The Information Security Officer position is a full time, 12-month permanent staff position in the Department of Technology Services at Fort Hays State University. This position reports to the Assistant Vice President for Technology Services and Chief Information Officer. Normal work hours are from 8:00 AM to 4:30 PM Monday – Friday. Occasionally, the job duties of this position will require work to be done outside of these normal hours. We will consider remote work options for the right candidate.
Successful applicant will work well independently or within a team setting and own the projects being assigned, while demonstrating strong skills in problem solving, resourcefulness, and risk assessment. The applicant will need to be able to communicate clearly, concisely, and accurately to FHSU faculty, staff, and students.
Duties and Responsibilities:
· Develop and implement a comprehensive plan to maintain security of our computing network
· Keep up to date with developments in IT security standards and threats, attend regular training to stay current
· Identify any vulnerabilities in our computing network
· Perform vulnerability scans and penetration tests to find any flaws in our computing network, and work with Tech Services staff to fix those flaws
· Collaborate with Tech Services departmental management to continuously enhance security
· Security Incident Response – Lead the University’s response to information security incidents. This includes identifying and documenting security incidents, assessment of damage, coordinating containment, eradication, recovery, and performing analysis to learn from the incident and try to improve future response efforts.
· Advocate for secure configurations, research best practices, help with Group Policy Objects and scripts when needed
· Multi-factor authentication (MFA) – manage our MFA environment (Duo), be the subject matter expert, and address any issues with users trying to bypass MFA environment
· Assist with architecture considerations when new systems are implemented requiring authentication. Promote use of Single Sign-on wherever possible, and MFA when systems contain sensitive information
· Work with Tech Services staff, FHSU Administration, and FHSU Legal Counsel in drafting, updating, and reviewing regularly security related policies and procedures
· Be the subject matter expert in Tech Services for PCI, FERPA, HIPAA, GDPR, GLBA and any other security related compliance standards we are required to meet
· Report security issues/concerns to Chief Information Officer
· Educate faculty, staff, and students about best practices for information technology security
· Participate as a member of the Regents Information Security Council.
· Other duties and projects as assigned by the Chief Information Officer
Minimum Qualifications:
· A bachelor’s degree from an accredited institution
· Two years of experience in information security
· Knowledge of various information security frameworks
· Excellent problem-solving skills
· Effective verbal and written communication skills
· Ability to educate non-technical audience about various security measures
Preferred Qualifications:
· Professional certification(s) in information security
· Experience working in an environment with at least some of the following compliance standards required (PCI, FERPA, HIPAA, GDPR, and GLBA)
· Scripting experience, particularly PowerShell, or experience automating tasks and procedures
· Demonstrated project management skills
· Experience with SQL
Application Deadline: Position will remain open until filled
Salary: FHSU takes into consideration a combination of candidate’s education, training and experience as well as the position’s scope and complexity, the discretion and latitude required in the role, and external market and internal value when determining a salary level for potential new employees.
Required Application Documents:
Applicants should submit a cover letter, resume, and names and contact information for three professional reference. All required application documents should be submitted in PDF format. Review of applications will begin immediately and continue until the position is filled.
If you have questions regarding the position, please contact Mark Griffin (
[email protected])
