Information Security and Identity Manager
Under the general
direction of, and reporting to, the Chief Information Officer, the Information Security and Identity Manager is responsible for the
development and delivery of a comprehensive Information security and privacy program for Ohio Northern University.
To perform this
job successfully, an individual must be able to satisfactorily perform each essential duty listed below. Reasonable accommodations will be
made for persons with disabilities, covered by the Americans with Disabilities Act, in accordance with its requirements.
numbered for convenience, and do not indicate order in terms of importance, frequency that the duty is performed, or the amount of time
spent on the duty.
- Develop, maintain, implement, and evaluate security policies, practices, standards, systems and procedures;
develop and maintain a written information security plan and security architecture documentation.
- Investigate possible violations of
computer and network security and coordinate response to security incidents to include, but not be limited to, notification of campus
police, other offices as appropriate, and contact with external response teams.
- Develop procedures to ensure confidentiality,
integrity, and accessibility of data and software. Work closely with IT Infrastructure and Enterprise Applications units on the
identification and implementation of appropriate security procedures, software, and hardware.
- Develop and implement procedures and
guidelines for internal auditing of information security controls. Conduct or facilitate auditing procedures.
- In conjunction with
other IT staff, investigate, recommend, and authorize security tests or security scans (i.e. vulnerability, penetration) affecting
information systems resources.
- Evaluate proposed vendors, products, and processes for compliance with ONU information security
- Manage and maintain ONU digital identities through internal and external directory services and the processes that activate,
deactivate and synchronize those identities.
- Perform other related duties as required.
Security and Identity Manager is responsible for the development and delivery of a comprehensive Information security and privacy program
for Ohio Northern University.
- Conduct and/or delegate the assessment of computer
systems and network security risks and participate in evaluation and implementation of security-related technologies to mitigate these
- Consult and mentor ONU colleagues on compliance with ONU information security standards.
- Direct and coordinate the
development and execution of security awareness programs to educate the campus community on the safe and ethical use of information
- Advise management periodically on status of information security and confidentiality conditions including
regulatory and standards compliance, problem areas and recommended enhancements on security issues and/or events.
- Participate as a
member of Ohio Northern University IT Management, providing pertinent security information and input to strategic and tactical planning;
budget preparation; initiatives and projects planning; internal and external reporting; and other management activities as
- Lead technology-related activities related to e-discovery, litigation hold, and other legal requests and response in
conjunction with the CIO.
- Network with security professionals and colleagues at other higher education institutions, the local
community, and in industry regarding broad information security issues and trends.
- Keep abreast of changes to existing and proposed
State and Federal legislation and regulatory laws pertaining to information system security and privacy. Keeps management aware of the
regulatory changes that will affect information privacy, information processing and/or security standards and techniques.
- Work with
other units on campus, as appropriate, to formulate and promulgate campus wide effective practices and standards for security and access
control to data and information systems.
- Maintain and monitor ONU user digital identities and the systems used to control those
- Manage and synchronize identities in Active Directory, CAS, Shibboleth, LDAP and other identity services, and administer
the flow of identity and security information between systems.
- Manage and maintain ONU security certificates.
- Other duties
- Bachelor’s degree in an area of Information Technology, Business Systems, Management, or Administration, or a
- At least five years of experience in information security and information technology.
- Experience in developing
and administering an information security program.
- Certified Information Systems
Security Professional (CISSP) is desirable.
- Strong background in Unix server environments.
- Strong background in Microsoft
- Cisco certification/training.
© Copyright 2020 Internet Employment Linkage, Inc.