Information Security Officer
Company: Berklee College of Music
Location: Boston, MA
Posted on: January 19, 2018
|
|
Job Description:
Reporting to the Vice President for Technology Resources,
responsible for ensuring the protection of all business information assets from
intentional and unintentional loss, disclosure, alteration, destruction,
and unavailability. Will establish partnerships across the
institution to implement and execute policies, procedures, standards, and
guidelines that ensure the protection of sensitive information. Responsible for
the strategic leadership and oversight of Berklee’s Written
Information Security Program (WISP) and lead facilitator of the college’s
Information Security Program, establishing annual and long-range security
and compliance goals, defining security strategies, metrics,
reporting mechanisms and program services, and creating maturity models
and a roadmap for program improvements. Will ensure the collection,
management, and analysis of information security data and will apply methods of
data collection and analysis for both operational and strategic
usage. Will develop and implement policies and practices to secure
sensitive data and ensure information security and compliance with legislation
and legal interpretation. Will monitor local, state, and federal laws
and regulations as well as industry standards and guidelines. Will
create awareness programs and advise departments on security issues,
best practices, and vulnerabilities. Will lead efforts to internally
assess, evaluate, and make recommendations to management regarding
security controls for Berklee’s information and technology systems. Will
work with internal auditors, the Trustee Audit Committee, and outside
consultants as appropriate on security assessments and audits. Will monitor
vendor contract compliance and audit and analyze reporting data. Will
design and deliver information security presentations to college groups as
well as conferences and symposia. Will provide employee information
security training, and maintain Berklee’s information security
website. Will serve as the principal coordinator of college disaster
recovery, business continuity, and data incident response programs and
protocols. Will act as Chair of Data Incident Response Team (DIRT). Will
develop, implement, and administer technical security standards, as well
as a suite of security services and tools to address and mitigate security
risk. Requirements: Master's degree (or higher) in Information
Technology, Information Technology Security, Computer Science or related or
related field (willing to accept foreign education equivalent) plus two
(2) years’ experience in designing and managing information
security systems and services; defining information security and
risk management programs. or, alternatively, a Bachelor's degree
and five years of experience as noted above. Specific skills/other requirements experience in designing and managing information security
systems and se services; defining information security and risk management
programs. or, al alternatively, a Bachelor's degree and five years of experience
as noted ab above. Specific skills/other requirements experience in designing and managing information security
systems and services services; defining information security and risk management
programs. or, alternat alternatively, a Bachelor's degree and five years of experience
as noted above. above. Specific skills/other requirements experience in designing and managing information security
systems and se services; defining information security and risk management
programs. or, al alternatively, a Bachelor's degree and five years of experience
as noted ab above. Specific skills/other requirements – must possess the following:
experience defining and developing organizational compliance standards and
policies related to information security (2 + years); experience
managing, developing and implementing information security risk management
frameworks including ISO/IEC 27001, NIST SP 800-30, COBIT. (2 + years);
experience identifying, deploying, and managing information security
systems and solutions to protect the College data. (2 + years); and
experience identifying and managing compliance with the relevant
regulations and standards, with the United States data protection laws (such as
201 CMR 17.00); the European data protection laws (Agencia Española de
Protección de Datos), and FERPA and PCI-DSS. (2 + years). Submit resume to: Berklee College of Music, Alyssa Ozimek-Maier,
1140 Bo Boylston Street, Boston, Massachusetts 02215.
Keywords: Berklee College of Music, Boston , Information Security Officer, Education , Boston, MA, Massachusetts