Job No. 156978
- Job Title:
- Chief Information Security Officer
- Employer:
-
North Carolina State University at Raleigh
- Location:
-
Raleigh , NC
- Posting Date:
- 07-Nov-2025
- Description:
-
About the Department
The Security & Compliance Unit (S&C) within the Office of Information Technology (OIT) oversees the cybersecurity of the University’s systems and data in a manner consistent with industry best practices and the University’s IT compliance and IT risk management obligations. S&C develops and ensures compliance with cybersecurity policies/regulations/procedures, supports and oversees implementation of strategic information security initiatives, provides operational security services, and provides campus-wide vendor risk and license management. S&C is also the functional lead for the university’s identity and access management program.
S&C’s overall responsibilities include the following:
Development/maintenance of the university’s cybersecurity strategic plan and roadmap
Implementation of strategic cybersecurity initiatives
Operational security services
Coordination of IT resilience efforts and change management processes
Manage the University wide operational cybersecurity services
Establish, review, and enforce university-wide IT and cybersecurity policies, standards, and procedures, while also ensuring compliance with federal/state regulations and contractual obligations.
Campus-wide IT vendor risk and license management
Wolfpack Perks and Benefits
As a Pack member, you belong here, and can enjoy exclusive perks designed to enhance your personal and professional well-being.
What we offer:
Medical, Dental, and Vision
Flexible Spending Account
Retirement Programs
Disability Plans
Life Insurance
Accident Plan
Paid Time Off and Other Leave Programs
12 Holidays Each Year
Tuition and Academic Assistance
And so much more!
Attain Work-life balance with our Childcare benefits, Wellness & Recreation Membership, and Wellness Programs that aim to build a thriving wolfpack community.
Disclaimer: Perks and Benefit eligibility is based on Part-Time or Full-Time Employment status. Eligibility and Employer Sponsored Plans can be found within each of the links offered.
Essential Job Duties
The Chief Information Security Officer (CISO) reports to the Vice Chancellor for Information Technology and Chief Information Officer (CIO) and leads the Security and Compliance Unit (S&C) in the Office of Information Technology (OIT). The CISO is a member of the OIT Leadership Cabinet and works closely with senior administration, academic leaders, and the campus community to optimize the security posture of the university.
The CISO is responsible for developing, implementing and maintaining the university’s comprehensive cybersecurity program that ensures the confidentiality, integrity, and availability of university data and technology resources. This program utilizes industry best practices and employs a range of policy, procedural, and technological controls to manage risk to NC State University’s information assets. The CISO leads a cybersecurity program that harnesses collaborations and campus-wide resources, promotes effective cybersecurity governance, advises senior leadership on strategic cybersecurity direction and resource investments, and develops policies to effectively manage IT and cybersecurity risks. The CISO is responsible for managing the S&C portfolio within its operating budget of over $5 million as well as overseeing VRLM’s maintenance and negotiation of licenses totaling over $12 million.
List of Primary Responsibilities:
Leadership, Training and Collaboration (40%)
Provide leadership and oversight of activities and services related to the S&C unit. The current structure is comprised of:
Cybersecurity Operations (Director and 9 staff including Security Operations Center):
Secure Computing
Data Protection
Intrusion Detection/Prevention
Logging, Monitoring, Alerting
Multi Factor Authentication Solutions
Network Security Monitoring
Password Vault Management
SIEM (Security Information & Event Management) Operations
Endpoint Security: Endpoint Detection and Response, Antivirus
SSL Certificate Management
Vulnerability Scanning and Pen Testing
Web Application Security Testing
General Security Consultation, Security Architecture and Review
Security Incident Response and Investigation
Digital Forensics
Security Incident & Response
Security Operations Center (Manager and 3 staff)
Information Security, Risk and Assurance (Director and 7 staff):
Security Consulting and Education
Data Management
IT Risk Management
Security Awareness and Training
Security Liaison Team Program Management
Identity and Access Management
Security Policy and Compliance
Access Reviews
Internal & External OIT Audit Coordination
Litigation Holds/eDiscovery and Records Retention
Research Data Security Consultation & Evaluation
Security Compliance Program Development, Management and Continuous Assessment
Security Policy, Regulations, Rules, and SOP Development
Vendor Risk & License Management (Associate Director & 2 staff)
License Asset Management
Analyzes campus needs, interests and directions, and then tailors the software licensing program to meet those needs
Lead enterprise license coordination
Collaborates with UNC-System Office on university system-wide software licenses
Manages OIT licensing maintenance reviews and renewals
Manage the software inventory management system
Manage the software distribution to stakeholders
License Risk Assessment
Click-wrap Agreement Risk Assessment
Non-Negotiable Hard Copy License Review
IT Purchase Compliance Management
Manage the review process to ensure that IT purchases comply with university, State and Federal regulations and/or guidelines.
Manage the SAS Grant Administration
Ensure ongoing collaboration with OIT units, colleges, administrative units and key constituents such as data stewards, data trustees, the Office of General Counsel, Internal Audit, and Emergency Management & Mission Continuity regarding overall cybersecurity requirements.
Provides regular updates to the VCIT/CIO and other University leaders regarding cybersecurity matters, including ongoing program reporting and incident reporting.
Serve as co-chair of the Research Controlled Unclassified Information (CUI) Security Compliance Committee and Guest/Affiliate Steering Team.
Serve on a number of committees as a member or in an advisory capacity (e.g., Strategic IT Committee (SITC), Campus IT Directors, Enterprise Risk Management Advisory Team, Data Steward Committee, Data Governance Council, etc.).
Serve on the UNC Information Security Council and establish collaboration and partnerships with the colleges/universities in the UNC system.
Facilitate NC State’s annual self assessments with the UNC security framework and policy requirements
Be an active participant in the appropriate national organizations such as EDUCAUSE and be involved with collaboration and engagement in security initiatives.
Provide leadership to the Cybersecurity Awareness Team and ensure functionality of the Cybersecurity Liaisons program to assist with maintaining a secure university landscape and resulting project priorities.
Lead the development of the annual presentation to the University Board of Trustees regarding the university’s security threat and risk landscape
- Contact information:
- North Carolina State University at Raleigh
- Raleigh, NC 27695
- United States
- Employer's Website:
-
Visit Employer's website