Deputy Chief Information Security Officer

The University of Mississippi — fondly referred to as Ole Miss — stands as a premier public research institution with a proud legacy of academic distinction. We are devoted to nurturing a vibrant, inclusive community where every member — student, faculty, and staff — can achieve their fullest potential.Join the Ole Miss Family — Build Your Legacy Here!Department:Information TechnologyThe Deputy Chief Information Security Officer (Deputy CISO) serves as the principal deputy to the Chief Information Security Officer (CISO). Reporting directly to the CISO, this position provides senior executive leadership for the institution’s enterprise information security program, in support of academic, research, healthcare, and administrative missions.The Deputy CISO plays a critical role in translating institutional strategy, regulatory requirements, and risk tolerance into effective, sustainable security operations across a highly decentralized environment. This role assists in setting long-term cybersecurity direction, oversees day-to-day security functions, and represents the CISO as needed with executive leadership, governing bodies, state agencies, and external partners.Job Summary:Provides strategic leadership and direction for the institution’s information security program. This role ensures the development, implementation, and continuous improvement of enterprise-wide security strategies, policies, and operations to effectively manage risk and support the university’s academic, research, and administrative missions.Job Description:Leads the development and execution of a comprehensive information security strategy and multi-year roadmap aligned with institutional priorities and risk toleranceProvides oversight of key cybersecurity domains, such as security operations, governance, risk and compliance, identity and access management, and infrastructure securityEstablishes and enforces information security policies, standards, and procedures to ensure compliance with regulatory and contractual requirementsDirects institutional response to cybersecurity incidents, vulnerabilities, and emerging threats, coordinating across technical and non-technical stakeholdersPartners with senior leadership, academic units, and administrative functions to integrate security practices into university operations while enabling research and innovationDevelops and communicates security metrics, risks, and recommendations to executive leadership, governing bodies, and external stakeholdersOversees security-related budgeting, resource planning, and vendor management to support program effectiveness and sustainabilityLeads, develops, and scales information security teams, fostering a culture of accountability, collaboration, and continuous improvementJob Responsibilities:Partners with the CISO to develop, implement, and mature the university’s enterprise information security strategy and multi-year roadmap.Provides executive oversight for assigned information security domains, which may include Security Operations, Identity and Access Management, Governance, Risk, and Compliance (GRC), Research Security, Network and Systems Security, or Cloud Security.Oversees institutional cybersecurity incident response, including coordination with central IT, distributed IT units, legal counsel, privacy, research administration, communications, law enforcement, and executive leadership.Leads security efforts related to federally funded research, including compliance with requirements for Controlled Unclassified Information (CUI), NIST SP 800-171/172, export controls, and sponsor-specific security expectations.Collaborates with academic leadership, principal investigators, and research administration to enable secure research while managing institutional risk.Assists with development, implementation, and enforcement of security policies, standards, and procedures aligned with public-sector, higher education, and regulatory requirements (e.g., FERPA, HIPAA, GLBA, PCI DSS).Supports budget planning, procurement, and vendor management for security technologies and services, consistent with public university policies and state regulations.Develops security metrics and reporting for executive leadership, auditors, and governing bodies.Mentors and develops information security leadership and staff, promoting a culture of collaboration, accountability, and service to the university mission.Education Qualifications:Bachelor's (Required)Experience:Relevant experience | 10 Years Experience, 5 Years Supervisory | Not RequiredCompensation:$147,201.60 - $220,792.00Interview Requirement:Interview Requirements: Any candidate who is called for an interview must notify the Department of Equal Opportunity/Regulatory Compliance in writing of any reasonable accommodation needed prior to the date of the interview.EEO Statement:The University of Mississippi provides equal opportunity in any employment practice, education program, or education activity to all qualified persons. The University complies with all applicable laws regarding equal opportunity and does not unlawfully discriminate against any employee or applicant for employment based upon race, color, gender, sex, pregnancy, sexual orientation, gender identity or expression, religion, national origin, ethnicity, citizenship, age, disability, military status, protected veteran status, genetic information, or any other legally protected status.Background Check Statement:The University of Mississippi is committed to providing a safe campus community. UM conducts background investigations for applicants being considered for employment. Background investigations include a criminal history record check, and when appropriate, a financial (credit) report or driving history check. #J-18808-Ljbffr