Chief Information Security Officer

Posting Details

Posting Information Posting Number PG194334EP Internal Recruitment No Working Title Chief Information Security Officer Anticipated Hiring Range Salary commensurate with experience (anticipated hiring range : $200,000 - $227,000) Work Schedule Monday-Friday, 8 : 00 am - 5 : 00 pm, and other times as needed Job Location Raleigh, NC Department Office of Information Technology About the Department The Security & Compliance Unit (S&C) within the Office of Information Technology (OIT) oversees the cybersecurity of the University’s systems and data in a manner consistent with industry best practices and the University’s IT compliance and IT risk management obligations. S&C develops and ensures compliance with cybersecurity policies / regulations / procedures, supports and oversees implementation of strategic information security initiatives, provides operational security services, and provides campus-wide vendor risk and license management. S&C is also the functional lead for the university’s identity and access management program.S&C’s overall responsibilities include the following :

• Development / maintenance of the university’s cybersecurity strategic plan and roadmap
• Implementation of strategic cybersecurity initiatives
• Operational security services
• Coordination of IT resilience efforts and change management processes
• Manage the University wide operational cybersecurity services
• Establish, review, and enforce university-wide IT and cybersecurity policies, standards, and procedures, while also ensuring compliance with federal / state regulations and contractual obligations.
• Campus-wide IT vendor risk and license management

Wolfpack Perks and Benefits As a Pack member, and can enjoy designed to enhance your personal and professional well-being.What we offer :

, , and

and

Attain Work-life balance with our benefits, , and that aim to build a thriving wolfpack community.

Disclaimer : Perks and Benefit eligibility is based on Part-Time or Full-Time Employment status. Eligibility and Employer Sponsored Plans can be found within each of the links offered. Essential Job Duties The Chief Information Security Officer (CISO) reports to the Vice Chancellor for Information Technology and Chief Information Officer (CIO) and leads the Security and Compliance Unit (S&C) in the Office of Information Technology (OIT). The CISO is a member of the OIT Leadership Cabinet and works closely with senior administration, academic leaders, and the campus community to optimize the security posture of the university.The CISO is responsible for developing, implementing and maintaining the university’s comprehensive cybersecurity program that ensures the confidentiality, integrity, and availability of university data and technology resources. This program utilizes industry best practices and employs a range of policy, procedural, and technological controls to manage risk to NC State University’s information assets. The CISO leads a cybersecurity program that harnesses collaborations and campus-wide resources, promotes effective cybersecurity governance, advises senior leadership on strategic cybersecurity direction and resource investments, and develops policies to effectively manage IT and cybersecurity risks.The CISO is responsible for managing the S&C portfolio within its operating budget of over $5 million as well as overseeing VRLM’s maintenance and negotiation of licenses totaling over $12 million.

List of Primary Responsibilities :

Leadership, Training and Collaboration (40%)

Provide leadership and oversight of activities and services related to the S&C unit. The current structure is comprised of :

Cybersecurity Operations (Director and 9 staff including Security Operations Center) :

Secure Computing

Data Protection

Intrusion Detection / Prevention

Logging, Monitoring, Alerting

Multi Factor Authentication Solutions

Network Security Monitoring

Password Vault Management SIEM (Security Information & Event Management) Operations

Endpoint Security : Endpoint Detection and Response, Antivirus SSL Certificate Management

Vulnerability Scanning and Pen Testing

Web Application Security Testing General Security Consultation, Security Architecture and Review

Security Incident Response and Investigation

Digital Forensics

Security Incident & Response

Security Operations Center (Manager and 3 staff) Information Security, Risk and Assurance (Director and 7 staff) :

Security Consulting and Education

Data Management

IT Risk Management

Security Awareness and Training

Security Liaison Team Program Management Identity and Access Management

Security Policy and Compliance

Access Reviews

Internal & External OIT Audit Coordination

Litigation Holds / eDiscovery and Records Retention

Research Data Security Consultation & Evaluation

Security Compliance Program Development, Management and Continuous Assessment

Security Policy, Regulations, Rules, and SOP Development

Vendor Risk & License Management (Associate Director & 2 staff)

License Asset Management

Analyzes campus needs, interests and directions, and then tailors the software licensing program to meet those needs

Lead enterprise license coordination

Collaborates with UNC-System Office on university system-wide software licenses

Manages OIT licensing maintenance reviews and renewals

Manage the software inventory management system

Manage the software distribution to stakeholders License Risk Assessment

Click-wrap Agreement Risk Assessment

Non-Negotiable Hard Copy License Review IT Purchase Compliance ManagementManage the review process to ensure that IT purchases comply with university, State and Federal regulations and / or guidelines. Manage the SAS Grant Administration

Lead the development of the annual presentation to the University Board of Trustees regarding the university’s security threat and risk landscape

Strategic Practice and Policy (35%)

Manage the university’s information security governance processes and provide leadership to the Information Security Advisory Group

Security Operations, Risk Management and Compliance (25%)

Other Responsibilities

Qualifications Minimum Education and Experience

Other Required Qualifications Required Leadership Skills

Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.

Required Technical Skills

Preferred Qualifications

Professional Security Certification from at least one of the currently acceptable information security such as :

Certified Information Systems Security Professional (CISSP)

Systems Security Certified Practitioner (SSCP)

Certified Information Security Manager (CISM)

Required License(s) or Certification(s) N / A Valid NC Driver's License required No Commercial Driver's License required No Recruitment Dates and Special Instructions Job Open Date 11 / 06 / 2025 Anticipated Close Date Open Until Filled Special Instructions to Applicants Along with your completed application, please include a resume and cover letter. Position Details Position Number 00001696 Position Type EPS / SAAO Full Time Equivalent (FTE) (1.0 = 40 hours / week) 1.00 FTE Appointment 12 Month Recurring Mandatory Designation - Adverse Weather Non Mandatory - Adverse Weather Mandatory Designation - Emergency Events Non Mandatory - Emergency Event Department ID 511001 - Security & Compliance EEO NC State University is an equal opportunity employer. All qualified applicants will receive equal opportunities for employment without regard to age, color, disability, gender identity, genetic information, national origin, race, religion, sex (including pregnancy), sexual orientation, and veteran status. The University encourages all qualified applicants, including protected veterans and individuals with disabilities, to apply. Individuals with disabilities requiring disability-related accommodations in the application and interview process are welcome to contact to speak with a representative of the Office of Equal Opportunity.

If you have general questions