Job Details

This ad is expired.

Information Security Manager
Go to our website »

Position Number: 3066429
Location: Ashland, OR
Position Type: Computer and Information Technology

Information Security Manager

Southern Oregon University

Position Number: A00468

Rate: $62,405 - $71,500 @ 1.0 FTE

Position Summary:
Reporting the SOU's Chief Information Officer, the Information Security Manager (ISM) will be the primary resource responsible for performing all tactical cybersecurity work at SOU. This position will be required to work independently with little supervision, requiring initiative and the ability to formulate its own work plans. This position will be given the authority to make tactical decisions surrounding cybersecurity initiatives at SOU. Thus, this position will be given the necessary visibility into all areas to examine and document any existing or upcoming threats. In addition, the ISM will make recommendations to the CIO and SOU's administration that will address cybersecurity threats.
Incident Response
The ISM will participate in all cybersecurity incident response activities, and depending on the scope of the incident, the ISM may be the key person managing incident response. In addition, the ISM will be responsible for documenting all incidents and formalizing and maturing the cybersecurity incident response processes at SOU.
Compliance
The ISM will also be involved in SOU's compliance needs where they intersect with information systems and information technology. The incumbent will participate in audits of SOU's compliance and make recommendations for how to address any findings.
Threat Hunting
The ISM will proactively scan and monitor SOU's information technology ecosystem to identify existing, new or potential threats to SOU. The ISM will participate in active threat intelligence efforts to ensure that SOU is aware of changes to the threat landscape. Moreover, the ISM will make recommendations for how to mitigate these threats, and implement the mitigations when approved.
Training
The ISM will be a primary resource for providing a variety of cybersecurity trainings using different delivery methods to SOU's employee base.
Investigations
As part of incident response, this position will be involved in confidential investigations that could include sensitive information relating to employees and/or students. This position will therefore at times be included in discussions surrounding the employment status of SOU employees. Therefore, confidentiality is paramount to be successful in this position.

Minimum Qualifications:
Minimum of Bachelors degree required Minimum of four years working in information technology Experience working with multiple operating systems Experience working with Active Directory

Licenses/Certificates
Must hold or be able to obtain at least one cybersecurity certification within the first six months of employment (CISSP, CISM, CEH, CompTIA Security+, etc.) Must hold or be able to obtain CISSP certification within the first 18 months

Preferred Qualification:
Familiarity with cybersecurity fundamentals (e.g. authentication, authorization, confidentiality, integrity, availability, etc.) Demonstratable understanding of networking protocols, operating system configurations, application types and configurations Demonstrated ability to make critical decisions and to maintain composure during critical events Exceptional ability for maintaining confidentiality at all times Experience conducting employee training

Knowledge, Skills, and Abilities:
Excellent communication skills with diverse audiences, both oral and written Proven ability to document information security processes, procedures, and validation of remediation Proven ability to see projects and efforts through to completion
Capability to interpret, recommend and apply practices from a variety of sources such as NIST, CIS, COBIT, etc. Working knowledge of industry compliance standards (e.g. HIPAA, FERPA, PCI, etc.) and current IT risks Awareness of the current threat landscape Self-driven and motivated with a strong passion for cybersecurity Ability to interact with personnel at all levels across the organization and to comprehend business imperatives Ability to work under pressure and instill confidence in other employees
Demonstrated customer service experience requiring a very high level of diplomacy and professionalism to effectively handle a broad range of sensitive interpersonal situations.
Demonstrated ability to interpret and consistently apply a wide variety of complex policies and procedures where specific guidelines may not always exist.
Ability to work with frequent changes in policies and procedures, under pressure of deadlines in a fast-paced environment.
Strong analytical and research skills; ability to gather, evaluate, and to develop well-reasoned conclusions and recommendations.
Ability to proactively assess work operations and anticipate potential problems; ability to develop and implement strategies for preventing/resolving problems.
Ability to exercise sound judgment and discretion, tact, and diplomacy.
Initiative in independently planning, organizing, and performing work assignments within broadly defined parameters.
Ability to work with a high level of productivity and accuracy/attention to detail.
Excellent organizational and time management skills with the ability to set own priorities to coordinate multiple assignments with fluctuating and time-sensitive deadlines.
Excellent computer skills and proficiency with a variety of computer applications including word-processing, spreadsheets, databases, online systems, social media platforms, Internet as well as online calendaring and email.
Ability to adapt to and work effectively in a heavily bureaucratic environment which requires regular interaction with a number of levels within the organization and multiple outside agencies.
Working knowledge, or ability to quickly learn, university infrastructure, policies and procedures.

Special Instructions to Applicants:
Please note: The priority consideration date for this position has been extended to June 3, 2022.

Each applicant is required to provide (as attachments to the online application) the following supplemental documents: (1) letter providing some detail of the applicants qualifications and interest in the position; (2) current resume/CV; and (3) the names, addresses, and telephone numbers of at least three professional references.(4) List of certifications provided in the document labeled "other". If you are unable to attach the supplemental materials to the online application please contact Human Resources.

For inquiries and additional information, please contact: Human Resource Services via email at hrs@sou.edu or by phone at (541)552-8553.

To view SOUs offers very generous benefits and pension programs available to eligible positions, please visit: https://inside.sou.edu/assets/hrs/Benefits/2021_Employee_Benefits_Overview.pdf
Our benefits package is an important complement to the offered salary and our Total Compensation Calculator, https://inside.sou.edu/hrs/comp-calc.html, demonstrates our value and commitment to our employees.

Special Conditions
Must be willing to travel and attend training programs off-site for occasional professional development.
Must be able to work additional hours and adjust working hours to meet special jobs. May be called back periodically to perform work as needed on an emergency basis.
Must be able to successfully pass a pre-employment background check.
Under the provisions of the Fair Labor Standards Act (FLSA):
-Position classification defined as "exempt" are not subject overtime
-Position classifications defined as "non exempt" are *subject to overtime
The person holding this position is considered a "mandated reporter" under the Oregon Revised Statues and is required to comply with the requirements set forth by the Oregon department of Human Services.

Notice to Prospective Employees*
Section 485 of the Higher Education Act, and The Federal Crime Awareness and Campus Security Act of 1990 (now referred to as the "Clery Act"),requires that prospective employees be notified of the availability of SOUs Annual Security and Fire Safety Report. The report provides the annual statistics and campus policies for the reporting of and responding to campus crimes and fires; access to campus facilities; conduct code and campus policies on use, possession and sale of drugs/alcohol; and educational/information programs to inform the campus community about campus security procedures and crime prevention.

An electronic copy of the Annual Security Report (ASR)can be accessed at the following link:
https://inside.sou.edu/assets/security/AnnualCrimeReportFinal.pdf. A physical copy of the ASR is available at no charge upon request. To request a copy please visit the Campus Public Safety Office at 382 Wightman Street, Ashland OR 97520. For more information call 541-552-6258, or email clerycoordinator@sou.edu.

All applicants must apply online at https://jobs.sou.edu/postings/10023.

Diversity Statement
Southern Oregon University is a welcoming community committed to inclusive excellence and the celebration of diversity. Without diversity, our educational process is diminished. Working together in support of our commitment to diversity, we strengthen and enrich our role as learners, educators and members of a tightly connected global community. We encourage those who share in our commitment to diversity, to join our community and we expect all our employees to demonstrate an ability and desire to create an inclusive campus community.