<p>The LMU Information Technology Services team enables technologically-rich learning environments, provides effective teaching and scholarship resources and maintains reliable, accessible, and integrated information systems. This work is grounded in and supports the University' mission:</p> <ul> <li>The encouragement of learning </li><li>The education of the whole person </li><li>The service of faith and the promotion of justice </li></ul> <p>Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy.</p> <p>Position Specific Responsibilities/Accountabilities</p> <ul> <li>Enhance Security Posture: Develop and implement a comprehensive information security program that significantly reduces risks and vulnerabilities across the university's digital landscape. </li><li>Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. </li><li>Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. </li><li>Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. </li><li>Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. </li><li>Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for information security. </li><li>Training and Awareness: Provide comprehensive training and guidance to staff on information security best practices, resulting in a well-informed and vigilant workforce. </li><li>Monitoring and Reporting: Continuously monitor and report on the effectiveness of the information security program, providing clear metrics and insights that demonstrate progress and areas for improvement. </li><li>Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. </li><li>Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. </li><li>Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. </li></ul> <p>Perform other related duties.</p> <p>Loyola Marymount University Expectations</p> <p>Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service.</p> <p>Requisite Qualifications</p> <ul> <li>Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. </li><li>Seven years of experience ininformation security, with at least three years in a management role. </li><li>Professional certifications such as CISSP, CISM, or CISA are highly desirable. </li><li>Experience in developing and implementing technology policy, preferably in a University environment. </li><li>Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). </li><li>Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. </li><li>Excellent leadership, analytical, problem-solving, and decision-making skills. </li><li>Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. </li><li>Demonstrated ability to lead and manage a team of security professionals. </li></ul> <p>The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position.</p> <p>#HERC# #HEJ#</p> <p>Staff Regular</p> <p>Salary range</p> <p>$143,100.00 - $200,300.00 Salary commensurate with education and experience.</p> <p>Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit www.lmu.edu for more information.)</p>