Skip to Main Content
Community/Job Board/Job Board/Senior/Mid Level Management/Information Security Officer

Information Security Officer

Posted: January 31, 2023
Description
Skills
Education
Company Description

GENERAL STATEMENT OF DUTIES:
The Information Security Officer is a member of the leadership team within the Information Technology Services (ITS) organization with responsibility for the comprehensive information security program and physical security systems. This includes (but is not limited to); the review, evaluation, and implementation of controls to reduce the overall risks associated with information and systems under the stewardship of the University, related technological infrastructure, and third-party product or service providers. This position also administers information security training and awareness programs. Responsibilities include the monitoring, investigation, response, and remediation of vulnerabilities, threats, and breaches of Framingham State's cybersecurity as may be necessary. The Information Security Officer also proposes, drafts, and maintains all documented security policies and procedures designed to mitigate such risks.

The Information Security Officer plays an important role in formulating and executing strategies that contribute toward the University being a productive and enjoyable place to teach, learn and work. This includes (but is not limited to); ensuring generally accepted best practices for securing information and technological infrastructure are adopted by partnering with colleagues within ITS, users of Framingham State's information systems, other internal stakeholders, and vendors as part of the organization's objectives and improvement of IT services in support of Framingham State University's overall operations and strategic priorities.

SUPERVISION EXERCISED:
Security Systems Solutions Specialist; Designated Contractors and Consultants

SUPERVISION RECEIVED:
Associate Vice President and Chief Information Officer

EXAMPLES OF SPECIFIC DUTIES AND RESPONSIBILITIES:
Leads the implementation of the controls, best practices, policies, and procedures as described or referred to in the University's Comprehensive Written Information Security Program (WISP)
Monitors changes in legislation related to cybersecurity and information security, and updates the University's Comprehensive WISP as needed.
Leads the development of annual and long-range security strategies, compliance goals, capability maturity models, performance metrics, reporting mechanisms, and program services that demonstrate measurable improvements to cybersecurity at the University over time.
Assumes responsibility for designated portions of the University's IT service offerings as the Service Owner and/or Process Manager and provides program and project management for assigned initiatives requiring a structured approach to defining a scope of work, resource planning and coordination, controlling costs, and mitigating risks.
Works with university leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the university to effectively address state and federal statutory and regulatory requirements.
Coordinates and tracks all information technology and security-related assessments/audits including the scope of audits, colleges/units involved, timelines, auditing/assessing agencies, and outcomes. Works with auditors/assessors as appropriate to keep audit/assessment focus in scope, maintain excellent relationships with audit/assessment entities and provide a consistent perspective that continually puts the institution in its best light. Provides guidance, evaluation, and advocacy on audit responses. Handles the administration, planning, and coordination associated with follow-up to findings and recommendations from audits and assessments.
Develops a strategy for dealing with an increasing number of internal and external assessments, audits, and compliance checks.
Develops and administers designated budget allocations and serves as the assigned contract manager for agreements with third-party product and service providers.
Reviews contracts for departmental third-party product and service providers for appropriate and required information security and privacy protections.
Initiates and leads ongoing efforts to identify, inform and involve key stakeholders in the process of making joint decisions and engaging in productive collaborations with colleagues and constituents as part of managing the administration of policies, programs, and services.
Monitors areas of potential risk to information security, and cybersecurity more generally identify vulnerabilities and threats and takes appropriate action to help prevent, mitigate or remediate situations that might inflict financial, operational, or reputational damage to the University.
Periodically reviews and assesses logs, access controls, vulnerability scans, and patch management programs as required to ensure that documented standard operating procedures are consistent with best practice, up to date, and are being followed. Adjustments to standard operating procedures will be made as needed. Any/all findings will be noted, remediated, and reported.
Convenes a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise or situations that warrant attention in order to prevent or mitigate the risk of an incident occurring.
Convenes Ad Hoc Security Committee as appropriate and provides leadership for breach response and notification actions for the University.
Provides consultative guidance to members of academic and administrative departments as well as students on how to secure information, protect information technology, and employ generally accepted best practices for cybersecurity.
Works closely with the other colleagues within the University and third-party product and service providers to ensure supported information systems and technological infrastructure are compliant with federal, state, and industry regulations to protect institutional data, systems, personal information, and privacy.
Works closely with the other colleagues within the University and third-party product and service providers to maintain documentation of Framingham State's contingency and business continuity plans to ensure a defined scope of information technology services can be restored within agreed-upon timeframes in the event of a disaster or major cybersecurity incident.
Participate in local, regional, and national peer organizations to stay abreast of information security issues and regulatory changes affecting higher education at the state and national level,
Participate in national policy and practice discussions on information security and communicate to campus regularly about those topics.
Provides administration and management oversight for the various security technologies that provide restriction and security of physical spaces, campus video monitoring and access to emergency and life safety communications. (Many of these technologies are integrated into existing facilities and law enforcement functions).
Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
Provides insights, consultative advice, and expertise as a contributing member of committees, task forces, and advisory groups charged with formulating University-wide strategies, setting operational objectives, instituting policies, and achieving goals associated with compliance, audits, and risk management.
Performs other duties as may be assigned by the Associate Vice President and Chief Information Officer.
Accountable for ensuring that affirmative action, equal opportunity, and diversity are integrally tied to all actions and decisions in areas of responsibility.

WORKING CONDITIONS:
All of the work associated with the duties and responsibilities for this position is ordinarily performed at Framingham State's main campus, and maybe done periodically from a remote location consistent with the conditional provisions specified within University's Telework Guidelines and in accordance with an approved Telework Agreement.

ADDITIONAL INFORMATION:
This is a full-time, exempt, benefits-eligible position in the Association of Professional Administrators (APA) bargaining unit with an official title Director and a functional title of Information Security Officer. The salary range is $90,000 - $105,000.

It is the policy of Framingham State University that all employees be vaccinated against COVID-19, before they begin employment. Proof of the COVID-19 vaccine is required of all individuals hired by FSU, to be verified after a verbal offer of employment has been accepted, and before employment begins. Prospective employees may submit a request for a medical or religious exemption to the COVID-19 vaccination requirement to Human Resources.

Framingham State University conducts criminal history and sexual offender record checks on recommended finalists prior to final employment for all positions.

Framingham State University is an equal opportunity/affirmative action employer.

Members of underrepresented groups, minorities, women, veterans, persons with disabilities, and all persons committed to diversity and inclusive excellence are strongly encouraged to apply.

APPLICATION INSTRUCTIONS:
Candidates must apply online by submitting:
Cover Letter,
Resume/CV,
Equity and Inclusion Statement*
Names and contact information for three (3) professional references.

*The Equity and Inclusion Statement is an opportunity for candidates to discuss professional skills, experience and/or willingness to engage in activities that would enhance the university's efforts to promote a diverse, equitable, and inclusive community. Equity and inclusion statements will be considered as part of a transparent and comprehensive review of candidate application materials.

For best consideration, please apply by February 12, 2023. Applications may continue to be reviewed beyond that date until the position is filled.

Framingham State University only accepts application materials through our online application system. We are unable to accept application materials through mail, email, fax, or hand delivery. If you experience technical issues with the online application process, please submit a helpdesk ticket.

Framingham State University understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance, please contact the Human Resources Office at 508-626-4530 or humanresources@framingham.edu.

MINIMUM QUALIFICATIONS:
Excellent technical, organizational, planning, documentation, and communications skills
Project management experience
5+ years progressive experience in a computer-related field
Some degree of experience in policy and planning, compliance, and operations as described in the preceding section titled "Duties and Responsibilities"
Sound understanding of IT Service Management and a clear commitment to ITSM frameworks such as the Information Technology Infrastructure Library (ITIL).

PREFERRED QUALIFICATIONS:
Prior experience as an Information Security professional
Experience working for a College or University within Information Technology Services
Certifications and other credentials for Management of Information Security

Academic credential of a Bachelor's degree

Framingham State University was founded in 1839 for a singular purpose - meeting a public need to promote the public good. At our founding as the nation's first public normal school, that need was for comprehensively educated public school teachers who would, in turn, promote an educated citizenry. FSU continues to offer exceptional teacher education programs and, while we are proud of our roots as a teachers' college, we have grown far beyond them. Public need continues to evolve and FSU right along with it. Our students and alumni are making waves in the fashion industry, designing nutrition plans for professional athletes, writing for major media and news organizations, and working for Fortune 500 companies right here in Framingham. FSU is unapologetically a public institution offering accessible, affordable educational opportunities that integrate an academically challenging liberal arts education with workforce preparation programs, in a highly personalized teaching environment. Our programs have expanded but our purpose and commitment to public education for the public good remain steadfast.

At FSU, we are deeply committed to inclusive excellence and strive to promote a culture of antiracism, encouraging a challenging yet collaborative learning environment, and providing culturally relevant education. FSU is designated as an emerging Hispanic-Serving Institution by the Hispanic Association of Colleges and Universities and also belongs to the Howard Hughes Medical Institute (HHMI) Inclusive Excellence community, providing national leadership in science education and exploring strategies that will lead to more inclusive science education. We are honored that our commitment earned FSU six Higher Education Excellence in Diversity (HEED) Awards from INSIGHT Into Diversity. We encourage applications from those who share our commitment to promoting a diverse, welcoming, and inclusive community.

FSU currently enrolls about 3,000 undergraduate and 1,000 graduate and professional students, offers 39 undergraduate majors, and enrolls 41% BIPOC students in our undergraduate programs. Ideally situated between Boston and Worcester, FSU and the surrounding area are steeped in history, achievement, and innovation and provide access to urban hotspots, verdant landscapes, natural and cultural amenities, and diverse communities.

Our founding motto, LIVE TO THE TRUTH, was said at the end of each class by beloved first principal, Cyrus Peirce, who sought to discover and teach "truth in theory and principle...truth in spirit and motive...truth in manner and form...truth intellectual and truth moral." Early leaders found this motto "speaks of sincerity of spirit...of intensity of effort, of resolution to succeed, of joy in achievement." LIVE TO THE TRUTH aptly reflects our past and our pledge for the future as it continues to guide our institution in practice and endeavor. If you share in this quest for truth and a commitment to living it fully, make the next chapter of your career the best chapter at Framingham State University.

Learn more about our career opportunities at www.framingham.edu/careers.

Description

GENERAL STATEMENT OF DUTIES:
The Information Security Officer is a member of the leadership team within the Information Technology Services (ITS) organization with responsibility for the comprehensive information security program and physical security systems. This includes (but is not limited to); the review, evaluation, and implementation of controls to reduce the overall risks associated with information and systems under the stewardship of the University, related technological infrastructure, and third-party product or service providers. This position also administers information security training and awareness programs. Responsibilities include the monitoring, investigation, response, and remediation of vulnerabilities, threats, and breaches of Framingham State's cybersecurity as may be necessary. The Information Security Officer also proposes, drafts, and maintains all documented security policies and procedures designed to mitigate such risks.

The Information Security Officer plays an important role in formulating and executing strategies that contribute toward the University being a productive and enjoyable place to teach, learn and work. This includes (but is not limited to); ensuring generally accepted best practices for securing information and technological infrastructure are adopted by partnering with colleagues within ITS, users of Framingham State's information systems, other internal stakeholders, and vendors as part of the organization's objectives and improvement of IT services in support of Framingham State University's overall operations and strategic priorities.

SUPERVISION EXERCISED:
Security Systems Solutions Specialist; Designated Contractors and Consultants

SUPERVISION RECEIVED:
Associate Vice President and Chief Information Officer

EXAMPLES OF SPECIFIC DUTIES AND RESPONSIBILITIES:
Leads the implementation of the controls, best practices, policies, and procedures as described or referred to in the University's Comprehensive Written Information Security Program (WISP)
Monitors changes in legislation related to cybersecurity and information security, and updates the University's Comprehensive WISP as needed.
Leads the development of annual and long-range security strategies, compliance goals, capability maturity models, performance metrics, reporting mechanisms, and program services that demonstrate measurable improvements to cybersecurity at the University over time.
Assumes responsibility for designated portions of the University's IT service offerings as the Service Owner and/or Process Manager and provides program and project management for assigned initiatives requiring a structured approach to defining a scope of work, resource planning and coordination, controlling costs, and mitigating risks.
Works with university leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the university to effectively address state and federal statutory and regulatory requirements.
Coordinates and tracks all information technology and security-related assessments/audits including the scope of audits, colleges/units involved, timelines, auditing/assessing agencies, and outcomes. Works with auditors/assessors as appropriate to keep audit/assessment focus in scope, maintain excellent relationships with audit/assessment entities and provide a consistent perspective that continually puts the institution in its best light. Provides guidance, evaluation, and advocacy on audit responses. Handles the administration, planning, and coordination associated with follow-up to findings and recommendations from audits and assessments.
Develops a strategy for dealing with an increasing number of internal and external assessments, audits, and compliance checks.
Develops and administers designated budget allocations and serves as the assigned contract manager for agreements with third-party product and service providers.
Reviews contracts for departmental third-party product and service providers for appropriate and required information security and privacy protections.
Initiates and leads ongoing efforts to identify, inform and involve key stakeholders in the process of making joint decisions and engaging in productive collaborations with colleagues and constituents as part of managing the administration of policies, programs, and services.
Monitors areas of potential risk to information security, and cybersecurity more generally identify vulnerabilities and threats and takes appropriate action to help prevent, mitigate or remediate situations that might inflict financial, operational, or reputational damage to the University.
Periodically reviews and assesses logs, access controls, vulnerability scans, and patch management programs as required to ensure that documented standard operating procedures are consistent with best practice, up to date, and are being followed. Adjustments to standard operating procedures will be made as needed. Any/all findings will be noted, remediated, and reported.
Convenes a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise or situations that warrant attention in order to prevent or mitigate the risk of an incident occurring.
Convenes Ad Hoc Security Committee as appropriate and provides leadership for breach response and notification actions for the University.
Provides consultative guidance to members of academic and administrative departments as well as students on how to secure information, protect information technology, and employ generally accepted best practices for cybersecurity.
Works closely with the other colleagues within the University and third-party product and service providers to ensure supported information systems and technological infrastructure are compliant with federal, state, and industry regulations to protect institutional data, systems, personal information, and privacy.
Works closely with the other colleagues within the University and third-party product and service providers to maintain documentation of Framingham State's contingency and business continuity plans to ensure a defined scope of information technology services can be restored within agreed-upon timeframes in the event of a disaster or major cybersecurity incident.
Participate in local, regional, and national peer organizations to stay abreast of information security issues and regulatory changes affecting higher education at the state and national level,
Participate in national policy and practice discussions on information security and communicate to campus regularly about those topics.
Provides administration and management oversight for the various security technologies that provide restriction and security of physical spaces, campus video monitoring and access to emergency and life safety communications. (Many of these technologies are integrated into existing facilities and law enforcement functions).
Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
Provides insights, consultative advice, and expertise as a contributing member of committees, task forces, and advisory groups charged with formulating University-wide strategies, setting operational objectives, instituting policies, and achieving goals associated with compliance, audits, and risk management.
Performs other duties as may be assigned by the Associate Vice President and Chief Information Officer.
Accountable for ensuring that affirmative action, equal opportunity, and diversity are integrally tied to all actions and decisions in areas of responsibility.

WORKING CONDITIONS:
All of the work associated with the duties and responsibilities for this position is ordinarily performed at Framingham State's main campus, and maybe done periodically from a remote location consistent with the conditional provisions specified within University's Telework Guidelines and in accordance with an approved Telework Agreement.

ADDITIONAL INFORMATION:
This is a full-time, exempt, benefits-eligible position in the Association of Professional Administrators (APA) bargaining unit with an official title Director and a functional title of Information Security Officer. The salary range is $90,000 - $105,000.

It is the policy of Framingham State University that all employees be vaccinated against COVID-19, before they begin employment. Proof of the COVID-19 vaccine is required of all individuals hired by FSU, to be verified after a verbal offer of employment has been accepted, and before employment begins. Prospective employees may submit a request for a medical or religious exemption to the COVID-19 vaccination requirement to Human Resources.

Framingham State University conducts criminal history and sexual offender record checks on recommended finalists prior to final employment for all positions.

Framingham State University is an equal opportunity/affirmative action employer.

Members of underrepresented groups, minorities, women, veterans, persons with disabilities, and all persons committed to diversity and inclusive excellence are strongly encouraged to apply.

APPLICATION INSTRUCTIONS:
Candidates must apply online by submitting:
Cover Letter,
Resume/CV,
Equity and Inclusion Statement*
Names and contact information for three (3) professional references.

*The Equity and Inclusion Statement is an opportunity for candidates to discuss professional skills, experience and/or willingness to engage in activities that would enhance the university's efforts to promote a diverse, equitable, and inclusive community. Equity and inclusion statements will be considered as part of a transparent and comprehensive review of candidate application materials.

For best consideration, please apply by February 12, 2023. Applications may continue to be reviewed beyond that date until the position is filled.

Framingham State University only accepts application materials through our online application system. We are unable to accept application materials through mail, email, fax, or hand delivery. If you experience technical issues with the online application process, please submit a helpdesk ticket.

Framingham State University understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance, please contact the Human Resources Office at 508-626-4530 or humanresources@framingham.edu.

Skills

MINIMUM QUALIFICATIONS:
Excellent technical, organizational, planning, documentation, and communications skills
Project management experience
5+ years progressive experience in a computer-related field
Some degree of experience in policy and planning, compliance, and operations as described in the preceding section titled "Duties and Responsibilities"
Sound understanding of IT Service Management and a clear commitment to ITSM frameworks such as the Information Technology Infrastructure Library (ITIL).

PREFERRED QUALIFICATIONS:
Prior experience as an Information Security professional
Experience working for a College or University within Information Technology Services
Certifications and other credentials for Management of Information Security

Education

Academic credential of a Bachelor's degree

Company Description

Framingham State University was founded in 1839 for a singular purpose - meeting a public need to promote the public good. At our founding as the nation's first public normal school, that need was for comprehensively educated public school teachers who would, in turn, promote an educated citizenry. FSU continues to offer exceptional teacher education programs and, while we are proud of our roots as a teachers' college, we have grown far beyond them. Public need continues to evolve and FSU right along with it. Our students and alumni are making waves in the fashion industry, designing nutrition plans for professional athletes, writing for major media and news organizations, and working for Fortune 500 companies right here in Framingham. FSU is unapologetically a public institution offering accessible, affordable educational opportunities that integrate an academically challenging liberal arts education with workforce preparation programs, in a highly personalized teaching environment. Our programs have expanded but our purpose and commitment to public education for the public good remain steadfast.

At FSU, we are deeply committed to inclusive excellence and strive to promote a culture of antiracism, encouraging a challenging yet collaborative learning environment, and providing culturally relevant education. FSU is designated as an emerging Hispanic-Serving Institution by the Hispanic Association of Colleges and Universities and also belongs to the Howard Hughes Medical Institute (HHMI) Inclusive Excellence community, providing national leadership in science education and exploring strategies that will lead to more inclusive science education. We are honored that our commitment earned FSU six Higher Education Excellence in Diversity (HEED) Awards from INSIGHT Into Diversity. We encourage applications from those who share our commitment to promoting a diverse, welcoming, and inclusive community.

FSU currently enrolls about 3,000 undergraduate and 1,000 graduate and professional students, offers 39 undergraduate majors, and enrolls 41% BIPOC students in our undergraduate programs. Ideally situated between Boston and Worcester, FSU and the surrounding area are steeped in history, achievement, and innovation and provide access to urban hotspots, verdant landscapes, natural and cultural amenities, and diverse communities.

Our founding motto, LIVE TO THE TRUTH, was said at the end of each class by beloved first principal, Cyrus Peirce, who sought to discover and teach "truth in theory and principle...truth in spirit and motive...truth in manner and form...truth intellectual and truth moral." Early leaders found this motto "speaks of sincerity of spirit...of intensity of effort, of resolution to succeed, of joy in achievement." LIVE TO THE TRUTH aptly reflects our past and our pledge for the future as it continues to guide our institution in practice and endeavor. If you share in this quest for truth and a commitment to living it fully, make the next chapter of your career the best chapter at Framingham State University.

Learn more about our career opportunities at www.framingham.edu/careers.

Position Overview

Company

Framingham State University

Location

Framingham, MA

Job type

Contract

Category

Senior/Mid Level Management

Salary

90,000-105,000

Apply Now

Listing Contact

Human Resources

hronboarding@framingham.edu508-626-4860

Position Overview

Company

Framingham State University

Location

Framingham, MA

Job Type

Contract

Salary

90,000-105,000

Apply Now

Listing Contact

Human Resources

hronboarding@framingham.edu 508-626-4860

Position Details

Description

GENERAL STATEMENT OF DUTIES:
The Information Security Officer is a member of the leadership team within the Information Technology Services (ITS) organization with responsibility for the comprehensive information security program and physical security systems. This includes (but is not limited to); the review, evaluation, and implementation of controls to reduce the overall risks associated with information and systems under the stewardship of the University, related technological infrastructure, and third-party product or service providers. This position also administers information security training and awareness programs. Responsibilities include the monitoring, investigation, response, and remediation of vulnerabilities, threats, and breaches of Framingham State's cybersecurity as may be necessary. The Information Security Officer also proposes, drafts, and maintains all documented security policies and procedures designed to mitigate such risks.

The Information Security Officer plays an important role in formulating and executing strategies that contribute toward the University being a productive and enjoyable place to teach, learn and work. This includes (but is not limited to); ensuring generally accepted best practices for securing information and technological infrastructure are adopted by partnering with colleagues within ITS, users of Framingham State's information systems, other internal stakeholders, and vendors as part of the organization's objectives and improvement of IT services in support of Framingham State University's overall operations and strategic priorities.

SUPERVISION EXERCISED:
Security Systems Solutions Specialist; Designated Contractors and Consultants

SUPERVISION RECEIVED:
Associate Vice President and Chief Information Officer

EXAMPLES OF SPECIFIC DUTIES AND RESPONSIBILITIES:
Leads the implementation of the controls, best practices, policies, and procedures as described or referred to in the University's Comprehensive Written Information Security Program (WISP)
Monitors changes in legislation related to cybersecurity and information security, and updates the University's Comprehensive WISP as needed.
Leads the development of annual and long-range security strategies, compliance goals, capability maturity models, performance metrics, reporting mechanisms, and program services that demonstrate measurable improvements to cybersecurity at the University over time.
Assumes responsibility for designated portions of the University's IT service offerings as the Service Owner and/or Process Manager and provides program and project management for assigned initiatives requiring a structured approach to defining a scope of work, resource planning and coordination, controlling costs, and mitigating risks.
Works with university leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the university to effectively address state and federal statutory and regulatory requirements.
Coordinates and tracks all information technology and security-related assessments/audits including the scope of audits, colleges/units involved, timelines, auditing/assessing agencies, and outcomes. Works with auditors/assessors as appropriate to keep audit/assessment focus in scope, maintain excellent relationships with audit/assessment entities and provide a consistent perspective that continually puts the institution in its best light. Provides guidance, evaluation, and advocacy on audit responses. Handles the administration, planning, and coordination associated with follow-up to findings and recommendations from audits and assessments.
Develops a strategy for dealing with an increasing number of internal and external assessments, audits, and compliance checks.
Develops and administers designated budget allocations and serves as the assigned contract manager for agreements with third-party product and service providers.
Reviews contracts for departmental third-party product and service providers for appropriate and required information security and privacy protections.
Initiates and leads ongoing efforts to identify, inform and involve key stakeholders in the process of making joint decisions and engaging in productive collaborations with colleagues and constituents as part of managing the administration of policies, programs, and services.
Monitors areas of potential risk to information security, and cybersecurity more generally identify vulnerabilities and threats and takes appropriate action to help prevent, mitigate or remediate situations that might inflict financial, operational, or reputational damage to the University.
Periodically reviews and assesses logs, access controls, vulnerability scans, and patch management programs as required to ensure that documented standard operating procedures are consistent with best practice, up to date, and are being followed. Adjustments to standard operating procedures will be made as needed. Any/all findings will be noted, remediated, and reported.
Convenes a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise or situations that warrant attention in order to prevent or mitigate the risk of an incident occurring.
Convenes Ad Hoc Security Committee as appropriate and provides leadership for breach response and notification actions for the University.
Provides consultative guidance to members of academic and administrative departments as well as students on how to secure information, protect information technology, and employ generally accepted best practices for cybersecurity.
Works closely with the other colleagues within the University and third-party product and service providers to ensure supported information systems and technological infrastructure are compliant with federal, state, and industry regulations to protect institutional data, systems, personal information, and privacy.
Works closely with the other colleagues within the University and third-party product and service providers to maintain documentation of Framingham State's contingency and business continuity plans to ensure a defined scope of information technology services can be restored within agreed-upon timeframes in the event of a disaster or major cybersecurity incident.
Participate in local, regional, and national peer organizations to stay abreast of information security issues and regulatory changes affecting higher education at the state and national level,
Participate in national policy and practice discussions on information security and communicate to campus regularly about those topics.
Provides administration and management oversight for the various security technologies that provide restriction and security of physical spaces, campus video monitoring and access to emergency and life safety communications. (Many of these technologies are integrated into existing facilities and law enforcement functions).
Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
Provides insights, consultative advice, and expertise as a contributing member of committees, task forces, and advisory groups charged with formulating University-wide strategies, setting operational objectives, instituting policies, and achieving goals associated with compliance, audits, and risk management.
Performs other duties as may be assigned by the Associate Vice President and Chief Information Officer.
Accountable for ensuring that affirmative action, equal opportunity, and diversity are integrally tied to all actions and decisions in areas of responsibility.

WORKING CONDITIONS:
All of the work associated with the duties and responsibilities for this position is ordinarily performed at Framingham State's main campus, and maybe done periodically from a remote location consistent with the conditional provisions specified within University's Telework Guidelines and in accordance with an approved Telework Agreement.

ADDITIONAL INFORMATION:
This is a full-time, exempt, benefits-eligible position in the Association of Professional Administrators (APA) bargaining unit with an official title Director and a functional title of Information Security Officer. The salary range is $90,000 - $105,000.

It is the policy of Framingham State University that all employees be vaccinated against COVID-19, before they begin employment. Proof of the COVID-19 vaccine is required of all individuals hired by FSU, to be verified after a verbal offer of employment has been accepted, and before employment begins. Prospective employees may submit a request for a medical or religious exemption to the COVID-19 vaccination requirement to Human Resources.

Framingham State University conducts criminal history and sexual offender record checks on recommended finalists prior to final employment for all positions.

Framingham State University is an equal opportunity/affirmative action employer.

Members of underrepresented groups, minorities, women, veterans, persons with disabilities, and all persons committed to diversity and inclusive excellence are strongly encouraged to apply.

APPLICATION INSTRUCTIONS:
Candidates must apply online by submitting:
Cover Letter,
Resume/CV,
Equity and Inclusion Statement*
Names and contact information for three (3) professional references.

*The Equity and Inclusion Statement is an opportunity for candidates to discuss professional skills, experience and/or willingness to engage in activities that would enhance the university's efforts to promote a diverse, equitable, and inclusive community. Equity and inclusion statements will be considered as part of a transparent and comprehensive review of candidate application materials.

For best consideration, please apply by February 12, 2023. Applications may continue to be reviewed beyond that date until the position is filled.

Framingham State University only accepts application materials through our online application system. We are unable to accept application materials through mail, email, fax, or hand delivery. If you experience technical issues with the online application process, please submit a helpdesk ticket.

Framingham State University understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance, please contact the Human Resources Office at 508-626-4530 or humanresources@framingham.edu.

Skills and Experience

MINIMUM QUALIFICATIONS:
Excellent technical, organizational, planning, documentation, and communications skills
Project management experience
5+ years progressive experience in a computer-related field
Some degree of experience in policy and planning, compliance, and operations as described in the preceding section titled "Duties and Responsibilities"
Sound understanding of IT Service Management and a clear commitment to ITSM frameworks such as the Information Technology Infrastructure Library (ITIL).

PREFERRED QUALIFICATIONS:
Prior experience as an Information Security professional
Experience working for a College or University within Information Technology Services
Certifications and other credentials for Management of Information Security

Education

Academic credential of a Bachelor's degree

Company Description

Framingham State University was founded in 1839 for a singular purpose - meeting a public need to promote the public good. At our founding as the nation's first public normal school, that need was for comprehensively educated public school teachers who would, in turn, promote an educated citizenry. FSU continues to offer exceptional teacher education programs and, while we are proud of our roots as a teachers' college, we have grown far beyond them. Public need continues to evolve and FSU right along with it. Our students and alumni are making waves in the fashion industry, designing nutrition plans for professional athletes, writing for major media and news organizations, and working for Fortune 500 companies right here in Framingham. FSU is unapologetically a public institution offering accessible, affordable educational opportunities that integrate an academically challenging liberal arts education with workforce preparation programs, in a highly personalized teaching environment. Our programs have expanded but our purpose and commitment to public education for the public good remain steadfast.

At FSU, we are deeply committed to inclusive excellence and strive to promote a culture of antiracism, encouraging a challenging yet collaborative learning environment, and providing culturally relevant education. FSU is designated as an emerging Hispanic-Serving Institution by the Hispanic Association of Colleges and Universities and also belongs to the Howard Hughes Medical Institute (HHMI) Inclusive Excellence community, providing national leadership in science education and exploring strategies that will lead to more inclusive science education. We are honored that our commitment earned FSU six Higher Education Excellence in Diversity (HEED) Awards from INSIGHT Into Diversity. We encourage applications from those who share our commitment to promoting a diverse, welcoming, and inclusive community.

FSU currently enrolls about 3,000 undergraduate and 1,000 graduate and professional students, offers 39 undergraduate majors, and enrolls 41% BIPOC students in our undergraduate programs. Ideally situated between Boston and Worcester, FSU and the surrounding area are steeped in history, achievement, and innovation and provide access to urban hotspots, verdant landscapes, natural and cultural amenities, and diverse communities.

Our founding motto, LIVE TO THE TRUTH, was said at the end of each class by beloved first principal, Cyrus Peirce, who sought to discover and teach "truth in theory and principle...truth in spirit and motive...truth in manner and form...truth intellectual and truth moral." Early leaders found this motto "speaks of sincerity of spirit...of intensity of effort, of resolution to succeed, of joy in achievement." LIVE TO THE TRUTH aptly reflects our past and our pledge for the future as it continues to guide our institution in practice and endeavor. If you share in this quest for truth and a commitment to living it fully, make the next chapter of your career the best chapter at Framingham State University.

Learn more about our career opportunities at www.framingham.edu/careers.

Become a Member

Complete the application for Institution Membership to start using NERCOMP member benefits now!

Get Started

You are using an unsupported version of Internet Explorer. To ensure security, performance, and full functionality, please upgrade to an up-to-date browser.