Chief Info Security Officer (CISO)

Job Description:

POSITION SUMMARY

The Chief Information Security Officer (CISO) provides strategic leadership and operational oversight for Fairfield University’s information security program. This role is responsible for safeguarding digital assets, ensuring regulatory compliance, and fostering a culture of cybersecurity awareness across the University. Reporting to the Chief Information Officer (CIO) and as a member of the leadership team of Information Technology Services (ITS), the CISO works collaboratively with University leadership to align information security initiatives with academic and administrative goals while upholding Jesuit values of ethical stewardship and trust.

The CISO develops and leads outreach, communication, and education efforts to raise campus-wide awareness of information security risks, requirements, and solutions; provides strategic and technical guidance and assistance in the design and implementation of appropriate security processes for campus-wide information systems; creates and keeps current information security policies and incident response protocols to help ensure the confidentiality, availability and integrity of all information assets; and leads the University’s monitoring, detection, and mitigation of potential security threats. 

DUTIES AND RESPONSIBILITIES

• Develop, maintain, and enforce cybersecurity policies, standards, and procedures that ensure confidentiality, integrity, and availability of information systems.

• Develop security architecture and maintain a risk-mitigation approach to securing ITS assets.

• Collaborate with ITS leadership, legal, audit, and academic units to ensure alignment between security and institutional priorities, aligned with the principles of academic freedom that remain core to a national doctoral and professional University.

• Conduct security awareness education and training programs that promote a security-conscious culture across the University.

• Serve as the primary advisor to University leadership on information security risks and mitigation strategies. Partner with campus stakeholders to integrate information security into the lifecycle of all technology projects.

• Direct incident response activities and collaboration with other ITS units in the development of disaster recovery and business continuity plans.

• Coordinate with law enforcement, governmental agencies, and insurance providers on cybersecurity matters.

• Monitor emerging threats and coordinate proactive responses to potential vulnerabilities.

• Provide oversight of, in collaboration with the School of Engineering and Computing, the internal student-run security operations center and external threat detection and response services.

• Lead cybersecurity risk assessments and oversee internal/external audits, cybersecurity maturity assessments, and penetration tests.

• Stay current with information security issues and regulatory changes affecting higher education at the state and national level, participate in national policy and practice discussions, and communicate to campus on a regular basis about those topics.

• Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.

• Performs other related duties as required or dictated by responsibilities.        

QUALIFICATIONS AND EXPERIENCE

• 8-10 years of progressive information security experience with 3+ years in a leadership or managerial role.

• Experience in higher education or a research environment is preferred.

• A strategic grasp of information security at both institutional and operational levels.

• Capability to articulate a vision for information security that engages all constituents, satisfies internal and external requirements, and enables Fairfield University’s ongoing pursuit of excellence and innovation in its academic and research fields.

• Proven experience managing a small team of technology associates. This role has management responsibility for a Security Architect and a Network Security Specialist.

• Professional certifications such as CISSP, CISM, or CRISC.

• Familiarity with NIST, ISO 27001, and EDUCAUSE security frameworks.

• Strong understanding of compliance standards such as FERPA, HIPAA, GDPR, and GLBA.    

• Excellent interpersonal and communication skills, with the ability to present complex security topics to diverse audiences.

PERSONAL CHARACTERISTICS

• Be a “doer and a problem solver.” Possess enthusiasm and exhibit passion and excitement over work. Have a can-do attitude. Be a leader.

• Possess a constant desire to learn and improve. Encourage learning for self and staff.

• Be empathetic with a constituent focus.

• Be supportive of staff and direct reports. Exceptional interpersonal skills.

• Be collaborative, approachable, and friendly. No ego.

• Very strong verbal and written communication skills.

• Attention to detail. Does not let important details slip through the cracks or derail a project.

• Strong organizational skills and ability to effectively manage time and competing demands are required.

• Cope effectively with complexity and change.

• Must demonstrate desire and ability to partner with all functional areas within the organization to achieve mission success.

• High degree of honesty and integrity, and confidentiality.

• Does not cut corners ethically. Earns trust and maintains confidence. Does what is right. Speaks plainly and truthfully.

• Deliver results and lives up to verbal and written agreements.

EDUCATION           

Bachelor’s degree required in cybersecurity, computer science, information systems, or a related field. Master’s degree in comparable disciplines preferred.

                                      

*To apply or express interest in this role, please contact:

Ken McGovern

KMR Executive Search

(860) 404-2526

kmcgovern@kmrsearch.com

Category:

ITS - Admin

Performs such other duties, responsibilities, and activities as required by supervisor and as departmental/University needs indicate. 
 

*Disclaimer

The above information indicates the general nature and level of work performed by employees within this classification. It is not designed to contain and should not be interpreted as a comprehensive inventory of all duties, responsibilities, activities, and/or qualifications required or expected of employees assigned to this job. Duties, responsibilities, and activities may change and new ones may be assigned at any time, with or without notice.

All offers of employment are contingent upon a satisfactory background check.

Fairfield University provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Load a resume or CV first, then upload supporting documents including a cover letter at the bottom of the third page under the "My Experience" section where it says to upload a Resume/CV. You will be able to upload up to 5 other documents in this section. You will be unable to edit your application, so please have all documents available before applying. Faculty Positions: If you need to upload more than 5 documents, please either combine them to upload or email the additional documents to the applicable contact in the job description. Staff positions: If you need to upload more than 5 documents, please either combine them to upload or email them to hr@fairfield.edu