Information Security Officer

Information Security

Job #548135

Close Date: Sunday, June 22, 2025

(Internal Only)

 

At Cal Poly Humboldt, bold hearts and open minds shape the future.

Founded in 1913, Cal Poly Humboldt began as a small college for teachers. Today Humboldt has grown into a comprehensive university with rigorous science and liberal arts programs. Designated a polytechnic in 2022, Cal Poly Humboldt provides hands-on, impactful educational opportunities that lead to meaningful, measurable outcomes for the individual, for the state, and the world.

Cal Poly Humboldt is proud to have more than 6,000 students of all backgrounds spread across 61 majors, 13 graduate programs, and 4 credential programs — all of whom contribute passion and creativity within their fields and set the stage for a future grounded in equity and sustainability. Hands-on learning, inspired teaching, ground-breaking research, and thought-provoking creative activity happen daily at Humboldt.

Finding a better future is a task for the bold and open, the down-to-earth and visionary. Cal Poly Humboldt strives to cultivate these qualities in leaders, innovators, and scholars in every field.

 

(Job #548135) Administrator II, Information Security Officer, Salary Range: $5,053 - $16,221 monthly Hiring Range: $10,000 -  $12,750 monthly. This is a full-time, benefited, exempt, 12-month pay plan in Information Security. This position is an Administrator II in the California State University Management Personnel Plan (MPP). Under this plan, incumbents are subject to normal management reviews and serve at the pleasure of the University President. Additional information can be found at: http://www.calstate.edu/HRAdm/policies/mpp.shtml. This position comes with a premium benefits package that includes outstanding vacation, medical, dental, and vision plans, life insurance, voluntary pre-tax health and dependent care reimbursement accounts, a fee waiver education program, membership in the California Public Employees Retirement System (PERS), and 14 paid holidays per year. Additional benefits information can be found at https://hraps.humboldt.edu/employee-benefits. Please note that this is an internal recruitment open only to active, stateside, Cal Poly Humboldt Employees.

 

Position Summary:

The Information Security Officer (ISO) leads Cal Poly Humboldt’s information security program, reporting to the Chief Information Officer. The ISO oversees campus-wide security planning, operations, risk assessments, compliance, training, and incident response. This role balances security needs with operational functionality and innovation to support institutional goals.

The ISO ensures compliance with CSU policies, industry standards, and legal requirements; supports audits and investigations; and safeguards sensitive data. They lead a team of professionals, collaborate with stakeholders to develop policies and procedures, and serve as the primary campus liaison on information security matters.

Additionally, the ISO contributes to IT planning and service improvement efforts, staying current on emerging risks and trends. Their leadership ensures the confidentiality, integrity, and availability of campus information assets.

Familiarity with the University’s mission, strategic goals, and IT infrastructure is essential. This position may include remote work, with expectations defined in the Telecommute Program and ITS employee handbook.

 

Key Responsibilities:

 

Leadership and Team Management – 15%

Lead a high-performing team in a collective bargaining environment, including performance management, mentoring, and fostering cross-functional collaboration. Ensure appropriate levels of recognition, professional guidance, and shared accountability.

In collaboration with the Chief Information Officer and Information Technology Services Budget Analyst, plan and oversee annual budget allocations and expenditures for the Information Security department in accordance with university fiscal guidelines.

 

​​Information Security Program Management – 30%

Program Management: Oversee and manage the campus information security program, including compliance, training, awareness, vulnerability management, intrusion detection/prevention, and incident response. Develop and maintain security plans, annual security priorities, risk assessments, pen tests, and firewall reviews.

Coordinate with the Chief Information Officer, campus leadership, and systemwide team in implementing program objectives. Inform and advise designated individuals about any real or potential risk or threat to the security of campus devices, applications, or data.

Policy and Procedure Oversight: Oversee campus information policies, procedures, and processes. Coordinate with campus leadership and systemwide teams in implementing program objectives. Ensure the development and maintenance of security policies that ensure the confidentiality, integrity, and availability of information assets.

Incident Response Management: Lead and manage the incident handling process, including documentation, protection of evidence, and long-term secure archiving. Act as a liaison with the University Counsel, the Chancellor’s Office, and other stakeholders for incidents involving campus systems and information.

 

Audit, Risk, and Data Governance – 10%

Security Audits and Risk Management: Manage security-related audits and prepare risk assessments and other reports. Conduct security reviews of campus systems, including security scanning, intrusion detection probes, and system log file audits. Classify and report on security events and incidents for trending and data-driven decision-making.

Data Governance: Collaborate with the Chief Technology Officer (CTO) and the Chief Data Officer (CDO) to ensure that the data governance strategy is aligned with the university’s purpose (mission), vision, and goals and that it furthers its strategic plan(s). Jointly work with CTO & CDO to ensure compliance with relevant regulations (e.g., FERPA, HIPAA, etc.) and implement relevant campus policies, procedures, and guidelines.

 

Collaboration, Communication, & Training – 10%

Collaboration & Communication: Collaborate with campus stakeholders, including the Information Technology Services Help Desk and other units within Information Technology Services, to create, enhance, and provide a consistent and effective set of services to the campus community. Provide regular and consistent updates and presentations to campus constituents.

Training and Awareness Programs: Oversee overall security awareness training and provide specialized training for various campus personnel on maintaining information security with their job duties. Advise, counsel, and educate constituents about the role and benefits of information security.

 

Continuous Improvement and Professional Development – 5%

Stay informed about current and emerging risks, trends, and technologies through professional organizations and networking with CSU Information Security Officers and other peers. Participate in planning, projects, prioritization, and continuous improvement of Information Technology Services operations and customer service.

 

Project Management – 5%

Provide leadership as a project manager or participant for complex, campus-wide projects with an information security component. Create or contribute to project plans using established tools and collaborate with colleagues internally and externally.

 

Other Duties as Assigned – 5%

 

Knowledge, Skills, and Abilities Associated with this Position Include:

Demonstrated Experience in Information Security:

• Performing enterprise information security program activities, including risk assessments, security controls assessments, security awareness, training, intrusion detection/prevention, incident response, and compliance.
• Using security tools such as vulnerability management, log management, and network and asset management tools.
• Understanding information security best practices, policy compliance, and technological controls.

Leadership and Change Management:

• Serving in an IT leadership role, including experience with supervision, delegation, and performance management.
• Leading change and effective change management.
• Demonstrated commitment and/or experience promoting and fostering a working environment that is supportive of individuals from diverse backgrounds.

Adaptability and Problem Solving:

• Quickly adapting to rapidly changing security exposure scenarios/incidents.
• Owning, managing, and solving complex problems in a creative and timely manner.

Communication and Interpersonal Skills:

• Establishing and nurturing cross-functional relationships and building consensus.
• Articulating to a non-technical audience the implications and trade-offs associated with information security risks.
• Providing excellent service to diverse constituents, cultivating partnerships, and maintaining collegial relationships throughout the organization.
• Strong writing, speaking, and presentation skills.

Strategic Thinking and Proactivity:

• Thinking and acting strategically and proactively.
• Developing, interpreting, implementing, and articulating plans that balance improving security posture with capacity while enabling necessary functionality to meet business objectives.

Technical and Regulatory Knowledge:

• In-depth knowledge of laws and standards relevant to information security (such as HIPAA, PCI, and FERPA) and ability to balance their practical applicability.
• Experience with modern enterprise architecture across on-premise, cloud, and hybrid environments.
• Ability to participate in technical conversations about topics such as networks, systems, log management, firewalls/IDP, SSO, MFA and emerging technologies.

Organizational Skills:

• Good organizational and documentation skills; strong orientation to details.
• Managing complex projects, prioritizing based on strategic goals, planning information security improvements, and meeting deadlines.

 

Minimum Qualifications:

Education:

Bachelor’s degree in Computer Science, Computer Information Systems, Educational Technology, or a closely related field.  Additional relevant experience can be substituted for equivalent education on a year for year basis.

Experience:

A minimum of two (2) years of leadership experience in an enterprise technology environment, along with at least five (5) years of experience working in information security.

 

Preferred Qualifications:

Educational Background:

• Master’s degree in an appropriate area of expertise (e.g., Computer Science, Software Engineering, MIS, or related discipline).

Professional Certification:

• Certified Ethical Hacker, Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or equivalent professional certification in information or technology security.

Technical Knowledge and Skills:

• Knowledge of security models and architectures including segmentation/isolation, layering, and domains and how they may be applied to meet specific information protection requirements.
• Knowledge of specific domains as they apply to information protection: physical security, telecommunications and network technology, cryptography, application and system development, identity management.

Experience and Abilities:

• Proven experience implementing processes that span functional or organizational areas.
• Demonstrated understanding of higher education organizational structures and mission; experience with shared governance.

 

 

Application Procedure: To apply, qualified candidates must electronically submit the following materials by clicking the Apply Now button:

• Letter of Interest
• Resume or Curriculum Vitae
• Contact information for at least three professional references

Application Deadline: The deadline to submit application materials is 11:55 p.m. on Sunday, June 22, 2025.

Any inquiries about this recruitment can be directed to careers@humboldt.edu or Cal Poly Humboldt’s Human Resources Office at (707) 826-3626.

We acknowledge that Cal Poly Humboldt is located on the unceded lands of the Wiyot people, where they have resided from time immemorial. We encourage all to gain a deeper understanding of their history and thriving culture. As an expression of our gratitude we are genuinely committed to developing trusting, reciprocal, and long lasting partnerships with the Wiyot people as well as all of our neighboring tribes. Cal Poly Humboldt was the first campus in the California State University system to offer a stand-alone major in Native American Studies.

Cal Poly Humboldt is committed to enriching its educational environment and its culture through the diversity of its staff, faculty, and administration. Persons with interest and experience in helping organizations set and achieve goals relative to diversity and inclusion are especially encouraged to apply.

Working in the state of California is a condition of employment for this position. Even if part or all of an employee's assignment can be performed remotely, the employee must maintain a permanent residence in the state of California. The employee must be able to accept on-campus work assignment, as assigned, and come to campus when needed. This position is telecommute eligible; work on-site as scheduled or as requested and telecommute as scheduled.

CSU strongly recommends that all individuals who access any in-person program or activity (on- or off-campus) operated or controlled by the University follow COVID-19 vaccine recommendations adopted by the U.S Centers for Disease Control and Prevention (CDC) and the California Department of Public Health (CDPH) applicable to their age, medical condition, and other relevant indications and comply with other safety measure established by each campus. The systemwide policy can be found at CSU Vaccination Policy and any questions you have may be submitted to hr@humboldt.edu.

Cal Poly Humboldt hires only individuals lawfully authorized to work in the United States. This position may be considered a “Campus Security Authority”, pursuant to the Clery Act, and is required to comply with the requirements set forth in CSU Executive Order 1107 a condition of employment.

CAL POLY HUMBOLDT IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS (e.g. H1-B VISAS)

Evidence of required degree(s), certification(s), or license(s) is required prior to the appointment date. Satisfactory completion of a background check (including a criminal records check, employment verification, and education verification) is required for employment. Cal Poly Humboldt will issue a contingent offer of employment to the selected candidate, which may be rescinded if the background check reveals disqualifying information, and/or if it is discovered that the candidate knowingly withheld or falsified information.  Certain positions may also require a credit check, motor vehicle report, and/or fingerprinting through Live Scan service. Failure to satisfactorily complete or adverse findings from a background check may affect the employment status of candidates or continued employment of current CSU employees who are being considered for the position.

This position is a “designated position” in the California State University’s Conflict of Interest Code. The successful candidate accepting this position is required to file Conflict of Interest forms subject to the regulations of the Fair Political Practices Commission.” In reference to the full disclosure letter, please refer to HR 2010-08.

All university programs and activities are open and available to all regardless of race, sex, color, ethnicity or national origin. Consistent with California law and federal civil rights laws, the Cal Poly Humboldt provides equal opportunity in education and employment without unlawful discrimination or preferential treatment based on race, sex, color, ethnicity, or national origin. Our commitment to equal opportunity means ensuring that every student and employee has access to the resources and support they need to thrive and succeed in a university environment and in their communities. Cal Poly Humboldt complies with Title VI of the Civil Rights Act of 1964, Title IX of the Education Amendments of 1972, the Americans with Disabilities Act (ADA), Section 504 of the Rehabilitation Act, the California Equity in Higher Education Act, California’s Proposition 209 (Art. I, Section 31 of the California Constitution), other applicable state and federal anti-discrimination laws, and CSU’s Nondiscrimination Policy. We prohibit discriminatory preferential treatment, segregation based on race or any other protected status, and all forms of discrimination, harassment, and retaliation in all university programs, policies, and practices.  Cal Poly Humboldt is a diverse community of individuals who represent many perspectives, beliefs and identities, committed to fostering an inclusive, respectful, and intellectually vibrant environment. We cultivate a culture of open dialogue, mutual respect, and belonging to support educational excellence and student success. Through academic programs, student organizations and activities, faculty initiatives, and community partnerships, we encourage meaningful engagement with diverse perspectives. As a higher education institution, we are dedicated to advancing knowledge and empowering individuals to reach their full potential by prioritizing inclusive curriculum development, faculty and staff training, student mentorship, and comprehensive support programs. At Cal Poly Humboldt, excellence is built on merit, talent, diversity, accessibility, and equal opportunity for all.

Additionally, all CSU staff and faculty receive training annually on their obligations in responding to and reporting incidents of sexual harassment and sexual violence. You will be notified by email when you are required to take this mandated training.

Class Code: 3312
Publication Date: 6/13/2025