Job Posting Details

The CISO or ISO, reporting to the Chief Information Officer, oversees cybersecurity functions including Identity & Access Management; Governance, Risk, and Compliance; and cybersecurity training & awareness, in addition to cybersecurity operations. Midwestern State University has invested significant, permanent resources in growing its cybersecurity capabilities, an effort the CISO or ISO will build upon. The CISO or ISO will collaborate closely with information security leaders at the other campuses and the system office of the Texas Tech University System.

University & Program Leadership

• Responsible for information security prioritization and the continuing maturity of the institutional security and risk posture.
• Lead the development of multiyear cybersecurity, identity & Access Management, and privacy roadmaps encompassing on-premise, cloud, and third-party infrastructure and applications that align technology, policy, and regulatory requirements.
• Advise university counsel and leadership on cybersecurity matters.

Risk Management & Incident Response

• Plan and steward the development, management, and execution of campus IT security incident response program, responding to alleged policy violations, or complaints from external parties, and serving as the official contact point for cybersecurity incidents, including maintaining relationships with law enforcement entities.
• Lead incident reporting and response systems to address cybersecurity incidents, and collaborate with university counsel in responding to alleged policy violations, or complaints from external parties

Institutional Compliance & Policy

• In collaboration with IT leaders, data custodians and governance bodies, lead the development of institutional cybersecurity policies, standards, and procedures.
• Ensure institutional policies remain current on the latest cybersecurity and privacy legislation, State and Federal regulations.
• Collaborate and participate in regular meetings and ongoing projects as directed by the Texas Tech University System Chief Information Technology Officer.

ISO Minimum Qualifications:

• Bachelor's degree or equivalent experience
• Five years of professional IT, IT administration, or risk management experience that includes significant responsibility in cybersecurityTwo years of management experience in information technology
• Demonstrated experience with budgetary or programmatic planning
• Demonstrated experience leading communications efforts for non-technical and leadership audiences
• Demonstrated experience in a cybersecurity role
• Ability to communicate clearly orally and in writing to describe technical issues in non-technical terms
• Ability to plan, organize and manage projects successfully through conclusion.

CISO Minimum Qualifications:

• Bachelor’s degree
• Ten years of professional IT, IT administration, or risk management experience that includes significant responsibility in cybersecurity
• Five years of management experience in information technology
• Demonstrated experience with budgetary or programmatic planning
• Demonstrated experience leading communications efforts for non-technical and leadership audiences
• Demonstrated experience in a cybersecurity leadership role
• Ability to communicate clearly orally and in writing to describe technical issues in non-technical terms
• Ability to plan, organize and manage projects successfully through conclusion.  

ISO Preferred Qualifications :

• Bachelor’s degree or higher in a field related to information technology or cybersecurity.
• Five years of experience in one or more domains of cybersecurity.
• Demonstrated leadership experience in higher education, preferably at an institution comparable in complexity to the Midwestern State University.
• Demonstrated experience promoting diversity, equity, and inclusion in the development and delivery of cybersecurity services.
• CISSP, CRISC, CISM, or comparable certification.

CISO Preferred Qualifications:

• Bachelor’s degree or higher in a field related to information technology or cybersecurity
• Five years of experience in one or more domains of cybersecurity
• Demonstrated leadership experience in higher education, preferably at an institution comparable in complexity to Midwestern State University.
• Demonstrated experience promoting diversity, equity, and inclusion in the development and delivery of cybersecurity services
• CISSP, CRISC, CISM, or comparable certification

Bachelor's degree in a field related to information technology or cybersecurity or equivalent experience required.

Must be able to establish effective working relationships at all levels of the institution. Ability to communicate clearly orally and in writing, to describe technical issues in non-technical terms, capacity to make presentations to diverse audiences, and the ability to work in a multi-cultural environment. Confidentiality a must. Personal cell phone usage may be required to complete position duties, including multi-function authentication requirements *Designated as a Responsible Employee as outlined by Title IX. *Regular reliable attendance is required. * Must be available some nights and weekends. Must periodically serve on a standby or on-call basis. *This position is designated as security sensitive (High) and requires a criminal background check.