Responsible for IT Services security policy development, recommendation, implementation and maintenance. Performs a leadership role in the overall security program structure and design, security metrics reporting, and information security assurance improvement processes. Design and deliver of security policy education, training, and awareness activities. Monitor compliance with IT Services security policy and applicable law. Implement, configure, operate, and perform ongoing maintenance of the various security solutions and the identification, investigation and resolution of security events detected by those systems.
Develop and implement IT Services business continuity and disaster recovery program, as approved. Perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.
Job Qualifications Required:
BA or BS in Computer Science, Management Information Systems, or related field, or equivalent combination of education and experience.
Proven experience in information and cyber security, and IT audit experience.
Experience developing and implementing a comprehensive IT risk based security program, which includes security policy, security education, and network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
Knowledge of and ability to stay abreast of information security standards and frameworks, rules and regulations related to information security, data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.
Prior systems administration experience.
Experience deploying, configuring and monitoring security tools and platforms such as IDS/IPS, SIEM, A/V, Firewalls, vulnerability scanning and packet analysis tools.
Knowledge of disaster recovery and business continuity methods and practices.
Knowledge of host/network common vulnerabilities and exploits (CVEs) and experience with hacker methodologies, tactics, and the tools used.
Strong analytical and problem solving skills.
Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Ability to work with and serve as a liaison between diverse populations of system users at varying technological levels.
Job Qualifications Preferred:
CISSP, GIAC, or other security certifications.
Prior higher education industry experience.
Employment Type: Full-Time
Department: Information Technology
Internal Number: 1796
About Rhode Island School of Design
Rhode Island School of Design (RISD), founded in 1877, is a fine arts and design college located in Providence, Rhode Island. Enrolling about 2000 undergraduates and 400 graduate students from across the United States and 55 other countries, RISD offers 16 undergraduate majors and 16 graduate majors, and is ranked annually by U.S. News & World Report as one of the top art and design schools in the United States. RISD’s rigorous education encourages creative experimentation and intellectual risk-taking, challenging students to question their approach to art making through critical thinking. There are over 90,000 works of art in the RISD Museum, which houses a collection of fine and decorative art objects. The first public galleries opened in 1893. The RISD Library is one of the oldest independent art college libraries in the country with more than 150,000 volumes and 380 periodical subscriptions which offer unusual depth and richness in the areas of architecture, art, design, and photography. The RISD campus is contiguous with the campus of Brown University and the two institutions share social, academic, and community resources.RISD recognizes diversity and inclusivity as fundament...al to its learning community and integral to an art and design education. We welcome candidates whose experience has prepared them to contribute to our commitment to diversity and excellence. RISD is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation, gender identity or expression, genetics, or any other protected characteristic as established by law.