Chief Information Security Officer

LRES Corporation · Roma, Lazio, Italia ·

Descrizione dell'offerta

Chief Information Security Officer

Job Title: Chief Information Security Officer

Position Number:

Work Modality: Hybrid – 4 In-Person

Job Category: University Staff

Job Type: Full-Time

FLSA Status: Exempt

Campus: Rogers Park-Lake Shore Campus

Department Name: TECHNOLOGY SERVICES

Location Code: Information Security and Compliance

Position Overview

The Chief Information Security Officer (CISO) will be responsible for overseeing the development, implementation, and use of information security and cybersecurity resources and practices throughout the organization. This position will play a crucial role in guiding the university’s strategic IT initiatives to enhance productivity, efficiency, and security.

General Responsibilities

  • Strategic Oversight: Develop and implement an IT strategy that aligns with the organization’s business goals and objectives, ensuring the efficient and secure operation of all IT systems and processes.
  • Leadership and Management: Lead and manage the IT department and/or unit, including hiring, training, and developing IT staff. Foster a culture of innovation, collaboration, and continuous improvement.
  • Innovation and Emerging Technologies: Stay current with industry trends and emerging technologies, evaluating their potential impact on the organization and recommending strategic investments.
  • Budgeting and Cost Control: Develop and manage the UISO’s budget, ensuring cost-effective use of resources and adherence to financial goals.
  • Compliance and Risk Management: Ensure the organization’s IT systems comply with relevant regulations and standards, managing risks associated with technology use.
  • Relationship Management: Establish and maintain relationships with IT vendors and service providers, negotiating contracts and ensuring the delivery of quality services.

Position Specific Responsibilities

  • Provide strategic and operational leadership of all functions for University Information Security Office (UISO).
  • Demonstrate a commitment to Loyola’s mission and strategy by supporting the ITS core values of service excellence for university strategic initiatives and continuous development/improvement.
  • Develop and implement plans to ensure institutional compliance with applicable laws, regulations and requirements related to information security.
  • Create and manage the university’s information security program and establish relevant security metrics.
  • Acts as an independent reviewer to ensure that technology compliance issues and concerns within Loyola University Chicago are being appropriately evaluated, investigated and resolved.
  • Coordinates the creation, testing and execution of business continuity and disaster recovery plans across the Loyola University Chicago departments and schools.
  • Regularly communicate in writing and in‑person to end users and resource contributors about the state of information security, security expectations and on‑going information risk status.
  • Identify staff development/training plans, as well as succession planning, for the UISO staff.
  • Participate in relevant professional activities, including involvement in university‑wide and participation in external professional organizations.
  • Perform other duties as required.

Minimum Education and/or Work Experience

  • Master’s degree in Management Information Systems, Computer Science or Engineering or equivalent experience.
  • At least 10 years of experience in information security and/or network/security management.
  • At least 7 years of experience in managing information security, technology risk or compliance personnel.
  • Proven experience with technology risk assessment and regulatory compliance, such as FERPA, GLBA, HIPAA, PCI DSS, DMCA, GDPR, Illinois Personal Information Protection Act, and similar regulations.
  • Familiarity with security concepts such as defense‑in‑depth, the principle of least privilege, access controls, risk management, and mitigating controls required.
  • Demonstrated skills related to business continuity and disaster recover planning.
  • Experience in Higher Education is a plus, but not required.
  • Experience with IT frameworks such as NIST or the ISO 27000 series is a plus, but not required.

Language Ability

  • Excellent communication (oral, written, presentation), interpersonal and consultative skills to work effectively with vendors, clients, peers, and ITS management and staff.
  • Core consulting skills such as business writing, presenting, and analytic comparisons.
  • Ability to communicate technical concepts and solutions to both technical and non‑technical audiences.

Computation Ability

  • Strong analytical and problem‑solving skills.

Reasoning Ability

  • Must be detail oriented, results focused, and be able to support change management initiatives.
  • Synthesizes complex or diverse information; generates creative solutions; identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in both group and individual problem‑solving situations.
  • Looks for ways to improve and promote quality; responds promptly to customer needs; solicits customer feedback to improve service; responds to requests for service and assistance.

Interpersonal Skills

  • Great attitude and strong work ethic; ability to work independently and in team settings; focuses on solving conflict, not blaming; maintains confidentiality and follows ITS and other university policies regarding data security and protection; balances team and individual responsibilities; contributes to building a positive team spirit; effectively influences actions and opinions of others; strives to continuously build knowledge and skills; shares expertise with others.
  • Collaborates information security concepts with both technical and non‑technical individuals; possesses the ability to explain and gain concurrence on information security concepts.
  • Diversity – shows respect and sensitivity for cultural differences; educates others on the value of diversity.
  • Ethics – treats people with respect; works with integrity and ethically; handles sensitive and confidential issues and materials appropriately.

Organizational Skills

  • Supports organization’s goals and values; develops strategies to achieve organizational goals; adapts strategy to changing conditions; includes appropriate people in decision‑making process; strong administrative and organizational skills.

Certificates/Credentials/Licenses: CISSP or CISM certification required.

GIAC certifications are a plus, but not required.

Computer Skills

  • Demonstrated competence related to network and web application firewalls, intrusion prevention, security monitoring, multi‑factor authentication, data loss prevention, data encryption/transfer, email and end‑user security, log management and security incident and event management technologies.

Proficient in Microsoft applications.

Supervisory Responsibilities: Yes.

Required operation of university‑owned vehicles: No.

Does this position require direct animal or patient contact? No.

Physical Demands: None.

Working Conditions: Irregular Hours.

Open Date: 04/15/2026.

Maximum Salary or Hourly Rate: $174,305.25 per annum.

Minimum Salary or Hourly Rate: $174,305.25 per annum.

#J-18808-Ljbffr
Candidati ora Torna all'elenco

Azioni

Candidati ora Salva nei preferiti Torna all'elenco