Educause Security Discussion mailing list archives
Information Security Office Position at the Rochester Institute of Technology
From: Ben Woelk <fbwis () RIT EDU>
Date: Wed, 13 Jan 2016 15:51:07 +0000
The Rochester Institute of Technology is seeking applicants for Information Security Officer. Here's the job description: The Information Security Officer manages the university's information security program by developing and championing policy controls to avoid and/or mitigate risk to RIT's information assets in support of the mission of RIT. Responsibilities include development of security policies and standards, delivery of security awareness training, and incident response. Given the focus in these areas, it is anticipated that the Information Security Officer will collaborate with operational staff across the university to identify the optimal strategy and tactics to maximize opportunities and avoid hazards in operating RIT's information assets. The Information Security Officer will be responsible for the direction and supervision of the information security office staff. Security Policies and Standards *Understand how information security laws (including HIPAA, FERPA, Graham-Leach-Bliley, FISMA, identity and privacy laws) and accepted industry practice should be applied in higher education. *Perform security assessments of the University's information assets and identify and prioritize security risks to the University's information assets. *Develop a university-wide information security strategy to address those risks. *Work with key stakeholders on the development, implementation and maintenance of information security policies and standards. *Develop, administer, and coordinate programs to ensure compliance with information security policies and standards. *Oversee the dissemination of policies and standards to the University community and adjust standards as necessary to ensure they are having the intended effects. *Provides reports to senior executives regarding risk, the information security strategy and the effectiveness of the university's information security efforts. Security Awareness * Oversee a university-wide information security training and awareness program for employees, students, and other authorized users. * Oversee the clear and concise communication of the following: latest security and privacy legislation, threats and vulnerabilities, the information security strategy, recommended countermeasures, policies and procedures, alerts and advisories. Incident Response * Oversees incident response including the investigation and forensics of security breaches. * Oversee an information security incident handling process, forensics investigation process and forensics lab. Develop Information Security Budget request and capital project requests. Manage approved budget. More details are available in the position listing at https://sjobs.brassring.com/tgwebhost/jobdetails.aspx?jobId=1160620&PartnerId=25483&SiteId=5289 Apply at http://careers.rit.edu/staff, Position # 2220BR Ben Woelk '07 CISSP ISO Program Manager Information Security Office Rochester Institute of Technology ROS 10-A204 151 Lomb Memorial Drive Rochester, New York 14623 585.475.4122 585.475.7920 fax ben.woelk () rit edu<mailto:ben.woelk () rit edu> http://www.rit.edu/security/ Become a fan of RIT Information Security at http://rit.facebook.com/RITInfosec<http://rit.facebook.com/profile.php?id=6017464645> Follow us on Twitter: http://twitter.com/RIT_InfoSec CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.
Current thread:
- Information Security Office Position at the Rochester Institute of Technology Ben Woelk (Jan 13)