Develop, implement, and maintain the university’s information security program, including policies, standards, and procedures aligned with institutional goals and regulatory requirements
Serve as the primary security advisor to Technology leadership, providing actionable guidance on risk, controls, and tradeoffs
Conduct and oversee risk management activities, including risk assessments, vulnerability assessments, penetration testing, and vendor security reviews; track and prioritize remediation efforts
Lead security incident response, including coordination, investigation, communication, mitigation, and post-incident review
Monitor emerging threats and recommend proactive security controls and mitigation strategies
Provide technical security expertise in systems and security administration to protect and manage the university’s IT environment
Administer and optimize enterprise security tools, including SIEM, EDR, WAF/CDN, MFA, vulnerability scanning, and security awareness platforms
Design and deliver a comprehensive security awareness and phishing-resilience program for faculty, staff, and students
Collaborate across the institution, working with Technology, Legal, HR, and academic stakeholders to embed security into projects, services, and operations
Prepare security documentation and reporting, including metrics, dashboards, and regular briefings for senior leadership and governance bodies

Bachelor’s degree in a technology-related field
3–5 years of progressively responsible experience in an information security role
Strong background in systems and security administration
Demonstrated experience developing and implementing information security programs and policies
Experience designing and delivering security awareness and training programs
Excellent written, verbal, and interpersonal communication skills
Demonstrated discretion in handling sensitive and confidential information

Information Security Officer

Key skills