{"21679380":{"jobPath":"/jobs/21679380/it-security-risk-and-compliance-analyst","source":"naylor","job":"21679380","jobTitle":"IT Security Risk and Compliance Analyst"},"21677280":{"jobPath":"/jobs/21677280/adjunct-instructor-information-technology","source":"naylor","job":"21677280","jobTitle":"Adjunct Instructor - Information Technology"},"21676890":{"jobPath":"/jobs/21676890/assistant-program-manager-government-marketing-specialist-for-apex","source":"naylor","job":"21676890","jobTitle":"Assistant Program Manager/Government Marketing Specialist for APEX"},"21679920":{"jobPath":"/jobs/21679920/director-it","source":"naylor","job":"21679920","jobTitle":"Director, IT"},"21679837":{"jobPath":"/jobs/21679837/manager-of-it-procurement","source":"naylor","job":"21679837","jobTitle":"Manager of IT Procurement"},"21678922":{"jobPath":"/jobs/21678922/temporary-staff-office-of-information-technology","source":"naylor","job":"21678922","jobTitle":"Temporary Staff, Office of Information Technology"},"21675931":{"jobPath":"/jobs/21675931/temporary-senior-it-business-analyst","source":"naylor","job":"21675931","jobTitle":"Temporary - Senior IT Business Analyst"},"21673878":{"jobPath":"/jobs/21673878/college-assistant-information-technology-multiple-positions","source":"naylor","job":"21673878","jobTitle":"College Assistant - Information Technology (Multiple Positions)"},"21676829":{"jobPath":"/jobs/21676829/vp-of-information-technology","source":"naylor","job":"21676829","jobTitle":"VP of Information Technology"},"21682983":{"jobPath":"/jobs/21682983/vice-president-for-information-technology-chief-information-officer","source":"naylor","job":"21682983","jobTitle":"Vice President for Information Technology & Chief Information Officer"},"21682186":{"jobPath":"/jobs/21682186/clinical-application-professional-3-beaker-is-epic-ft-day-hybrid","source":"naylor","job":"21682186","jobTitle":"Clinical Application Professional 3 - Beaker - IS Epic - FT - Day - Hybrid"},"21677272":{"jobPath":"/jobs/21677272/adjunct-instructor-information-technology-workforce","source":"naylor","job":"21677272","jobTitle":"Adjunct Instructor - Information Technology, Workforce"},"21679796":{"jobPath":"/jobs/21679796/senior-counsel-corporate-governance-strategic-transactions","source":"naylor","job":"21679796","jobTitle":"Senior Counsel, Corporate Governance & Strategic Transactions"},"21678880":{"jobPath":"/jobs/21678880/adjunct-faculty-information-technology-continuing-education","source":"naylor","job":"21678880","jobTitle":"Adjunct Faculty Information Technology (Continuing Education)"},"21674185":{"jobPath":"/jobs/21674185/security-officer-university-police-department","source":"naylor","job":"21674185","jobTitle":"Security Officer - University Police Department"},"21674482":{"jobPath":"/jobs/21674482/sightline-security-software-engineer","source":"naylor","job":"21674482","jobTitle":"Sightline Security Software Engineer"},"21676862":{"jobPath":"/jobs/21676862/postdoctoral-scholar-technology-and-international-security-igcc","source":"naylor","job":"21676862","jobTitle":"Postdoctoral Scholar, Technology and International Security (IGCC)"},"21676488":{"jobPath":"/jobs/21676488/cyber-security-engineer","source":"naylor","job":"21676488","jobTitle":"Cyber Security Engineer"},"21675771":{"jobPath":"/jobs/21675771/assistant-director-information-technology-and-systems","source":"naylor","job":"21675771","jobTitle":"Assistant Director, Information Technology and Systems"},"21679889":{"jobPath":"/jobs/21679889/associate-director-of-information-technology","source":"naylor","job":"21679889","jobTitle":"Associate Director of Information Technology"},"21675747":{"jobPath":"/jobs/21675747/unarmed-security-officer","source":"naylor","job":"21675747","jobTitle":"Unarmed Security Officer"},"21681765":{"jobPath":"/jobs/21681765/liaison-it-user-support-office-of-medical-computing","source":"naylor","job":"21681765","jobTitle":"Liaison IT User Support, Office of Medical Computing"},"21681920":{"jobPath":"/jobs/21681920/information-security-operations-analyst","source":"naylor","job":"21681920","jobTitle":"Information Security Operations Analyst"},"21681620":{"jobPath":"/jobs/21681620/security-officer","source":"naylor","job":"21681620","jobTitle":"Security Officer"},"21681643":{"jobPath":"/jobs/21681643/patterson-endowed-chair-of-cybersecurity-and-professor-tenured-computer-science","source":"naylor","job":"21681643","jobTitle":"Patterson Endowed Chair of Cybersecurity and Professor, Tenured, Computer Science"}}
Detailed information on the benefits of working at Wesleyan is located at: https://wesleyan.edu/hr/careers/prospective-resources.html.
Required Education:
4 Year Degree
Internal Number: R100917
Located in Middletown, Connecticut, Wesleyan University is one of the nation’s premier liberal arts colleges with 3,000 undergraduates and 200 graduates. Established in 1831, Wesleyan is known for its rich, open, and interdisciplinary curriculum. Wesleyan University takes the security and privacy of information and resources seriously.
Wesleyan University's Information Security program safeguards the confidentiality, integrity, and availability of the institution’s information resources. The program provides tools and guidance to help the campus community minimize risks while maintaining productivity, and establishes policies to ensure compliance with regulations, proper usage, and security best practices.
Reporting to the VP for Information Technology & CIO, the Chief Information Security Officer (CISO) is responsible for maintaining and enhancing an information security management program that meets compliance and regulatory requirements and aligns with the risk posture at Wesleyan. The CISO works with executive management (e.g. the CIO, Legal Counsel, Cabinet, and the Board of Trustees) to determine acceptable levels of risk for the institution and will collaborate with functional areas to implement practices that meet defined policies and standards for information security. As the leader of the security program, the CISO coordinates disparate drivers, constraints, and personalities, while maintaining objectivity and a strong understanding that security is just one of the university’s activities.
Responsibilities include:
Developing, implementing, and monitoring a strategic, comprehensive enterprise information security and IT risk management program.
Supervising staff within the areas of information security and Identity and Access Management.
Working directly with the functional areas to facilitate IT risk assessment and risk management processes and working with stakeholders throughout the university to align security controls with business processes.
Providing regular reporting on the status of the information security program to enterprise risk teams and senior leaders as part of a strategic enterprise risk management program.
Creating a framework for roles and responsibilities regarding information ownership, classification, accountability, and protection.
Developing, maintaining, and publishing information security policies, standards, and guidelines. Overseeing approval, training, and dissemination of security policies and practices.
Ensuring that security policies and programs are in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
Creating and managing information security and risk management awareness training programs for all employees, contractors, and approved system users.
Facilitating a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security program.
Managing security incidents and events to protect corporate information assets, including intellectual property, regulated data, and the university’s reputation.
Liaising with external agencies such as law enforcement and other advisory bodies as needed to ensure that the organization maintains a strong security posture.
Serve as liaison between the university and both internal and external auditors.
Serve as the university's Data Protection Officer.
Other duties as assigned.
This position is a hybrid position with on-campus and remote work schedules.
Remote work is only considered for residents of MA, VT, NH, ME, CT, RI, or NY. (Relocation assistance to CT is available for those who qualify).
Position is open until filled. For full consideration please apply by September 26, 2025 when first review of applications will begin.
As part of your application, please upload a cover letter and resume.
MINIMUM QUALIFICATIONS
Bachelor’s degree in business administration or a technology related field and at least 5 years of experience or an equivalent combination of education, training, and related work experience.
Related work experience includes a combination of risk management, information security and information technology roles with progressively increasing responsibility including leadership experience.
Effective communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
Poise and ability to act calmly and competently in high-pressure, high-stress situations.
Demonstrated ability to be a critical thinker, with strong problem-solving skills, a high degree of initiative, dependability, and the ability to work with little supervision.
Knowledge and understanding of relevant legal and regulatory requirements, such as Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard, Family Educational Rights and Privacy Act (FERPA), General Data Protection Regulation (GDPR) Digital Millenium Copyright Act (DMCA), etc.
Proven analytical skills, including the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
Ability to lead and motivate interdisciplinary teams to achieve tactical and strategic goals.
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
Proven thought leader, consensus builder, and an integrator of people and processes.
Demonstrated commitment to work within a diverse environment and interact openly with individuals of different backgrounds.
PREFERRED QUALIFICATIONS
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST CSF, and NIST 800-171.
Demonstrated financial/budget management, scheduling, and resource management skills.
