We are an Equal Opportunity Employer (AA/EOE/Minorities/Females/Disabled/Veterans/Drug Free).

Start Over with Job Search
Returning Applicant?  Login Now
Information System Security Manager 25-005
Position Number:25-006
College or Other:Other ODU Units
Department:
FT/PT Status:Full Time
  
Summary

Old Dominion University (ODU) seeks an experienced Information System Security Manager to oversee and manage the cybersecurity (CS) and compliance of a secure, Controlled Unclassified Information (CUI) compliant enclave and its encompassing tools and technologies. The Security Manager will serve as principal advisor on all matters, technical and otherwise, involving the security of information systems under their purview. This role includes tracking and analysis of CS standards and procedures, including policies, security requirements, audit findings, and remediation plans for vulnerabilities in support of secure research systems, networks, and applications.
Job Responsibilities:
  • Design, implement, and maintain a CUI-compliant documentation such as system security plan and POA&M
  • Assist in the management, implementation, and oversight of the regulated research project programs, standards, and requirements.
  • Provide tracking and analysis of cybersecurity standards and procedures, including policies, security requirements, audit findings, and remediation plans for vulnerabilities.
  • Conduct risk assessments, risk mitigation analysis, and develop contingency plans for regulated research systems, networks, and applications.
  • Develop and implement firewall policies.
  • Interpret and provide guidance for implementation of CUI controls
  • Conduct regular security audits and vulnerability assessments
  • Provide training to staff on CUI handling procedures and secure communication practices
  • Collaborate with compliance officers to ensure adherence to NIST SP 800-171 guidelines
  • Respond to and mitigate security incidents related to CUI handling
  • Advise senior management on risk levels and security posture. Advise CISO or Authorizing Official of changes affecting the organization's cybersecurity posture. 
  • Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
  • Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
  • Manage the monitoring of information security data sources to maintain organizational situational awareness; oversee the information security training and awareness program.

Minimum requirements:  Bachelor’s degree in computer science, Information Technology, or related field or CISM or CISSO or FITSP-M or GCIA or GCSA or GCIH or GSLC or GICSP or CISSP-ISSMP or CISSP. 5+ years of experience in IT security and network administration. Proven experience with Microsoft Office 365 administration and Teams configuration; experience using public cloud environments such as AWS, Azure and GCP; strong knowledge of NIST SP 800-171 requirements and CUI handling procedures; experience implementing and managing email encryption solutions; familiarity with cloud security principles and practices; excellent problem-solving and communication skills. 

U.S. citizen, qualify for Tier 2, National Security Clearance for Secret Information. 

Preferred qualifications: Knowledge of data backup, recovery concepts, and disaster recovery continuity of operations plans.  Understanding of cybersecurity principles, including risk management, vulnerabilities, and network attacks.  Expertise in access control mechanisms and network security architecture.  Proficiency in incident response methodologies and intrusion detection techniques.  Familiarity with IT security assessment, monitoring, and remediation tools and procedures.  Knowledge of server administration, systems engineering, and system life cycle management.  Understanding of organizational IT goals, objectives, and enterprise incident response programs.  Skill in creating and implementing security policies and determining system resilience.  Knowledge of information security program management and project management techniques.  Awareness of current and emerging threats/threat vectors.  Ability to support and validate compliance activities against policies, guidelines, and regulations.  Understanding of Personally Identifiable Information (PII) data security standards.  Knowledge of applicable cybersecurity laws, statutes, and administrative/criminal legal guidelines.  Familiarity with IT supply chain security and risk management policies.  Understanding of information classification programs and procedures for information compromise.  Background in higher education IT environments.  CISSP (Certified Information Systems Security Professional) certification.  Experience dealing with multiple tasks, working with stakeholders in federal government and contractors.

Please visit ODU Research Foundation website at http://researchfoundation.odu.edu; click on the employment tab and follow the link for position #25-005.  Review of applications will begin immediately and will continue until the position is filled.  AA/EOE/M/F/Disability/VETS/Drug Free

It is the policy of Old Dominion University to provide equal employment, educational and social opportunities for all persons, without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, sex or gender (including pregnancy, childbirth, or related medical conditions), national origin, gender identity or expression, age, veteran status, disability, political affiliation, sexual orientation or genetic information. Minorities, women, veterans, and individuals with disabilities are encouraged to apply.