Information Security Officer

Posting Details

Position Information

Working Title Information Security Officer
Classification Title Administrator II
Job Summary

Information Resources & Technology (IRT) provides essential information technology services for campus operations and innovative technology solutions to facilitate the accomplishment of strategic campus goals.

The Information Security Officer (ISO) reports to the Vice President and Chief Information Officer and serves as member of the IRT senior leadership team and actively participates in planning, projects, prioritization, and continuous improvement of IRT operations and customer service.

The ISO will lead and manage all aspects of the campus-wide information security and privacy program including awareness, training, intrusion prevention, incident response, and compliance. The ISO leads and manages a small, high performing team of information security professionals and student workers. The ISO will serve as campus-wide advocate and liaison for compliance, intrusion prevention, incident response, and information security awareness. The ISO will collaborate with campus stakeholders to mature the information security program and the other programs and services in his/her purview.

The ISO will stay informed about current and emerging risks and trends through participation in professional organizations such as REN-ISAC and networking with CSU ISOs and other peers.

The ISO will collaborate with campus constituents to develop campus security policies and standards to ensure confidentiality, integrity, and availability of information assets. System-wide information security policies are documented in ICSUAM Section 8000. The ISO will take a balanced approach to managing risk and enabling our faculty, staff, and students to perform mission critical activities.

The ISO will be responsible for metrics/reporting needs in his/her purview including periodic risk reports and audits.

All team members work in alignment with strategic goals of Sac State and IRT.

The ISO position requires the highest level of confidentiality and integrity; successfully completing a background investigation will be required for this position of trust.

FLSA MPP - This position is defined in the Management Personnel Plan (MPP) of the California State University. It is excluded from the collective bargaining process and is exempt from overtime provisions of FLSA. This position is covered by health benefits.
Classification Salary Range

3,635 – 12,456 monthly

Hiring Range
Salary Grade/Range 1
Step N/A
Is this position Hourly or Intermittent? No
Regular or Temporary Regular
Full Time or Part Time Full Time
Pay Plan 12
Work Hours Monday-Friday, 8am-5pm; Other hours as required
Department Information

Minimum Qualifications
Required Qualifications

1. Bachelor’s degree in a relevant field or discipline.
2. Demonstrated experience effectively leading and managing an enterprise information security program including security awareness, training, intrusion prevention, incident response, and compliance.
3. Demonstrated experience serving in an IT leadership role such as director including experience with supervision, delegation, and performance management.
4. Demonstrated experience providing excellent service to diverse faculty, staff, and students, cultivating partnerships, and maintaining collegial relationships throughout the organization.
5. Demonstrated experience with leading change/effective change management.
6. Demonstrated experience with evaluation and continuous improvement of services and processes.
7. Demonstrated experience successfully managing complex projects, prioritizing based on strategic goals, and meeting deadlines. Familiarity with agile project management concepts desired.

8. Demonstrated excellence in writing, speaking, and presentation skills.
9. Demonstrated ability to own, manage, and solve complex problems in a creative and timely manner.
10. -Demonstrated knowledge of laws and standards relevant to higher education and the ISO position such as HIPAA, PCI, and FERPA.

Conditions of Employment:
- Ability to pass a background check

Preferred Qualifications

11. Master’s degree in a relevant field or discipline.
12. At least seven years of experience managing information security program.
13. Demonstrated understanding of higher education organizational structures and mission; experience with shared governance.
14. Demonstrated experience with security tools such as vulnerability management, log management, and network and asset management tools.

1. Working knowledge of stateful firewall, VPN, intrusion detection/prevention, forensics, event correlation, inline anti-virus / anti-malware / trojan applications, and deep patch inspection.
2. Working knowledge of various networking protocols including: TCP/IP, UDP, SMTP, Wi-Fi, VOIP, IPSec, SNMP, SSL and SSH to minimize campus risk exposure.
3. Familiarity with California State Information Security policies

- CISSP or other information security certifications.

Physical Demands
Required Licenses/Certifications
Is Background Check Required Yes
Background Check Disclaimer

A background check (including a criminal records check) must be completed satisfactorily before any candidate can be offered a position with California State University, Sacramento. Failure to satisfactorily complete the background check may affect the application status of applicants or continued employment of current California State University, Sacramento employees who apply for the position.

Eligibility Verification

Candidate will be required to provide official transcripts of their highest degree earned and must furnish proof of eligibility to work in the U.S.. California State University, Sacramento is a sponsoring agency ( ie. H-1-B Visa).

Hiring Preference Not Applicable
Conflict of Interest

The duties of this position include participation in decisions that may have a material financial benefit to the incumbent. Therefore, the selected candidate will be required to file Conflict of Interest Form 700: Statement of Economic Interest when they first occupy the position, an on an annual basis, complete ethics training within 6 months of appointment, and attend this training every other year thereafter.

California Child Abuse and Neglect Reporting Act

The person holding this position is considered a “mandated reporter” under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in the California State University Executive Order 1083 as a condition of employment.

Equal Employment Opportunity

California State University, Sacramento is an Affirmative Action/Equal Opportunity Employer and has a strong institutional commitment to the principle of diversity in all areas. We consider qualified applicants for employment without regard to race, color, religion, national origin, age, sex, gender identity/expression, sexual orientation, pregnancy, genetic information, medical condition, marital status, veteran status, or disability. Sacramento State hires only those individuals who are lawfully authorized to accept employment in the United States.

It is the policy of California State University, Sacramento to provide reasonable accommodations for qualified persons with disabilities who are employees or applicants for employment. If you need a disability related reasonable accommodation as part of the application and/or interviewing process, visit

The University is committed to creating an education and working environment free from discrimination, sexual harassment, sexual violence, domestic violence, dating violence, and stalking. For more information on mandatory training for new employees, visit

Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act and Campus Fire Safety Right-To-know Act Notification. For additional information, visit

Posting Detail Information

Posting Number AS0120P
Number of Vacancies 1
Open Date 09/29/2017
Close Date
Open Until Filled Yes
First Priority Review Date 10/20/2017
Special Instructions to Applicants

For questions regarding this search, contact:

Contact Name Employment Services
Contact Phone 916-278-6326
Contact Email

Supplemental Questions

Required fields are indicated with an asterisk (*).

  1. * Please select the highest level of education obtained.
    • GED
    • High School Diploma
    • Associates Degree
    • Bachelor's Degree
    • Master's Degree
    • Doctoral or Professional Degree
    • Some college
    • None of the above
  2. * Please provide a list of your current certifications.

    (Open Ended Question)

  3. * Describe your experience with managing an information security team.

    (Open Ended Question)

Documents Needed To Apply

Required Documents
  1. Resume/Curriculum Vitae
  2. Cover Letter
Optional Documents