The Stevens Institute of Technology in Hoboken, NJ is seeking a modern Chief Information Security Officer (CISO) to lead the university in the establishment and maturation of its enterprise wide information security program. The ideal candidate will be recognized for impeccable communication skills, deep and always evolving knowledge of information security practices and strategies, a history of effective problem solving, and a leadership style highlighted by collegiality, transparency, integrity, and sound judgement. Reporting administratively to the Vice President for Information Technology/Chief Information Officer, and with reporting responsibilities to the Stevens Institute of Technology Board of Trustees, Stevens’ next CISO will use a collaborative leadership style, honest communication; high standards of excellence, and superior team building skills to create a best-in-class information security program. The CISO, in conjunction with University leadership, will ensure the adoption and implementation of best practices, policies, and procedures in higher education and research information security.
Celebrating its sesquicentennial anniversary in 2020, Stevens is a vibrant private research university overlooking the Manhattan skyline. Since its founding in 1870, technological innovation has been the hallmark of Stevens’ educational and research programs. The university is composed of three Schools and one College where more than 7,200 undergraduate and graduate students collaborate with approximately 600 full- and part-time faculty members in an interdisciplinary, student-centric, entrepreneurial environment to advance the frontiers of science and leverage technology to confront global challenges.
This is an ideal time to be joining Stevens. The institution has made continuous investments in its campus, teaching and learning capabilities, academic facilities, and technology and data/analytics. The CISO is responsible for establishing and maintaining a strategic and comprehensive University-wide information protection, IT risk, and cybersecurity management program to ensure that information assets are adequately protected and available. This individual is responsible for identifying, monitoring, and countering threats as well as other risks and exposures that threaten the privacy, confidentiality, operational integrity, and high availability of Stevens’ networks, systems, research operations, and information assets. This position has chief institutional responsibility for protecting and maintaining the confidentiality, integrity, and authorized access to Stevens’ information assets. This is the senior institutional position in charge of identifying and responding to events involving information asset misuse, loss or unauthorized disclosure, including incident investigation and forensics. This individual will also play an important role in helping plan, maintain, secure, optimize, expand and protect a growing information technology infrastructure at Stevens. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the Institution. The CISO position requires a visionary leader with sound knowledge of both business and technical practices.
Stevens is seeking candidates who possess a record of professional experience that demonstrates progressive responsibilities and significant senior-level management experience in a complex IT and information security environment. A Bachelor’s degree in a major directly related to the responsibilities of the position and a minimum of 5 years experience relevant to the position are required. An equivalent combination of training and experience may be considered in lieu of the preceding requirements. Also required:
Excellent broad knowledge and experience with information technology generally, and professional mastery in one or more areas directly relevant to the position (e.g., networking, systems, cybersecurity); Relevant security certifications appropriate to the position (e.g. CISSP, CISM, CFCE, CISA, GCFA, GCFE, GIAC, GCIH, etc.);
Knowledge and experience with relevant security management frameworks (e.g. ISO/IEC 27001, ITIL, COBIT, NIST) as well as appropriate laws and regulations (e.g. FERPA, HIPAA, ITAR, PCI, FISMA, GDPR, etc.); The ability to obtain a security clearance;
Excellent interpersonal, written, and oral communication skills and the ability to communicate effectively with both highly technical and non-technical audiences;
Ability to work effectively as a positive and engaged member of a high-performing/collaborative team of professionals; and
Demonstrated strong analytical, systems thinking, and problem-solving skills; Demonstrated sound judgement and decision-making commensurate with the responsibilities of the position, and specifically in maintaining a secured enterprise.
Preferred qualifications include:
Strong understanding of the higher education environment, including systems and business processes in academic, administrative, and research functions;
Knowledge of and experience with Controlled Unclassified Information (CUI) and direct or supervisory experience of an Information Systems Security Manager (ISSM); Strong presence in subject area professional and higher education organizations, including presentations and committee participation;
Previous management, staff supervisory, team building, and leadership experience; Expert knowledge of networking and systems; and
experience communicating with a Board of Trustees and senior level leadership.
All inquiries and discussions will be considered strictly confidential.
Stevens is an equal opportunity employer and all qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law.