Assistant Vice President, Chief Information Security Officer

Reporting to the Associate Vice President and CIO, the CISO will provide the necessary vision and leadership to develop and implement a strategic technological security operations unit and associated plan for strengthening K-State's IT infrastructure and systems. As part of the CIO's leadership team, the CISO will work closely with other senior leaders and oversee the implementation and expansion of technologies across campus, establish and maintain IT and security best practices, and effectively communicate risk and necessary risk-prevention measures to all members of the community. The CISO will recruit and mentor a team consisting of a Director of Data Security and Privacy, Cyber Security Risk and Compliance Analyst, six full-time security engineers, and 4-5 student workers and will promote an organizational culture committed to timely, effective, and user-friendly customer service. The CISO will possess robust skills in budget planning, financial oversight, and resource management tailored to information security operations.

The CISO will lead day-to-day detection and response technologies to improve the University's cyber posture. They will lead system improvements related to research that will reduce redundancies, provide efficiencies, promote collaboration, improve response timeliness, and enhance the integrity of the data. The CISO will work with third-party security vendors and threat-detection platforms to maximize the benefits of these purchases. Developing a maturing a security operations group and concert with working in collaboration with the Academic IT Directors within each college, the VP of Research, the Office of Information Technology leadership team, and research faculty across the institution will be key to the CISO's success. The CISO will also collaborate with necessary vendor partners to safeguard K-State data and resources and ensure compliance with the changing laws and applicable government policies regulating K-State's security and data protection.

The CISO position profile can be viewed on our website.

Kansas State University's Division of Information Technology, led by the Associate Vice President and CIO, Thomas Bunton, is committed to providing excellent IT services to the K-State community in support of the teaching, learning, research, and service missions. They offer a wide range of information, technology, and communications services. They provide leadership for developing and delivering computing and digital resources to K-State students, faculty and staff. In addition to the operation and management of IT Services, the Division comprises the administrative service functions of HR, finance, and communications. The Division coordinates and manages central IT business services including Enterprise Systems, Portfolio & Project Governance, Infrastructure & Operations, Academic Applications, Information Security, and Academic IT, and Research Technology.

For more information about Kansas State University, please review our University Profile.

Learn more about Manhattan, Kansas at www.madeformanhattan.org.

This position is On-site.

Minimum Qualifications:

* Bachelor's degree plus ten years of relevant experience.

The degree requirement ensures candidates possess the academic foundation, critical thinking and analytical skills necessary to guide complex university functions with credibility and strategic insight. These competencies are typically developed and rigorously validated only through the comprehensive curriculum and experiential learning inherent in a formal degree program.

Preferred Qualifications:

* A bachelor's or master's degree in Computer Science, Information Systems, Cybersecurity, or a related field is preferred. Additional certifications in information security (e.g., CISSP, CISM, CEH, GIAC) are highly preferred.
* Extensive experience in developing and managing comprehensive information security programs, including but not limited to cybersecurity strategies, risk management, data protection, and compliance frameworks.
* Strong leadership and team development skills, with a proven ability to build, manage, and mentor multidisciplinary cybersecurity teams.
* Deep understanding of information security technologies, trends, best practices, and regulatory requirements, with experience in designing and implementing detection and response security controls and measures.
* Excellent project management skills, capable of leading complex information security projects, including security infrastructure enhancements, policy development, and incident response plans.
* Experience in vendor and stakeholder management, including SLA negotiation, and partnership development to support security initiatives.
* Strong analytical, strategic planning, and communication skills, with the ability to articulate complex security concepts to non-technical stakeholders and influence decision-making at the executive level.
* Demonstrated ability to foster a culture of security awareness, innovation, and continuous improvement within the IT department and across the organization.
* Leadership in Information Security: Demonstrated ability to lead with a strategic vision in the domain of information security, executing critical strategies within areas of responsibility. Ability to inspire and propel the team toward achieving the goals of the cybersecurity department.
* Cybersecurity Expertise: Extensive knowledge of current cybersecurity practices and frameworks, with a particular focus on applying these to protect organizational assets across various environments, including cloud. Capability to safeguard information assets, ensuring data privacy, integrity, and compliance with relevant standards and regulations.
* Information Security Detection and Response Mastery: Profound understanding of planning, operating, designing, deploying, and managing detection and response information security measures. This includes experience in modernizing IT security through innovative solutions to support organizational efficiency and compliance.
* Financial Management for Information Security Initiatives: Robust skills in budget planning, financial oversight, and resource management tailored to information security operations, ensuring strategic objectives are met within financial parameters.
* Security Technology Strategist: Expertise in assessing, selecting, and implementing current and emerging security technologies. Ability to align security solutions with organizational strategic objectives, thereby enhancing operational processes and risk management.
* Operational Excellence in Security Services: Capacity to improve operational efficiency and the effectiveness of security service delivery, ensuring high resilience, risk mitigation, and compliance across information systems and assets.
* Project Management for Security Initiatives: Exceptional project management skills demonstrated by successfully managing diverse cybersecurity projects. Ability to oversee complex security architecture, policy development, and incident response projects from start to finish.
* Effective Communication in Security: Excellent oral and written communication skills, with an ability to convey complex security issues to a non-technical audience. Proven ability to establish rapport, influence decision-making, and facilitate cohesive communication across all levels of the organization.
* Collaboration and Relationship Building in Security Environment: A track record of effective collaboration and relationship building, with strong interpersonal skills essential for fostering partnerships across various departments and with external security agencies or service providers to achieve unified security strategies.
* Analytical and Problem-Solving in Security Contexts: Strong analytical skills and the ability to solve complex problems related to information security and risk management. Ability to devise innovative solutions that advance the organization's security posture and compliance.
* Executive Support in Security Strategy and Operations: Demonstrated competency in advising and supporting senior executive leadership with insights and expertise in cybersecurity strategies and operations, aiding strategic planning and decision-making processes.

Sponsorship eligibility:

Candidates must be legally authorized to work in the U.S. on an ongoing basis without sponsorship

Kansas State University has retained the national search firm Isaacson, Miller to assist in recruiting its new Chief Information Security Officer. Inquiries, nominations, referrals, and resumes with cover letters should be sent via the Isaacson, Miller website for the search.Electronic submission of materials is strongly encouraged.

Screening of complete applications will begin immediately and continue until the completion of the search process.

$175,000-$220,000