We are currently seeking an Information Security Officer to join the Libraries and the Shoah Foundation Institute for Visual History within Information Technology Services. The Information Security Officer will be responsible for the ISO Security systems within both the Shoah Foundation and Libraries departments.
The Information Security Officer performs analysis to identify critical data, recommends monitoring rules and updates, provides configuration management support, and ensures implementation of all system configuration updates. This position is also responsible for reviewing threat intelligence information and providing constructive feedback, communicating information security policies and procedures, and supporting the management of security risks.
The successful candidate must have 5 years of experience within Information Security as well as a strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management. Experience in designing, evaluating and documenting processes and leading teams in accomplishing process review and improvement are also required for this role.
The Shoah Foundation Institute was founded by Steven Spielberg in 1994 and has collected, cataloged, digitized and preserves 53,000 interviews of Holocaust survivors and witnesses. The Institute houses nearly 53,000 audio-visual testimonies conducted in 63 countries and in 40 languages.
The Libraries actively support the discovery, creation, and preservation of knowledge. We develop collections and services that support and encourage the academic endeavors of faculty, students, and staff; build a community of critical consumers of information; and help develop engaged world citizens. has 23 libraries and information centers and the Digital Library.
- Must have a Bachelor’s Degree or combined experience/education as substitute for advanced education
- Must have 5 years of experience in Information Security
- Experience in designing, evaluating and documenting processes
- Experience leading teams in accomplishing process review and improvement
- Demonstrated understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management
- Demonstrated working knowledge of information security fundamentals and concepts
- Strong analytical thinking and strong decision-making skills
- Acts as a liaison between the assigned area and Information Security Strategy. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
- Performs analysis to identify critical data, assets, and processes in the assigned area.
- Recommends logging/monitoring rules and provides configuration management (CM) support for information system security software, hardware, and firmware.
- Reviews the quality of the threat intelligence information received from the ITS Information Security organization and provides constructive feedback to the Information Security organization based on the needs of the assigned area.
- Communicates and translates information security policies, standards and procedure requirements, and serves as a subject matter resource for university policies and standards.
- Supports the management and remediation of information security risks
- Assists the assigned area with regulatory compliance assessments, security risk assessments, findings analysis and remediation.
- Supports the implementation and communication of security training and awareness activities.
- Trains individuals within the assigned area on how to incorporate security into job functions and processes.
- Performs other related duties as assigned or requested. The university reserves the right to add or change duties at any time
- Master’s Degree
- 8 years of experience in Information Security
- One or more of the following Certifications: CISSP, CCNA, CCENT, GSEC, MCSA, CISM
- Experience in Higher Education
- Ability to effectively communicate with individuals at all levels
- Ability to work in a fast-paced environment while balancing and prioritizing multiple projects