ASSOCIATE VICE PRESIDENT AND CHIEF INFORMATION SECURITY OFFICER
Full Time
Seattle, WA 98195
$12,421 - $23,334 a month
Posted
Job description
Benefits:
As a UW employee, you will enjoy generous benefits and work/life programs. For a complete description of our benefits for this position, please visit our website, click here.
As a UW employee, you have a unique opportunity to change lives on our campuses, in our state and around the world. UW employees offer their boundless energy, creative problem-solving skills and dedication to build stronger minds and a healthier world. UW is Committed to attracting and retaining a diverse staff, your experiences, perspectives, and unique identities will be honored at the University of Washington. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
University of Washington Information Technology (UW-IT) is the central IT organization for the University of Washington, supplying critical technology support and services to UW Bothell, UW Tacoma, UW Seattle, UW Medicine, and global research operations. UW-IT collaborates with university partners to support, enable, and advance teaching, learning, and research at the University. The Associate Vice President for Information Security and University Chief Information Security Officer reports to the UW Chief Information Officer (CIO) and will provide leadership for planning, developing, directing, and running an innovative, trusted, and reliable information security program to support the confidentiality, integrity, and availability of electronic institutional information.
As a senior executive and leader, strong leadership skills are necessary to recruit, develop, and keep top talent. The CISO must also embrace and model organizational diversity, equity, and inclusion (DEI) competencies. It is essential that the CISO understands the impact of technology on historically marginalized communities and ensure that security solutions are inclusive and accessible to all members of the University community. The CISO must work to promote a culture of DEI within their division and across the University, incorporating DEI principles into hiring, staff development, engagement, and decision-making processes. The CISO must also collaborate with other university leaders to ensure that technology and security solutions align with the University's DEI goals and values. The CISO must lead by example, modeling DEI principles in all aspects of their work and creating a culture of inclusivity and belonging within the team and across the University.
Through the information security program, the CISO promotes a culture of security throughout the institution, with a clear focus on delivering security measures, tools, and technologies to decentralized units in a federated system. These services are designed to enable UW units to understand and mitigate cyber risks and include, but is not limited to, deploying central and enterprise-wide security capabilities, analyzing and forecasting threats to information security, researching applicable information security laws, developing security policies, providing training, awareness, and education on safeguarding institutional information.
The CISO handles the development, implementation, and coordination of information and cybersecurity program efforts and related risk management activities across the University. Working with UW Vice Presidents/Provosts, Associate Vice Presidents/Provosts, Deans, Administrators, and other stakeholders, the CISO is responsible for establishing an appropriate University-wide information assurance strategy and vision. The CISO oversees the creation and maintenance of UW information security related policy, information security risk assessment efforts, a threat intelligence program, and the University's security awareness and training program.
The position advises and collaborates with UW units on the approach to related statutory, regulatory, and contractual compliance practices. The CISO is accountable for developing and maintaining incident response capabilities and activities for the management of information systems and data compromises as defined in Executive Order No. 63 and Administrative Policy Statement 2.4. The CISO works with the UW Facilities Security Officer (FSO) as appropriate, regarding the industrial security program strategies for the protection of national security information and the University's status as a cleared institution. Working closely with the UW Medicine Chief Information Security Officer and their team, this position assists and coordinates on shared program challenges and activities.
In general, the CISO is charged with the responsibility for building an information security-conscious culture and infrastructure for the University of Washington. In addition to all these duties, the CISO plays a significant role in facilitating and coordinating relevant cybersecurity industry-related engagements and activities with their regional private and public sector colleagues.
As the University of Washington continues to enhance its information security posture, a strategic shift in the delivery of security services to the institution is underway. The CISO will be pivotal in driving this transformation, encompassing the evaluation and realignment of services, optimizing the security workforce, effectively managing stakeholder expectations, and supporting Enterprise Risk Management functions for the institution.
Position Complexities:
In this role, the CISO will navigate the complexities and challenges of a shared governance higher education environment, which utilizes a diverse array of technology to support the University's mission. The CISO must manage the integration and security of highly technical, unique systems within a complex network, while acknowledging the need for openness in preserving, advancing, and disseminating knowledge. Balancing the protection of the University's assets while enabling its business operations is crucial to success.
The CISO must also effectively navigate the politics of a major research university and demonstrate the ability to influence and collaborate with various stakeholders. This includes working closely with leaders specializing in specific technology domains, such as research, health, education, networking, cloud, and security. The CISO's role is further complicated by the need to comply with an intricate web of state and federal laws.
To excel in this position, the CISO must possess a unique set of skills that balances both strategy and policy aspects, as well as technical and security operations expertise. Strong leadership, political acumen, and the ability to balance competing interests and priorities are essential. This role requires effective collaboration with stakeholders across the organization, aligning with a cohesive security strategy and ensuring the integration and security of multiple technology platforms and systems. The CISO's success depends on their ability to seamlessly blend high-level strategic thinking with hands-on technical and security operations skills.
REQUIREMENTS:
Bachelor’s Degree in business administration, computer science, cyber security, or equivalent work experience.
At least 10 years of progressively responsible information security leadership experience, including significant responsibilities in information security.
A minimum of 5 years in a senior position for leading security analysts, cybersecurity engineers, and staff with similar competencies.
Demonstrated experience in developing and implementing security strategies that align with business goals.
Demonstrated experience managing a complex security ecosystem, including centralized and decentralized systems.
Strong leadership and management skills with the ability to build and lead high-performance teams.
Proven ability to develop staff and guide teams through major transitions in roles, competencies, and technical direction.
Excellent communication skills with the ability to communicate complex technical concepts to a non-technical audience.
Experience managing budgets and working with vendors and service providers.
Proven operational and management skills in an entrepreneurial, fast-changing, and ambitious environment.
DESIRED:
Master’s degree.
Relevant industry certification in security (e.g., CISSP, CISM, CISA, CRISC, and CHPS).
Project Management Professional (PMP).
Experience leading technology and security teams in a decentralized organization emphasizing enabling research and development activities
This is an essential position and is required to report to work remotely when UW suspends operations.
Application Process:The application process may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process.These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment, you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
University of Washington Information Technology (UW-IT) is the central IT organization for the University of Washington, supplying critical technology support and services to UW Bothell, UW Tacoma, UW Seattle, UW Medicine, and global research operations. UW-IT collaborates with university partners to support, enable, and advance teaching, learning, and research at the University. The Associate Vice President for Information Security and University Chief Information Security Officer reports to the UW Chief Information Officer (CIO) and will provide leadership for planning, developing, directing, and running an innovative, trusted, and reliable information security program to support the confidentiality, integrity, and availability of electronic institutional information.
As a senior executive and leader, strong leadership skills are necessary to recruit, develop, and keep top talent. The CISO must also embrace and model organizational diversity, equity, and inclusion (DEI) competencies. It is essential that the CISO understands the impact of technology on historically marginalized communities and ensure that security solutions are inclusive and accessible to all members of the University community. The CISO must work to promote a culture of DEI within their division and across the University, incorporating DEI principles into hiring, staff development, engagement, and decision-making processes. The CISO must also collaborate with other university leaders to ensure that technology and security solutions align with the University's DEI goals and values. The CISO must lead by example, modeling DEI principles in all aspects of their work and creating a culture of inclusivity and belonging within the team and across the University.
Through the information security program, the CISO promotes a culture of security throughout the institution, with a clear focus on delivering security measures, tools, and technologies to decentralized units in a federated system. These services are designed to enable UW units to understand and mitigate cyber risks and include, but is not limited to, deploying central and enterprise-wide security capabilities, analyzing and forecasting threats to information security, researching applicable information security laws, developing security policies, providing training, awareness, and education on safeguarding institutional information.
The CISO handles the development, implementation, and coordination of information and cybersecurity program efforts and related risk management activities across the University. Working with UW Vice Presidents/Provosts, Associate Vice Presidents/Provosts, Deans, Administrators, and other stakeholders, the CISO is responsible for establishing an appropriate University-wide information assurance strategy and vision. The CISO oversees the creation and maintenance of UW information security related policy, information security risk assessment efforts, a threat intelligence program, and the University's security awareness and training program.
The position advises and collaborates with UW units on the approach to related statutory, regulatory, and contractual compliance practices. The CISO is accountable for developing and maintaining incident response capabilities and activities for the management of information systems and data compromises as defined in Executive Order No. 63 and Administrative Policy Statement 2.4. The CISO works with the UW Facilities Security Officer (FSO) as appropriate, regarding the industrial security program strategies for the protection of national security information and the University's status as a cleared institution. Working closely with the UW Medicine Chief Information Security Officer and their team, this position assists and coordinates on shared program challenges and activities.
In general, the CISO is charged with the responsibility for building an information security-conscious culture and infrastructure for the University of Washington. In addition to all these duties, the CISO plays a significant role in facilitating and coordinating relevant cybersecurity industry-related engagements and activities with their regional private and public sector colleagues.
As the University of Washington continues to enhance its information security posture, a strategic shift in the delivery of security services to the institution is underway. The CISO will be pivotal in driving this transformation, encompassing the evaluation and realignment of services, optimizing the security workforce, effectively managing stakeholder expectations, and supporting Enterprise Risk Management functions for the institution.
Position Complexities:
In this role, the CISO will navigate the complexities and challenges of a shared governance higher education environment, which utilizes a diverse array of technology to support the University's mission. The CISO must manage the integration and security of highly technical, unique systems within a complex network, while acknowledging the need for openness in preserving, advancing, and disseminating knowledge. Balancing the protection of the University's assets while enabling its business operations is crucial to success.
The CISO must also effectively navigate the politics of a major research university and demonstrate the ability to influence and collaborate with various stakeholders. This includes working closely with leaders specializing in specific technology domains, such as research, health, education, networking, cloud, and security. The CISO's role is further complicated by the need to comply with an intricate web of state and federal laws.
To excel in this position, the CISO must possess a unique set of skills that balances both strategy and policy aspects, as well as technical and security operations expertise. Strong leadership, political acumen, and the ability to balance competing interests and priorities are essential. This role requires effective collaboration with stakeholders across the organization, aligning with a cohesive security strategy and ensuring the integration and security of multiple technology platforms and systems. The CISO's success depends on their ability to seamlessly blend high-level strategic thinking with hands-on technical and security operations skills.
REQUIREMENTS:
DESIRED:
This is an essential position and is required to report to work remotely when UW suspends operations.
Application Process:The application process may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process.These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment, you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
Committed to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.
The University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.
To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 or dso@uw.edu.
Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law.
COVID-19 VACCINATION REQUIREMENT
Employees of the University of Washington are required to be fully vaccinated against COVID-19 unless a medical or religious exemption is approved. Being fully vaccinated means that an individual is at least two weeks past their final dose of an authorized COVID-19 vaccine regimen. As a condition of employment, newly hired employees will be required to provide proof of their COVID-19 vaccination. View the Final candidate guide to COVID-19 vaccination requirement webpage for information about the medical or religious exemption process for final candidates.
randomorbitinc.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, randomorbitinc.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, randomorbitinc.com is the ideal place to find your next job.