You are viewing a preview of this job. Log in or register to view more details about this job.

Chief Information Security Officer (Re-Announcement)

College of Charleston: Human Resources
Email

Chief Information Security Officer (CISO) (Re-Announcement)

Posting Details

POSTING INFORMATION

Internal Title

Chief Information Security Officer (CISO) (Re-Announcement)

Position Type

Unclassified

Faculty / Non-Faculty / Administration

Administration

Pay Band

Level

Department

Security

Job Purpose

Reporting to the Chief Information Officer & VP for IT, the Chief Information Security Officer (CISO) is responsible for managing the College of Charleston’s information security program to maintain compliance and align with institutional risk. The CISO works with executive leadership—including the CIO, Legal Counsel, Cabinet, Board of Trustees, and campus stakeholders—to establish risk levels and coordinates with various departments to implement policies and standards. In this role, the CISO balances multiple program priorities and recognizes information security as one aspect of the university’s overall mission. The CISO plays a critical role in advancing a culture of responsible data stewardship across the College, ensuring that data classification, retention, and privacy obligations are embedded into daily operations.

Minimum Requirements

A bachelor’s degree in business administration or a technology field, plus at least seven years of relevant leadership and professional experience—or an equivalent combination of education, training, and work history—is required. Relevant experience includes risk management, information security, or IT roles with increasing responsibility and leadership. Strong communication and collaboration skills are needed, along with the ability to explain security and risk concepts to both technical and nontechnical audiences. Candidates with an equivalent combination of experience and/or education are encouraged to apply.

Required Knowledge, Skills and Abilities

  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic academic environment.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.
  • Demonstrated ability to be a critical thinker, with strong problem-solving skills, a high degree of initiative, dependability, and the ability to work with diverse constituencies.
  • Knowledge and understanding of relevant legal and regulatory requirements, such as Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA), General Data Protection Regulation (GDPR), Digital Millennium Copyright Act (DMCA), etc.
  • Demonstrated experience establishing and maintaining data classification schemes, retention schedules, and privacy controls consistent with institutional policy and applicable regulations.
  • Certified Information Systems Security Professional (CISSP) required.

Additional Comments Regarding Position

Must be willing to be on call for emergencies. Must be willing to travel as required for conferences and consultations.

Special Instructions to Applicants

Applications should include the applicant’s full name, position, institution/organization, and email address.

Applications should consist of the following documents, to be submitted electronically in .pdf format:

1) a detailed letter of interest;
2) a full resume with relevant administrative responsibilities and accomplishments; and
3) a list of five professional references, including names, phone numbers, and email addresses, noting the candidate’s relationship with each reference.

References will not be contacted until later in the search process and only with the candidate’s permission.

Please complete the application to include all current and previous work history and education. A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.


*Salary is commensurate with education/experience which exceeds the minimum requirements.

Offers of employment are contingent upon a successful background check.


All applications must be submitted online https://jobs.cofc.edu.

Salary

*$150,967 - $173,580

Posting Date

02/17/2026

Closing Date

03/10/2026

Benefits

  • Insurance: Health/Dental/Vision
  • Life Insurance
  • Paid Leave: Sick/Annual/Parental
  • Retirement
  • Long Term Disability
  • Paid Holidays
  • Free CARTA Bus Service
  • Employee Tuition Assistance Program (ETAP)
  • Employee Assistance Program (EAP)
  • Full Benefits Package – Click Here

Open Until Filled

No

Posting Number

2026027

EEO Statement

The College of Charleston is an equal opportunity employer and does not discriminate against any individual or group on the basis of sex, gender (including gender identity and/or expression), pregnancy, race, religion, color, national origin, age, disability, military or veteran status, sexual orientation, genetic information, and other classifications protected by applicable federal, state, and local laws. For more information, please visit eop.cofc.edu.

Quicklink for Posting

https://jobs.cofc.edu/postings/17679

Job Duties

Job Duties

Activity

Leads the College’s cybersecurity strategy and oversees the Office of Information Security, ensuring the effective management and implementation of essential cybersecurity frameworks, table stakes documents, and governance policies. Responsible for centrally coordinated services through specialized units, including cybersecurity training and awareness, enterprise risk management, incident response, security operations, information security finance and planning, and compliance oversight. Provides a forward-thinking information security vision that empowers the College to achieve its strategic goals by embedding robust cybersecurity practices into all facets of the organization. Fosters a culture of security excellence, transparency, and collaboration while structuring cybersecurity services to be responsive and aligned with the needs of the academic community. Develops and maintains effective cybersecurity governance in partnership with business owners, ensuring IT acts as a trusted facilitator among stakeholders and enables secure, compliant, and innovative operations across the College.

Essential or Marginal

Essential

Percent of Time

25

 

Activity

Develop and maintain a university-wide information security plan and assessment standard, establishing robust technical controls and solutions to mitigate risks and safeguard critical infrastructure supporting enterprise applications, learning technologies, and research computing. Partner with academic and administrative leaders to enhance the security, effectiveness, and efficiency of instructional and research programs by implementing innovative and prudent information security technologies and practices.

Collaborate with university leadership, faculty, and staff to ensure the information security strategy addresses the comprehensive needs of all stakeholders. Champion cross-functional collaboration throughout the university to foster integrated planning, shared responsibility, and professional relationships that facilitate the development and deployment of common security solutions. Leverage collective expertise and investments across the institution to proactively address emerging threats, ensure compliance, and maintain readiness for evolving cybersecurity challenges.

Essential or Marginal

Essential

Percent of Time

25

 

Activity

Oversee the division’s information security operations and services, ensuring timely, high-quality, and cost-effective delivery aligned with the college’s values and strategic objectives. Develop and manage budget plans, prioritizing initiatives that maintain robust and reliable security measures, while also accommodating requests for new security services and enhancements to existing protocols.  Lead efforts to recruit, retain, develop, and evaluate highly qualified information security professionals to support and advance the college’s cybersecurity posture.

Essential or Marginal

Essential

Percent of Time

25

 

Activity

Ensure robust mitigation strategies, incident response capabilities, and cyber recovery processes are in place to protect against emerging threats and support rapid restoration of services in the event of security incidents.

Essential or Marginal

Essential

Percent of Time

15

 

Activity

Develop, implement, and continuously monitor policies and practices to safeguard the College’s technology infrastructure and institutional data, including data classification, retention, and privacy policies that protect sensitive information and align with risk management frameworks.

Essential or Marginal

Essential

Percent of Time

10