ASSOCIATE VICE PRESIDENT AND CHIEF INFORMATION SECURITY OFFICER

    University of Washington
    Seattle, WA
    Full-time, Part-time
    Similar jobs pay $29.92 - $61.98

    Job Description

    As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem solving skills and dedication to build stronger minds and a healthier world.

    UW faculty and staff also enjoy outstanding benefits, professional growth opportunities and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits and natural beauty. All of which has allowed the UW to be nationally recognized as a "Great College to Work For" for six consecutive years.

    UW-IT is the central IT organization for the University of Washington, providing critical technology support to all three campuses, UW medical centers and global research operations. UW-IT collaborates with University partners to advance teaching, learning, innovation and discovery at the UW. The Office of the Chief Information Security Officer (CISO) within UW-IT promotes a culture of cybersecurity. Services are designed to help UW units understand risks by analyzing and forecasting threats to information security, researching applicable information security laws, providing education on safeguarding institutional information, consulting on incident management, and managing policies and strategic solutions for UW's institutional information.

    The University Chief Information Security Officer (CISO) is responsible for the development, implementation, and coordination of information and cybersecurity program efforts and related risk management activities across the University. Working with UW Vice Presidents, Associate Vice Presidents/Provosts, Deans, Administrators, and other accountable institutional workforce members, the CISO is responsible for establishing an appropriate University-wide information assurance strategy and vision. The CISO oversees the creation and maintenance of UW information security -related policy, information security risk assessment efforts, a threat intelligence program, and the University's security awareness and training program. The position advises and collaborates with UW units on the approach to related statutory, regulatory, and contractual compliance practices. The CISO is also accountable for developing and maintaining incident response capabilities for the management of information systems and data compromises as defined in the University's Administrative Policy Statements. The CISO works with the UW Facilities Security Officer (FSO) as appropriate, regarding the industrial security program strategies for the protection of national security information and the University's status as a cleared institution. Working closely with the UW Medicine Chief Information Security Officer and their team, this position assists and coordinates on shared program challenges and activities. In general, the CISO is charged with the responsibility for building an information security-conscious culture and infrastructure for the University of Washington. In addition to all these duties, the CISO plays a significant role in facilitating and coordinating relevant cybersecurity industry-related engagements and activities with their regional private and public sector colleagues.

    The constituency of the Office of the Chief Information Security Officer, and therefore that of this position, is the entire University. The Office of the CISO is dedicated to innovation, and to provide trusted and reliable services that promote the confidentiality, integrity, and availability of institutional information, infrastructure technology, and information systems. It is a central office that oversees the strategic view of information security at the UW and works proactively to assess and manage information security risks in partnership with executive management and UW departments. The services and tools of the Office of the CISO are designed to support the University's mission, raise awareness, and demonstrate a due care approach that optimizes administrative, technical, and operational safeguards.

    REQUIREMENTS:
  • Master's Degree in Risk Management, Information Assurance, Computer Science, Information Management, or equivalent experience.
  • Eight to ten or more years' experience providing leadership, developing, planning, coordinating, administrating and managing in the field of information technology.
  • Possess a strong sense of ethics and demonstrate ethical behavior at all times, in harmony with the UW's values and mission.
  • Ability to establish and maintain working relationships and keep open lines of communication with business and IT groups.
  • Experience in the cybersecurity field (e.g. risk management, information systems auditing), including experience with Internet-based technology security issues, mobile computing security and vendor management. Experience can also include work in related technology, business and military operations.
  • Possess strong ability to identify, analyze, inform and debate all cybersecurity-related risk issues for the University's leadership team and their decision processes.
  • Possess strong written and oral communication skills with the ability to effectively communicate cybersecurity-related concepts and issues to a broad range of technical and non-technical staff.
  • Experience with risk management practices, auditing, vendor negotiation, and business continuity planning.
  • Possess a strong network of professional colleagues and a history of regular participation with security and privacy-related industry organizations.
  • Experience with managing staff and budget in a challenging financial environment.
  • Demonstrated experience with consulting, advising, and influencing professional colleagues and business leaders.
  • Must be able to obtain a Department of Defense Secret clearance.
  • Ability to work and effectively prioritize in a highly dynamic decentralized work environment.

    Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration.

    DESIRED:
  • Experience as a chief information security officer, director of security services or some management role related to the field.
  • Experience gathering and sharing risk-related open source information, analyzing and creating reports in a formal cyber-intelligence program.
  • Experience in Network Engineering and Systems Administration.
  • Maintain a recognized professional certification in the cybersecurity field (e.g. CISM, CISSP, CIPP, CISA).

    CONDITIONS OF EMPLOYMENT:

    This position can be subject to many stressful situations, including frustrating budget and resource constraints in the face of constantly growing threat spectrum.

    The greater Seattle area's large and growing technology sector, coupled with University's limited compensation ranges for staff, severely limits the ability to hire qualified cybersecurity professionals.

    The enormous size and highly distributed technology environment of the University creates a very complicated risk management environment.

    Creative approaches and practices are required for any risk mitigation challenge. There are no uniform technology standards, technology controls, practices or process solutions that can be universally applied across the entire University technology environment.

    Open Office Environment.

    This is an essential position and is required to report to work remotely when UW suspends operations.

    Application Process:
    The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process. These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select "Apply to this position". Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your "My Jobs" page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
  • Committed to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.

    The University of Washington is a leader in environmental stewardship & sustainability, and committed to becoming climate neutral.

    The University of Washington is an equal opportunity, affirmative action employer. To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 / 206-543-6452 (tty) or dso@uw.edu.

    Apply for this job

    Posting ID: 552776248Posted: 2020-05-21