversee overall security awareness training and provide specialized training for various campus personnel on maintaining information security with their job duties. Advise, counsel, and educate constituents about the role and benefits of information security.
Data Retrieval and Public Access Requests
Respond to litigation holds, data retrieval requests, and assist with Public Access Requests.
Continuous Improvement and Professional Development
Stay informed about current and emerging risks, trends, and technologies through professional organizations and networking with CSU Information Security Officers and other peers. Participate in planning, projects, prioritization, and continuous improvement of Information Technology Services operations and customer service.
Project Management
Provide leadership as a project manager or participant for complex, campus-wide projects with an information security component. Create or contribute to project plans using established tools and collaborate with colleagues internally and externally.
Other Duties as Assigned
Knowledge, Skills, and Abilities Associated with this Position Include:
Demonstrated Experience in Information Security:
Leadership and Change Management:
Adaptability and Problem Solving:
Communication and Interpersonal Skills:
Strategic Thinking and Proactivity:
Technical and Regulatory Knowledge:
Organizational Skills:
Minimum Qualifications:
Education:
Bachelor’s degree from an accredited institution or equivalent experience.
Experience:
At least five years of experience in information security or related fields.
Preferred Qualifications:
Educational Background:
Technical Knowledge and Skills:
Experience and Abilities:
Application Procedure: To apply, qualified candidates must electronically submit the following materials by clicking the Apply Now button:
Application Deadline: The deadline to submit application materials before first review is 11:55 p.m. on Sunday, October 20, 2024.
Any inquiries about this recruitment can be directed to careers@humboldt.edu or Cal Poly Humboldt’s Human Resources Office at (707) 826-3626.
We acknowledge that Cal Poly Humboldt is located on the unceded lands of the Wiyot people, where they have resided from time immemorial. We encourage all to gain a deeper understanding of their history and thriving culture. As an expression of our gratitude we are genuinely committed to developing trusting, reciprocal, and long lasting partnerships with the Wiyot people as well as all of our neighboring tribes. Cal Poly Humboldt was the first campus in the California State University system to offer a stand-alone major in Native American Studies.
Cal Poly Humboldt is committed to enriching its educational environment and its culture through the diversity of its staff, faculty, and administration. Persons with interest and experience in helping organizations set and achieve goals relative to diversity and inclusion are especially encouraged to apply.
Working in the state of California is a condition of employment for this position. Even if part or all of an employee's assignment can be performed remotely, the employee must maintain a permanent residence in the state of California. The employee must be able to accept on-campus work assignment, as assigned, and come to campus when needed.
CSU strongly recommends that all individuals who access any in-person program or activity (on- or off-campus) operated or controlled by the University follow COVID-19 vaccine recommendations adopted by the U.S Centers for Disease Control and Prevention (CDC) and the California Department of Public Health (CDPH) applicable to their age, medical condition, and other relevant indications and comply with other safety measure established by each campus. The systemwide policy can be found at CSU Vaccination Policy and any questions you have may be submitted to hr@humboldt.edu.
Cal Poly Humboldt hires only individuals lawfully authorized to work in the United States. This position may be considered a “Campus Security Authority”, pursuant to the Clery Act, and is required to comply with the requirements set forth in CSU Executive Order 1107 a condition of employment.
CAL POLY HUMBOLDT IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS (e.g. H1-B VISAS)
Evidence of required degree(s), certification(s), or license(s) is required prior to the appointment date. Satisfactory completion of a background check (including a criminal records check, employment verification, and education verification) is required for employment. Cal Poly Humboldt will issue a contingent offer of employment to the selected candidate, which may be rescinded if the background check reveals disqualifying information, and/or if it is discovered that the candidate knowingly withheld or falsified information. Certain positions may also require a credit check, motor vehicle report, and/or fingerprinting through Live Scan service. Failure to satisfactorily complete or adverse findings from a background check may affect the employment status of candidates or continued employment of current CSU employees who are being considered for the position.
Cal Poly Humboldt is committed to achieving the goals of equal opportunity and endeavors to employ faculty and staff of the highest quality reflecting the ethnic and cultural diversity of the state. Additional information about Cal Poly Humboldt can be found at www.humboldt.edu.
Cal Poly Humboldt is a Title IX/Affirmative Action/Equal Opportunity employer. We consider qualified applicants for employment without regard to race, religion, color, national origin, ancestry, age, sex, gender, gender identity, gender expression, sexual orientation, genetic information, medical condition, disability, marital status, protected veteran status, or any other legally protected status. Mandated Reporting: This position may be considered a “mandated reporter” under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment.
Additionally, all CSU staff and faculty receive training annually on their obligations in responding to and reporting incidents of sexual harassment and sexual violence. You will be notified by email when you are required to take this mandated training.
Class Code: 3312
Publication Date: 10/4/2024