Southern Oregon University is a welcoming community committed to inclusive excellence and the celebration of diversity. Without diversity, our educational process is diminished. Working together in support of our commitment to diversity, we strengthen and enrich our role as learners, educators and members of a tightly connected global community. We encourage those who share in our commitment to diversity, to join our community and we expect all our employees to demonstrate an ability and desire to create an inclusive campus community.
Department: Information Technology Management
Salary/Rate: $62,405 - $71,500 @ 1.0 FTE
Reporting the SOU's Chief Information Officer, the Information Security Manager (ISM) will be the primary resource responsible for performing all tactical cybersecurity work at SOU. This position will be required to work independently with little supervision, requiring initiative and the ability to formulate its own work plans. This position will be given the authority to make tactical decisions surrounding cybersecurity initiatives at SOU. Thus, this position will be given the necessary visibility into all areas to examine and document any existing or upcoming threats. In addition, the ISM will make recommendations to the CIO and SOU's administration that will address cybersecurity threats.
Incident Response The ISM will participate in all cybersecurity incident response activities, and depending on the scope of the incident, the ISM may be the key person managing incident response. In addition, the ISM will be responsible for documenting all incidents and formalizing and maturing the cybersecurity incident response processes at SOU.
Compliance The ISM will also be involved in SOU's compliance needs where they intersect with information systems and information technology. The incumbent will participate in audits of SOU's compliance and make recommendations for how to address any findings.
Threat Hunting The ISM will proactively scan and monitor SOU's information technology ecosystem to identify existing, new or potential threats to SOU. The ISM will participate in active threat intelligence efforts to ensure that SOU is aware of changes to the threat landscape. Moreover, the ISM will make recommendations for how to mitigate these threats, and implement the mitigations when approved.
Training The ISM will be a primary resource for providing a variety of cybersecurity trainings using different delivery methods to SOU's employee base.
Investigations As part of incident response, this position will be involved in confidential investigations that could include sensitive information relating to employees and/or students. This position will therefore at times be included in discussions surrounding the employment status of SOU employees. Therefore, confidentiality is paramount to be successful in this position.
Minimum Classification Qualifications:
· Minimum of Bachelor's degree required
· Minimum of four years working in information technology
· Experience working with multiple operating systems
· Experience working with Active Directory
Licenses/Certificates · Must hold or be able to obtain at least one cybersecurity certification within the first six months of employment (CISSP, CISM, CEH, CompTIA Security+, etc.)
· Must hold or be able to obtain CISSP certification within the first 18 months
· Demonstratable understanding of networking protocols, operating system configurations, application types and configurations
· Demonstrated ability to make critical decisions and to maintain composure during critical events
· Exceptional ability for maintaining confidentiality at all times
· Experience conducting employee training
All Listed Duties:
General and Proactive Cybersecurity
o Conduct annual risk-assessments and update SOU's risk status throughout the year
o Compliance, audits, etc. (Annual audit)
o Monitor SOU's cybersecurity controls and mature SOU's posture for each
o Making recommendations for improving SOU's cybersecurity posture
Threat o Monitor access to enterprise systems
o Threat hunting using available threat intelligence as basis
o Network scans using automated tools
o Log monitoring
o Act as primary technical resource for incident response
o Update incident response plans as needed
o Conduct forensic investigations when needed
o Conduct employee training and awareness exercises for employees
o Prepare reports on current vulnerability and risk profile after exercises
o Maintain cybersecurity section of SOU-I.T. website
o Continue professional development
o Other as assigned
Special Instructions to Applicants:
Must be willing to travel and attend training programs off-site for occasional professional development.
Must be able to work additional hours and adjust working hours to meet special jobs. May be called back periodically to perform work as needed on an emergency basis.
Must be able to successfully pass a pre-employment background check.
Under the provisions of the Fair Labor Standards Act (FLSA): -Position classification defined as
Internal Number: 9843
About Southern Oregon University
SOU provides career-focused, comprehensive educational experiences to over 6,200 students. Along with an emphasis on student success and intellectual growth, SOU is committed to diversity, inclusion and sustainability. Theoretical and experiential learning programs provide quality, innovative experiences for students. At SOU, students build strong community connections through internships, mentorships, field studies, capstone projects, volunteer opportunities and civic engagement.