Director - Cybersecurity Officer

ES

Director - Cybersecurity Officer

Exempt

Commensurate with education and experience.

Office of the Chief Technology Officer

Information Technology

01/13/2025

Yes

Bachelor's degree in computer science, information security, cybersecurity, or a related field from an accredited institution. Five years of experience in cybersecurity or information security, with at least 2 years in leadership or director-level role in any Information Technology field. Experience managing a team of cybersecurity analysts is strongly preferred. Security professional-level certification (e.g., CISSP, CISM, CISA, OSCP) is required; additional security certifications are highly desirable, as in Security+, CEH, or CCSP certifications. Relevant experience in a large state institution of higher education is desirable.Additional education may be considered in lieu of experience.

Performs highly advanced or managerial (senior-level) cybersecurity analysis work providing direction and guidance in strategic operations and planning. Oversees the prevention of data breaches and the monitoring of and reacting to cyber-related attacks. Directs the analysis and assessment of vulnerabilities in the infrastructure, investigate available tools and countermeasures to remedy the detected vulnerabilities, and recommend solutions and best practices. Provides leadership and guidance to staff, ensuring best practices in cybersecurity are followed and continuously improved.

Develops and implements the strategic vision for Information Security, ensuring alignment with organizational goals. Directs the deployment of cybersecurity infrastructure and protects critical infrastructure services. Directs and/or conducts research related to cybersecurity trends and technology; and evaluates cybersecurity trends, tools, and techniques for potential application to infrastructure and research areas. Oversees cybersecurity management initiatives by continuously evaluating and improving cybersecurity analysis processes, tools, and methodologies. Oversees detection activities and advises on cybersecurity threats and vulnerabilities. Oversees the initiation, implementation, and development of incident response plans and recovery programs; the evaluation and obtainment of forensics tools; the review of intrusion and misuse detection reports; and the guidance for corrective action. Develops and implements appropriate safeguards to ensure system resiliency. Develops cybersecurity awareness training programs for employees, contractors, and users; and facilitates cyber preparedness exercises. Acts as a point of escalation for issues, oversees governance and reporting mechanisms, and drives process improvements to enhance efficiency. Promotes innovative practices and represents Information Security in strategic discussions. Provides leadership, vision, and management to a department. Develops activities, policies, procedures, and departmental culture that facilities, promotes, and sustains collaboration with the campus community. Develops, documents, and implements internal control policies, standards, and procedures to ensure fiscal, regulatory, confidentiality, and security accountability. Responsible for organizing, planning, and evaluating personnel, work assignments, supervision, training, and technical direction of staff. Evaluates programs and services to identify areas of strengths and necessary improvements. Develops strategies and processes to optimize operations for the department. Ensures compliance with applicable state and federal laws, University policy and divisional directives. Directs day-to-day operations of cybersecurity department. Provides accurate and timely reports to professional staff. Makes decisions about objectives, operating procedures, and policies. Responsible for the department administration, including budget preparation and control. Serves on committees as requested. Performs other related duties as assigned.

Requires a demonstrated ability in the following skills: Innovation and Emerging Technologies, Data and Analytics, Change Management, Project Management, Cross-Functional Collaboration, Strategic Leadership, Team Leadership, Vendor Management, Business Process Optimization, Stakeholder Management, Financial Management, and Security & Compliance. Provides leadership and oversight to a department. Must exhibit a high level of professionalism and maturity, executive ability, and a keen understanding of protocol. Ability to organize work effectively and prioritize objectives. Ability to exercise discretion, excellent reasoning, and independent judgment. Assists in the development of policies and operational procedures for the overall department. Skilled in directing multiple tasks, setting priorities, and organizing operations. Asset and fiscal resources management skills preferred. Ability to establish and maintain effective work relationships with administration, faculty, staff, and the public. Strong communication skills, both orally and written. Requires critical judgment for the department, in which very serious consequences for decision-making can occur. Interprets and applies complex directives, policies, regulations, statues, and procedures, and/or written guidelines for a department or major work group. Position requires incumbent to be on call 24/7. Special procedures sometimes require extended hours. Some travel is required.
This position may be designated as a Campus Security Authority (CSA).
Up to 20% of this position, over the fiscal year during off-peak periods, may be performed remotely as determined by the supervisor.

Full Time

Sam Houston State University is an Equal Employment Opportunity Employer and Smoke/Drug-Free Workplace. All qualified applicants will receive consideration for employment without regard to race, creed, ancestry, marital status, citizenship, color, national origin, sex, religion, age, disability, or protected veteran status. The University takes seriously the initiative to ensure equal opportunity in the workforce and to comply with Title VII as interpreted by the U.S. Supreme Court. Sam Houston State University is an "at will" employer. Employees with a contract will have additional terms and conditions. Security-sensitive positions at SHSU require background checks in accordance with Education Code 51.215.

Annual Security and Fire Safety Report