[vox-jobs] [fwd] Information Security Officer, CSU Sacramento

[Bill Kendrick]

Also seen on SacLUG's mailing list:
(cleaned up for mailing list consumption (e.g., wordwrap, special chars.))

(Remember to contact Spencer directly, not this list or me!)


----- Forwarded message from joblistings at saclug.org -----

Company: CSUS.EDU

Contact: AVP for Telecommunications <spencerfreund at csus.edu>

Contact Phone: 916-278-5764

Job Summary: Information Security Officer

Job Detail: http://www.csus.edu/fas/vacancies/ISO.doc

CALIFORNIA STATE UNIVERSITY, SACRAMENTO

A Premier Metropolitan University, the Campus of Choice for Students,
Faculty, Staff, and the Community

Announcement of Vacancy
Information Security Officer

California State University, Sacramento, invites applications for the
position of Information Security Officer (ISO).  Under the direction
of the Associate Vice President for Academic
Affairs/Telecommunications, the ISO leads the development and
implementation of campuswide information security strategy.  The
primary duties for the ISO are:

* identifying foreseeable internal and external information security risks;
* performing risk and cost benefit analyses to determine
  appropriate level of security controls;
* monitoring IT systems, PeopleSoft, and other paper document
  processing systems to ensure compliance with privacy and information
  security policies and procedures;
* identifying and reducing security vulnerabilities; 
* monitoring and investigating complaints of non-compliance; and in
  conjunction with the internal auditor, preparing an audit schedule of
  security issues to ensure audits are performed on a regular basis.

Further, the ISO
* serves as the primary liaison with various university officials
  including, but not limited to, Director of Public Safety and Director
  of Internal Auditing;
* advises on campus-wide security related administration; 
* serves as liaison with other CSU campus ISOs, outside auditors,
  and organizations related to information security issues;
* prepares, maintains, and publishes procedures and best practices
  to back up new policies, procedures, and standards;
* participates as an advisor or participant in system and
  campus-wide committees, outside organizations, and in training
  programs to keep abreast of pertinent laws, rules, and regulations;
* sponsors and conducts security lectures and training programs for
  the purpose of raising clients’ awareness of their responsibility to
  safeguard data.

Education and Certification Requirements:

Must have a four-year college degree and/or graduate degree in
Computer Science, Management Information Systems, Business
Administration, Public Policy, or Law.

 
The following certifications are preferred:
* PMP (Project Management Professional)
* GIAC (Global Information Assurance Certification)
* SSCP (Systems Security Certified Practitioner)
* CISA (Certified Information Systems Auditor)

Experience Requirements:

* Ten (10) years of experience in computing or related area of
  technology, management, policy and security, of which five (5) years
  must be in management and security.
* Minimum of 3 years experience in at least 3 of the 10 domains in
  the Certified Information Systems Security Professional certificate.
* Extensive experience in designing and implementing secure network
  architectures and computer systems.
* Thorough knowledge of university policies and procedures as they
  relate to IT security issues; strong knowledge in IT security
  practices and currency within the IT field; familiarity with current
  compliance requirements such as FERPA, HIPAA, Sarbanes-Oxley, and
  Gramm-Leach-Bliley.
* Practical work experience in security administration and computer
  security tools
* Demonstrated knowledge in systems design, development,
  documentation, testing, implementation, and maintenance
* Experience presenting plans and ideas to executive management
* Experience designing, implementing, tracking, and reporting a
  security plan for a campus or metropolitan area sized heterogeneous
  network.
* Experience in retrieving, analyzing, reporting, and tracking
  security intrusions and vulnerabilities.

Additional required skills, knowledge, and abilities
* Must have the ability to communicate technical and information
  security threats, vulnerabilities, risks, and countermeasures clearly
  and concisely to non-security staff, management, and executives.
* Must be self-motivated with limited supervision and maintain
  positive and effective working relationships
* Strong interpersonal, communication and organizational skills.  
* Extensive experience working with end users.
* Ability to write clear and complete documentation, including
  policies and procedures for highly complex systems.
* Must be proficient with Microsoft Word, Excel, and PowerPoint.
* Must work non-standard hours as required.
* Strong customer service skills.


Appointment

This position is in the Management Personnel Plan of the California
State University.  It is excluded from the collective bargaining
process and does not gain permanent status.  This position is also
exempt from the overtime provisions of the Fair Labor Standards Act.
Salary and benefits are competitive and commensurate with experience.

Application Procedure

Candidates are asked to provide: letter of application; current vitae;
names, addresses, and telephone numbers of three references who can
address candidate’s professional preparation and experience.
Nominations accompanied by current vitae of the nominee will also be
accepted.  Screening of applications begins April 3, 2006; the
position will be filled by June 1, 2006, or as soon thereafter as
possible.  Send to:

Spencer A. Freund, AVP for Telecommunications
	California State University, Sacramento
	6000 J Street
	Sacramento, CA 95819-6065 

 . . .


Categories: Other

Brought to you by the SacLUG job listing program. Come visit the web
site at http://www.saclug.org

----- End forwarded message -----

-- 
-bill!                                    Tux Paint 2006 wall calendar,
bill at newbreedsoftware.com                CDROM, bumper sticker & apparel
http://www.newbreedsoftware.com/       http://www.cafepress.com/newbreedsw