Information Security Manager

Under the general direction of the Vice President for Information Technology, the information security manager (ISM) is responsible for establishing and maintaining a university wide information security program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. The ISM will proactively work with colleges and business units to implement practices that meet defined policies and standards for information security. The ISM oversee all IT risk management activities. The ISM serves as the process owner of all ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees and business information, in compliance with the organization’s information security policies. A key element of the ISM’s role is working with executive management to determine acceptable levels of risk for the organization. The ISM must be knowledgeable about the academic and business environment and must ensure that information systems are maintained in a fully functional, secure mode. Experience with SIEM and with forensics is preferred.

Bachelor’s degree in Business Administration or a technology-related field, or equivalent work or education-related experience.

Minimum of three years experience in Information Security Management, Risk Management and/or Information Systems.

Proficient with personal computers.

Experience with productivity software, such as Windows, Microsoft Office software and so forth.

Project management skills.

Financial/budget management, scheduling and resource management skills.

Experience with SIEM and with forensics is preferred.

Professional certification such as a CISSP, CISM, CISA or other information security credentials, is preferred.

Excellent written and verbal communication skills.

Interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.

Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.

Knowledge of virus and spyware detection, authentication, authorization, encryption, firewalls, VPN, PKI and intrusion detection/prevention systems.

Knowledge of technological trends and developments in the area of information security and risk management.

Knowledge of quality assurance, configuration management, change control and IT standards such as ITIL, COBITand ISO 17799.

EOE/Minorities/Females/Vet/Disability

WSU offers a generous benefits package that includes medical, dental, long-term disability, life insurance, retirement, a wellness program with release time and paid incentives, tuition benefits, free tickets to athletic and performing arts events, and paid holidays, vacation, and sick leave.