[vox-jobs] [fwd] Information Security Officer, CSU Sacramento
Bill Kendrick
nbs at sonic.net
Fri Feb 17 15:33:50 PST 2006
Also seen on SacLUG's mailing list:
(cleaned up for mailing list consumption (e.g., wordwrap, special chars.))
(Remember to contact Spencer directly, not this list or me!)
----- Forwarded message from joblistings at saclug.org -----
Company: CSUS.EDU
Contact: AVP for Telecommunications <spencerfreund at csus.edu>
Contact Phone: 916-278-5764
Job Summary: Information Security Officer
Job Detail: http://www.csus.edu/fas/vacancies/ISO.doc
CALIFORNIA STATE UNIVERSITY, SACRAMENTO
A Premier Metropolitan University, the Campus of Choice for Students,
Faculty, Staff, and the Community
Announcement of Vacancy
Information Security Officer
California State University, Sacramento, invites applications for the
position of Information Security Officer (ISO). Under the direction
of the Associate Vice President for Academic
Affairs/Telecommunications, the ISO leads the development and
implementation of campuswide information security strategy. The
primary duties for the ISO are:
* identifying foreseeable internal and external information security risks;
* performing risk and cost benefit analyses to determine
appropriate level of security controls;
* monitoring IT systems, PeopleSoft, and other paper document
processing systems to ensure compliance with privacy and information
security policies and procedures;
* identifying and reducing security vulnerabilities;
* monitoring and investigating complaints of non-compliance; and in
conjunction with the internal auditor, preparing an audit schedule of
security issues to ensure audits are performed on a regular basis.
Further, the ISO
* serves as the primary liaison with various university officials
including, but not limited to, Director of Public Safety and Director
of Internal Auditing;
* advises on campus-wide security related administration;
* serves as liaison with other CSU campus ISOs, outside auditors,
and organizations related to information security issues;
* prepares, maintains, and publishes procedures and best practices
to back up new policies, procedures, and standards;
* participates as an advisor or participant in system and
campus-wide committees, outside organizations, and in training
programs to keep abreast of pertinent laws, rules, and regulations;
* sponsors and conducts security lectures and training programs for
the purpose of raising clients awareness of their responsibility to
safeguard data.
Education and Certification Requirements:
Must have a four-year college degree and/or graduate degree in
Computer Science, Management Information Systems, Business
Administration, Public Policy, or Law.
The following certifications are preferred:
* PMP (Project Management Professional)
* GIAC (Global Information Assurance Certification)
* SSCP (Systems Security Certified Practitioner)
* CISA (Certified Information Systems Auditor)
Experience Requirements:
* Ten (10) years of experience in computing or related area of
technology, management, policy and security, of which five (5) years
must be in management and security.
* Minimum of 3 years experience in at least 3 of the 10 domains in
the Certified Information Systems Security Professional certificate.
* Extensive experience in designing and implementing secure network
architectures and computer systems.
* Thorough knowledge of university policies and procedures as they
relate to IT security issues; strong knowledge in IT security
practices and currency within the IT field; familiarity with current
compliance requirements such as FERPA, HIPAA, Sarbanes-Oxley, and
Gramm-Leach-Bliley.
* Practical work experience in security administration and computer
security tools
* Demonstrated knowledge in systems design, development,
documentation, testing, implementation, and maintenance
* Experience presenting plans and ideas to executive management
* Experience designing, implementing, tracking, and reporting a
security plan for a campus or metropolitan area sized heterogeneous
network.
* Experience in retrieving, analyzing, reporting, and tracking
security intrusions and vulnerabilities.
Additional required skills, knowledge, and abilities
* Must have the ability to communicate technical and information
security threats, vulnerabilities, risks, and countermeasures clearly
and concisely to non-security staff, management, and executives.
* Must be self-motivated with limited supervision and maintain
positive and effective working relationships
* Strong interpersonal, communication and organizational skills.
* Extensive experience working with end users.
* Ability to write clear and complete documentation, including
policies and procedures for highly complex systems.
* Must be proficient with Microsoft Word, Excel, and PowerPoint.
* Must work non-standard hours as required.
* Strong customer service skills.
Appointment
This position is in the Management Personnel Plan of the California
State University. It is excluded from the collective bargaining
process and does not gain permanent status. This position is also
exempt from the overtime provisions of the Fair Labor Standards Act.
Salary and benefits are competitive and commensurate with experience.
Application Procedure
Candidates are asked to provide: letter of application; current vitae;
names, addresses, and telephone numbers of three references who can
address candidates professional preparation and experience.
Nominations accompanied by current vitae of the nominee will also be
accepted. Screening of applications begins April 3, 2006; the
position will be filled by June 1, 2006, or as soon thereafter as
possible. Send to:
Spencer A. Freund, AVP for Telecommunications
California State University, Sacramento
6000 J Street
Sacramento, CA 95819-6065
. . .
Categories: Other
Brought to you by the SacLUG job listing program. Come visit the web
site at http://www.saclug.org
----- End forwarded message -----
--
-bill! Tux Paint 2006 wall calendar,
bill at newbreedsoftware.com CDROM, bumper sticker & apparel
http://www.newbreedsoftware.com/ http://www.cafepress.com/newbreedsw
More information about the vox-jobs
mailing list