Must be a critical thinker, with strong problem-solving skills. Poise and ability to act calmly and competently in high-pressure, high-stress situations. Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Master's Degree in a technology related field, or equivalent work or education related experience preferred. BS in Computer Science or related major required. Employment history must demonstrate increasing levels of responsibility. At least six must be in a senior leadership/executive role. Minimum of eight to 10 years of experience in a combination of IT risk management, information security and IT jobs. Ultimately, the CISO is a business leader, and should have a track record of competency in the field of information security and risk management, with eight to 10 years of relevant experience, including six years in a significant leadership/executive role. In line with that requirement, the successful candidate will champion the concept that information security is a shared responsibility for every employee who has been entrusted with sensitive data. It cannot be undertaken at the expense of the enterprise's ability to deliver on its goals and objectives. While the CISO is the leader of the security program, he or she must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that security is just one of the university's activities. The ideal candidate is a thought leader, a consensus builder, and an integrator of people and processes. The CISO must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully-functional, secure mode. A key element of the CISO's role is working with executive management to determine acceptable levels of risk for the organization. The CISO serves as the process owner of all assurance activities related to the security aspects of availability, integrity and confidentiality of student, faculty, staff, patient, research subjects, business partner and business information in compliance with the university's information security policies.
He or she will also oversee a variety of IT-related risk management activities. The CISO will proactively work with the CIO, Chief Privacy Officer and business units to implement practices that meet defined policies and standards for information security. The CISO position requires a visionary leader with sound knowledge of business management and a working knowledge of information security technologies. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the university.
The CISO is responsible for establishing and maintaining a university-wide information security management program (including Drexel College of Medicine) to ensure that information assets are adequately protected. One of the most innovative, exciting, and successful research universities in America today, Drexel's mission has remained constant since its founding: to serve its students and society through outstanding academics, innovative technology, and experiential learning. Drexel University, a comprehensive, global research university ranked among the nation's top 100, seeks an experienced and dynamic leader to serve as the Associate Vice President and Chief Information Security Officer (CISO).
0 kommentar(er)
