Information Security Officer (ISO)

Responsibilities:

Lead enterprise risk management strategy, ensuring security policies, standards, and controls effectively mitigate risks. Oversee cybersecurity operations, including incident response, threat monitoring, and risk assessment. Partner with CIO, CISO, and stakeholders to provide strategic guidance on cybersecurity, infrastructure, IAM, and data protection. Ensure security compliance with regulatory requirements, audits, and risk mitigation plans. Drive secure research initiatives, ensuring protection of research infrastructure and data. Collaborate with IT teams to identify and address security risks across systems, networks, and services. Promote a security-first culture through training, awareness, and best practices across the organization. Develop and track security metrics, reports, and dashboards for leadership visibility. Stay updated on emerging threats, technologies, and regulatory changes impacting cybersecurity. Identity & Access Management (IAM)

Leadership:

Lead and oversee IAM strategy, operations, and roadmap. Ensure secure and efficient identity lifecycle management and access controls. Monitor program effectiveness and drive continuous improvements based on metrics and feedback. Governance, Risk & Compliance (GRC): Conduct risk assessments, audits, and compliance reviews. Track and remediate audit findings and vulnerabilities. Align security practices with industry standards and regulatory requirements.

Leadership & Team Management:

Provide leadership to security teams, analysts, and program managers. Mentor, coach, and develop high-performing cybersecurity teams. Collaborate cross-functionally with IT, research, procurement, and business units.

Stakeholder Engagement & Strategy:

Act as a trusted advisor to executive leadership on cybersecurity strategy. Participate in IT governance, leadership forums, and strategic planning. Engage with internal and external partners to enhance security posture. Qualifications Bachelor s degree in IT, computer science, cybersecurity, or related field. Master s degree or CISSP certification preferred. 5+ years of IT leadership experience, including cybersecurity strategy and management.

Core Skills & Expertise:

Cybersecurity strategy, risk management & compliance Identity & Access Management (IAM) Network, cloud, and infrastructure security Incident response & threat management Security tools, frameworks, and regulatory standards Strong stakeholder management, leadership, and communication skills

Preferred Qualifications:

10+ years in IT/security roles with leadership experience Experience in enterprise security programs and governance Background in higher education or large enterprise environments