Chief Information Security Officer (PRN35157B)
The University of Utah and University of Utah Health seek an
accomplished and forward-thinking Chief Information Security Officer (CISO) to join our dedicated team. This position is a unique
opportunity to collaborate and coordinate with university entities in shaping and enhancing the security posture of a world-class academic
institution and healthcare system. The University of Utah CISO is crucial in ensuring the security and privacy of sensitive
information across both organizations. This position reports directly to the CIO of the University of Utah, the CIO of
University Health and encompasses comprehensive responsibilities in designing, implementing, and managing information security programs for
both campus and University Health.
The University of Utah is the flagship institution of the State of Utah’s System of Higher
Education, with 18 schools and colleges, more than 100 undergraduate and 90 graduate degree programs, 39,000 employees and an enrollment of
more than 32,000 students. At the University of Utah, you’ll find world-class research and education complemented by a lively social,
cultural, and athletic campus experience. An unparalleled spirit of entrepreneurship, collaboration, and community service has enabled the
University to innovate across fields, pioneer new programs with social impact, generate path-breaking discoveries, fuel critical research,
and inspire innovative approaches to education.
University of Utah Health is the only academic medical center in Utah and provides
patient care for the people of Utah, Idaho, Wyoming, Montana, Western Colorado, and much of Nevada. It also serves as the training ground
for scientists and most of the state’s physicians, nurses, pharmacists, dentists, therapists, and other healthcare professionals.
University of Utah Health comprises five hospitals and 12 community healthcare centers. It is recognized nationally for its world-class
research and as a transformative healthcare system, and regionally as a provider of outstanding healthcare.
Salt Lake City combines
the amenities of a major metropolitan area of more than one million people with the friendliness and ease of living of a small, Western
city. Seven major ski resorts are within an hour’s drive from campus, and opportunities to pursue activities from biking to hiking to
fishing abound. Salt Lake is also home to the Utah Symphony and Opera, the Utah Ballet, the Utah Opera Company, several professional sports
teams, and a wide range of other cultural and recreational activities.
University of Utah Job ID# PRN35157B 00332 –
University Infor. Techn. UIT
COMPENSATION: $103,700/yr. to $202,300/yr. DOE
WORK SCHEDULE: Monday
– Friday 8am to 5pm
RESPONSIBILITIES:
– Develop and implement an enterprise-wide information security
strategy that aligns with the university’s and healthcare system’s mission, vision, and goals.
– Oversee the development
and execution of information security policies, rules, and guidelines to protect the confidentiality, integrity, and availability of
sensitive data and information systems.
– Provide strategic guidance and recommendations to senior leadership on information security
matters, risk management, and compliance with applicable laws, regulations, and industry best practices.
– Evaluate and report on the
maturity of information security programs and risk mitigations as measured against industry standard security frameworks.
–
Collaborate with key stakeholders, including academic departments, healthcare units, and administrative divisions, to identify and
prioritize security initiatives, ensuring the appropriate allocation of resources.
– Lead a team of information security
professionals, providing mentoring, training, and guidance to develop their skills and capabilities.
– Manage relationships with
external partners, vendors, and regulatory agencies to ensure effective security controls are in place and maintained.
– Conduct
regular security assessments, penetration testing, and risk assessments to identify vulnerabilities, mitigate risks, and recommend
remediation strategies.
– Monitor and respond to security incidents, coordinating incident response activities and conducting
post-incident analysis and reporting.
– Stay abreast of the latest trends, threats, and technologies in the information security
field, and recommend innovative solutions to address emerging risks.
This job description is not designed to contain or be
interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.
QUALIFICATIONS:
– A four-year degree in a related technical, audit, law, or security field is required. An advanced
degree is preferred. A combination of work experience and specialized technical training may be substituted for a college degree.
–
Minimum of 10 years of progressive experience in a business environment, preferably in healthcare or higher education, with at least four
years in a management capacity.
– Strong knowledge of privacy and security regulations, including FERPA, HIPAA, FISMA, and
PCI-DDS.
– Excellent written and oral communication skills, including the ability to present complex information to diverse
audiences.
– Demonstrated ability to mediate conflicts, build consensus, and communicate effectively with both technical and
non-technical stakeholders.
– Strong leadership skills, high integrity, and the ability to build trusted relationships
Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position
description.
PREFERENCES:
– Industry certifications such as Certified Information Systems Security Professional
(CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are highly desirable.
–
Knowledge of security frameworks such as CIS Controls, NIST Cybersecurity Framework, Cybersecurity Maturity Model Certification (CMMC), and
Health Information Trust Alliance (HITRUST) and their commonalities and differences.
– Understanding research environments,
government grants, and agency reviews and audits is advantageous.
– Proven experience creating and implementing successful multi-year
information security programs in complex environments.
TO APPLY, VISIT: https://utah.peopleadmin.com/postings/149087
EQUAL EMPLOYMENT OPPORTUNITY
The University of Utah values candidates who have experience working in settings with students from diverse backgrounds and possess a strong commitment to improving access to higher education for historically underrepresented students.
Individuals from historically underrepresented groups, such as minorities, women, qualified persons with disabilities and protected veterans are encouraged to apply. Veterans’ preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities.
The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran’s status. The University does not discriminate on the basis of sex in the education program or activity that it operates, as required by Title IX and 34 CFR part 106. The requirement not to discriminate in education programs or activities extends to admission and employment. Inquiries about the application of Title IX and its regulations may be referred to the Title IX Coordinator, to the Department of Education, Office for Civil Rights, or both. [email protected]
Lecturer – International Business (pool) – 31939 Faculty Description ***Please note that we will contact qualified individuals as needed to...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> We are a small family-centered and family owned center and have been caring for children...
Apply For This JobJob Details Working Title: Assistant Professor in Philosophy Department: Philosophy-1091 Requisition Number: F_230147 Posting Open Date: 09/01/2023 Application Review Date:...
Apply For This JobJob Details .pup-card { background: #ffffff; box-shadow: 0 10px 20px rgba(0, 0, 0, 0.08), 0 6px 6px rgba(0, 0, 0,...
Apply For This JobJob Details Associate Director of Development, Semel Institute (Hybrid postion) University of California Los Angeles Requisition Number: 40208 Salary: $6,567...
Apply For This JobJob ID: 266657 About Us For more than 50 years, Kennesaw State University has been known for its entrepreneurial spirit...
Apply For This Job