Overall Duties:
• Develop and implement a long-term information security strategy to protect Organization's information resources.
• Lead the creation and maintenance of security policies, procedures, and standards, ensuring compliance with laws, regulations, and contracts.
• Oversee compliance with FERPA, HIPAA, GLBA, PCI, DMCA, GDPR, and related regulations, balancing security needs with business and educational functions. • Identify and report information security risks to leadership and provide expert guidance on security best practices.
• Collaborate with university leaders to assess IT risks, set risk tolerance, and implement controls to mitigate risks. • Promote a security-aware culture through ongoing Security Awareness Training & Education (SATE).
• Lead, mentor, and manage a cross-functional security, risk, and compliance team.
• Participate in relevant committees and working groups related to IT governance and data privacy.
• Oversee daily security operations, including threat monitoring, detection, and incident response. • Evaluate and implement cost-effective, minimally disruptive security solutions.
• Collaborate with technical teams to ensure compliance with security frameworks.
• Manage regulatory audits and implement remediation actions as needed.
• Develop metrics to track the effectiveness and maturity of the security program.
• Stay informed on emerging threats and guide stakeholders on responses.
• Liaise with law enforcement and oversee incident response and vendor risk management.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Required Skills & Experience
Must Haves:
- Bachelor’s Degree or higher with a major in computer science, information technology, business or public administration, or related disciplines; OR equivalent combination of education and/or experience - Deep expertise and technical knowledge in the information security and risk management domains
- 10+ years of experience managing an information security area, program, or office with a proven track record of creating and maintaining information security practices and/or services
- Demonstrated recent experience and achievements with managing and prospering a comprehensive information security program, including well-known IT and information security standards (i.e. ISO 27001/2, COBIT), auditable compliance, policy governance, data management, and risk management
- Ability to effectively communicate security concepts, strategies, and influence best-practice adoption to a wide variety of audiences
- Knowledge of Higher Education policies and best practices regarding FERPA, HIPAA, FISMA, GLBA, and other regulations
- Demonstrated recent experience in a senior leadership role with accountability to executive management
Nice to Have Skills & Experience
- Certifications: - CISSP - CSP - PMP - ITIL
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
