Security Officer Posting

[art <stgeorge () UNM EDU>]

The University of New Mexico is seeking an information security officer.
Functionally, this will be the chief security position for the university.
I've attached the posting below and for more information or to apply,
please go to: www.unm.edu/~hr/

Art St. George

SUMMARY:

Assumes overall responsibility for the University's central data security
and privacy policies, architecture, and procedures. Works with constituent
groups to create, document, implement, and manage policies, procedures, and
practices that ensure the availability, integrity, and privacy of
information asset on centrally managed computer systems. Assists the
University in its compliance with relevant information technology laws and
policies.
DUTIES AND RESPONSIBILITIES:

  1. Develops and implements the overall information security strategy and
architecture to be used by the University's centrally managed systems
developers and administrators.
  2. Works with functional groups and staff in the creation of policies,
procedures, or guidelines to ensure the security and privacy of information
on the University's computer systems.
  3. Serves as primary liaison between Computer Information Resources and
Technology (CIRT) and other UNM consituencies, such as University Council
and University Police, concerning information security and privacy
incidents, laws, and policies.
  4. Maintains currency of expertise in security-related technologies,
trends, issues, and solutions.
  5. Serves as liaison between CIRT, University administration, and
department representatives to maximize the adoption of and support for IT
security plans and procedures within UNM.
  6. Investigates security needs, and recommends; plans, implements,
tests, and monitors information security improvements.
  7. Plans and coordinates information security investigations,
feasibility studies, and surveys, to include cost-benefit evaluations of
proposed and existing security solutions.
  8. Prepares on-line and hard-copy documentation of University security
plans and procedures.
  9. Provides instruction and training for users and other University
employees on information security procedures and their application.
 10. Participates as appropriate in the planning and implementation of
hardware and software.
 11. May supervise and/or lead staff and/or student employees, as assigned.
 12. Maintains a broad knowledge of state-of-the-art information
technology, equipment, and systems.
 13. Performs miscellaneous job-related duties as assigned.

MINIMUM JOB REQUIREMENTS:

Master's degree with 7 to 10 years experience directly related to the
duties and responsibilities specified.
KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

   * Advanced verbal and written communication skills.
   * Knowledge of current technological trends and developments in the
area of information security.
   * Working knowledge of a broad range of relevant systems platforms, to
include Unix, PC, and Mainframe.
   * Knowledge of IT security products and techniques, network
infrastructure, applications, and equipment pertinent to a large,
distributed, heterogeneous computing environment.
   * Strong interpersonal skills and the ability to work effectively with
a wide range of constituencies in a diverse community.
   * Advanced expertise in systems level management of Unix and Microsoft
operating systems.
   * Ability to appropriately identify and assess user work patterns,
information usage and requirements, as well as IT security constraints.
   * Ability to plan, implement, test, and monitor information security
solutions.
   * Ability to make financial evaluations and develop proposals regarding
current/future systems capabilities and requirements.
   * Skill in organizing resources and establishing priorities.
   * Ability to plan, design, develop, and manage integrated security
systems solutions to organizational requirements.
   * Skill in budget preparation and fiscal management.
   * Ability to develop and write systems and applications security
policies, documentation, and guidelines for technical staff and users.
   * Ability to provide technical guidance and leadership to professional
personnel in area of expertise.
   * Advanced verbal and written communication skills and the ability to
present effectively to small and large groups.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.