Under general supervision of the Vice President for Information Technology & Chief Information Officer, the Security Director will provide strategic and policy leadership in the implementation and management of the College’s Information Technology (IT) Security program. The Security Director will provide ongoing direction for developing, deploying, maintaining, operating, educating, and evolving the institutions’ IT security architecture, controls, standards, processes and procedures. The Security Director will provide technical leadership and non-technical leadership, including education, to ensure and increase university information security awareness.
Daily Operations
• Understand and interact with Meharry College regents, administrative and academic units through committees to ensure the development of and consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
• Develop an information security vision and strategy that is aligned to the College’s priorities and enables and facilitates the institution’s business objectives, and ensure senior stakeholder buy-in and mandate.
• Create and provide academic and business units a risk-based process for the assessment and mitigation of any information security risk in the university’s ecosystem.
• Directs multiple complex information security development projects, information identity and access management processes, and manages information security systems so that the day-to-day IT functions of the College supporting teaching, learning, and administration can work securely.
• Work with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy; and ensure that data privacy and compliance requirements ae enforced where applicable.
• Oversees the monitoring of College-wide security tools and investigate breaches of security controls, and responding according to established processes and procedures.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action and ensures that disaster recovery and business resumption plans exist in alignment with the business (i.e. Business Impact Analysis, Business Continuity, etc.) regulatory requirements (i.e. Health Insurance Portability and Accountability Act, Family Educational Rights and Privacy Act, etc.)
• Create and manage a targeted information security awareness training program for all students, faculty and staff and establish metrics to measure the effectiveness of this security training program for the different audiences.
Required Skills
• Proven and extensive experience in planning, organizing, developing and implementing IT security strategies and related initiatives.
• Should have strong leadership, management and team building skills.
• Proficiency in IT security management, industry best practices and standards.
• Proven ability to identify, prioritize and communicate impact of IT security initiatives.
• Substantial knowledge and exposure in developing and testing business continuity and disaster recovery plans.
• Experience in and knowledge of IT security auditing.
• Proven ability to measure, monitor and report on the success of IT security related initiatives.
• Understanding of effective IT security system and network architectures, concepts, techniques and tools.
• Understanding and experience managing network and system security components such as firewalls and intrusion detection/prevention systems.
• Knowledge of applicable IT security related laws and regulations.
• Substantial exposure to the operation of institution wide networks, systems and applications.
• Proven ability to work effectively in a coordinating role across multiple constituencies to achieve tactical and strategic goals.
• Proven ability to direct the development and implementation of short-and-long-term cohesive IT security strategies.
• Ability to work effectively with administrators, faculty and staff.
• Excellent oral and written communication skills.
• Self-motivated and self-directed/driven.
• Excellent analytical, evaluative and problem-solving capabilities.
• Positive attitude, proven ability to work successfully with diverse populations and demonstrated commitment to promote
Required Experience
- Bachelor’s degree required; advanced degree preferred
- Six (6) years of experience in a combination IT Security, IT Risk Management and General IT positions; with at least four (2) years of this experience in a leadership role.
- Experience developing and implementing IT security policies and procedures.
- Certifications such as CISSP (Certified Information System Security Professional), CISM (ISACA Certified Information Security Manager) or CISA (ISACA Certified Information Security Auditor) Security + are preferred.
- Experience working in an IT department at higher education institutions preferred.
At Meharry, we’re pleased to offer comprehensive, competitive benefits to eligible employees and their eligible dependents. From health care to holidays, our aim is to help employees enjoy happy and healthy lifestyles, while maintaining a good work-life balance.
Meharry’s benefits package includes:
Dental
Medical
Vision
403(b) plan and supplemental annuity plan
Accidental death and dismemberment
Life insurance
Long-term disability
Short-term disability
Other supplemental coverage
Our vacation benefits vary with length and type of service. We grant twelve (12) paid holidays.
Meharry Medical College’s benefits package is designed to offer flexibility and variety of choice. All full
time staff working 32 or more hours per week are eligible for benefits. Select benefits are available for
part-time positions.
Meharry strives to offer their employees a professional environment in which they can both work
and build a career. As part of this effort, we offer a tuition reimbursement program and professional
development training to assist you with your career path.
For Further Information or Questions regarding this role, you may contact Meharry's Talent Acquisition Specialist below.
Jouvie Henderson (she, her, hers)
jhenderson@mmc.edu
Qualifications:
• Proven and extensive experience in planning, organizing, developing and implementing IT security strategies and related initiatives.
• Should have strong leadership, management and team building skills.
• Proficiency in IT security management, industry best practices and standards.
• Proven ability to identify, prioritize and communicate impact of IT security initiatives.
• Substantial knowledge and exposure in developing and testing business continuity and disaster recovery plans.
• Experience in and knowledge of IT security auditing.
• Proven ability to measure, monitor and report on the success of IT security related initiatives.
• Understanding of effective IT security system and network architectures, concepts, techniques and tools.
• Understanding and experience managing network and system security components such as firewalls and intrusion detection/prevention systems.
• Knowledge of applicable IT security related laws and regulations.
• Substantial exposure to the operation of institution wide networks, systems and applications.
• Proven ability to work effectively in a coordinating role across multiple constituencies to achieve tactical and strategic goals.
• Proven ability to direct the development and implementation of short-and-long-term cohesive IT security strategies.
• Ability to work effectively with administrators, faculty and staff.
• Excellent oral and written communication skills.
• Self-motivated and self-directed/driven.
• Excellent analytical, evaluative and problem-solving capabilities.
• Positive attitude, proven ability to work successfully with diverse populations and demonstrated commitment to promote
• Proven and extensive experience in planning, organizing, developing and implementing IT security strategies and related initiatives.
• Should have strong leadership, management and team building skills.
• Proficiency in IT security management, industry best practices and standards.
• Proven ability to identify, prioritize and communicate impact of IT security initiatives.
• Substantial knowledge and exposure in developing and testing business continuity and disaster recovery plans.
• Experience in and knowledge of IT security auditing.
• Proven ability to measure, monitor and report on the success of IT security related initiatives.
• Understanding of effective IT security system and network architectures, concepts, techniques and tools.
• Understanding and experience managing network and system security components such as firewalls and intrusion detection/prevention systems.
• Knowledge of applicable IT security related laws and regulations.
• Substantial exposure to the operation of institution wide networks, systems and applications.
• Proven ability to work effectively in a coordinating role across multiple constituencies to achieve tactical and strategic goals.
• Proven ability to direct the development and implementation of short-and-long-term cohesive IT security strategies.
• Ability to work effectively with administrators, faculty and staff.
• Excellent oral and written communication skills.
• Self-motivated and self-directed/driven.
• Excellent analytical, evaluative and problem-solving capabilities.
• Positive attitude, proven ability to work successfully with diverse populations and demonstrated commitment to promote
#J-18808-Ljbffr