Code
5366
PCLS
N3033
Pay Grade
204
Exempt
Yes
ORP
No
EEO Code
3
Title
Information Security Officer
Description

The ISO, reporting to the Chief Information Officer, oversees cybersecurity functions including Identity & Access Management; Governance, Risk, and Compliance; and cybersecurity training & awareness, in addition to cybersecurity operations. Midwestern State University has invested significant, permanent resources in growing its cybersecurity capabilities, an effort the new ISO will build upon. The ISO will collaborate closely with information security leaders at the other campuses and the system office of the Texas Tech University System.


Examples

University & Program Leadership

  • Responsible for information security prioritization and the continuing maturity of the institutional security and risk posture.
  • Lead the development of multiyear cybersecurity, identity & Access Management, and privacy roadmaps encompassing on-premise, cloud, and third-party infrastructure and applications that align technology, policy, and regulatory requirements.
  • Advise university counsel and leadership on cybersecurity matters.


Risk Management & Incident Response

  • Oversee the development, management, and execution of campus IT security incident response program, responding to alleged policy violations, or complaints from external parties, and serving as the official contact point for cybersecurity incidents, including maintaining relationships with law enforcement entities.
  • Lead incident reporting and response systems to address cybersecurity incidents, and collaborate with university counsel in responding to alleged policy violations, or complaints from external parties.


Institutional Compliance & Policy

  • In collaboration with IT leaders, data custodians and governance bodies, lead the development of institutional cybersecurity policies, standards, and procedures.
  • Ensure institutional policies remain current on the latest cybersecurity and privacy legislation, State and Federal regulations.



Physical Condition
Ability to lift 50 lbs. Ability to sit or stand for long periods of time.
Experience

ISO Minimum Qualifications:

  • Five years of professional IT, IT administration, or risk management experience that includes significant responsibility in cybersecurity
  • Demonstrated experience with budgetary or programmatic planning
  • Demonstrated experience leading communications efforts for non-technical and leadership audiences
  • Demonstrated experience in a cybersecurity role




Knowledge

ISO Preferred Qualifications:

  • Demonstrated leadership experience in higher education, preferably at an institution comparable in complexity to the Midwestern State University
  • CISSP, CRISC, CISM, or comparable certification or willingness to gain these certifications.
Education

Bachelor's degree in a field related to information technology or cybersecurity or equivalent experience required.

Additional Requirements

Requires the ability to work well with diverse populations and maintain positive working relationships with students, faculty, staff, and the community. Ability to communicate clearly orally and in writing, to describe technical issues in non-technical terms, capacity to make presentations to diverse audiences, and the ability to work in a multi-cultural environment. Confidentiality a must. ust adhere to University’s core values: People-Centered, Community, Integrity, Visionary, and Connections, per the MSU Values Journey. Personal cell phone usage may be required to complete position duties, including multi-function authentication requirements *Designated as a Responsible Employee as outlined by Title IX. *Regular reliable attendance is required. * Must be available some nights and weekends. Must periodically serve on a standby or on-call basis. *This position is designated as security sensitive (High) and requires a criminal background check.

Standard Requirements

Requires the ability to maintain positive working relationships with students, faculty, staff, and the community. Must adhere to University’s core values: People-Centered, Community, Integrity, Visionary, and Connections, per the MSU Texas Values Journey. Personal cell phone usage may be required to complete position duties, including multi-function authentication requirements. Regular reliable attendance is required.

This position is designated as security sensitive (Mod) and requires a criminal background check. Position is designated as a Responsible Employee as outlined by Title IX. May serve as Campus Security Authority as outlined by the Clery Act.

Last Updated 09-14-2023