Reporting to the Chief Information Officer & VP for IT, the Chief Information Security Officer (CISO) is responsible for managing the College of Charleston’s information security program to maintain compliance and align with institutional risk. The CISO works with executive leadership—including the CIO, Legal Counsel, Cabinet, Board of Trustees, and campus stakeholders—to establish risk levels and coordinates with various departments to implement policies and standards. In this role, the CISO balances multiple program priorities and recognizes information security as one aspect of the university’s overall mission. The CISO plays a critical role in advancing a culture of responsible data stewardship across the College, ensuring that data classification, retention, and privacy obligations are embedded into daily operations.

A master’s in business administration or a technology field, plus at least ten years of relevant executive leadership and professional experience—or an equivalent combination of education, training, and work history—is required. Relevant experience includes risk management, information security, or IT roles with increasing responsibility and leadership. Strong communication and collaboration skills are needed, along with the ability to explain security and risk concepts to both technical and nontechnical audiences. Candidates with an equivalent combination of experience and/or education are encouraged to apply.

Must be willing to be on call for emergencies. Must be willing to travel as required for conferences and consultations.

1) a detailed letter of interest;
2) a full resume/curriculum vitae with relevant administrative responsibilities and accomplishments; and
3) a list of five professional references, including names, phone numbers, and email addresses, noting the candidate’s relationship with each reference.

References will not be contacted until later in the search process and only with the candidate’s permission.

Please complete the application to include all current and previous work history and education. A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.

*Salary is commensurate with education/experience which exceeds the minimum requirements.

Offers of employment are contingent upon a successful background check.

All applications must be submitted online https://jobs.cofc.edu.

The College of Charleston is an equal opportunity employer and does not discriminate against any individual or group on the basis of sex, gender (including gender identity and/or expression), pregnancy, race, religion, color, national origin, age, disability, military or veteran status, sexual orientation, genetic information, and other classifications protected by applicable federal, state, and local laws. For more information, please visit eop.cofc.edu.

Leads the College’s cybersecurity strategy and oversees the Office of Information Security, ensuring the effective management and implementation of essential cybersecurity frameworks, table stakes documents, and governance policies. Responsible for centrally coordinated services through specialized units, including cybersecurity training and awareness, enterprise risk management, incident response, security operations, information security finance and planning, and compliance oversight. Provides a forward-thinking information security vision that empowers the College to achieve its strategic goals by embedding robust cybersecurity practices into all facets of the organization. Fosters a culture of security excellence, transparency, and collaboration while structuring cybersecurity services to be responsive and aligned with the needs of the academic community. Develops and maintains effective cybersecurity governance in partnership with business owners, ensuring IT acts as a trusted facilitator among stakeholders and enables secure, compliant, and innovative operations across the College.

Develop and maintain a university-wide information security plan and assessment standard, establishing robust technical controls and solutions to mitigate risks and safeguard critical infrastructure supporting enterprise applications, learning technologies, and research computing. Partner with academic and administrative leaders to enhance the security, effectiveness, and efficiency of instructional and research programs by implementing innovative and prudent information security technologies and practices.

Collaborate with university leadership, faculty, and staff to ensure the information security strategy addresses the comprehensive needs of all stakeholders. Champion cross-functional collaboration throughout the university to foster integrated planning, shared responsibility, and professional relationships that facilitate the development and deployment of common security solutions. Leverage collective expertise and investments across the institution to proactively address emerging threats, ensure compliance, and maintain readiness for evolving cybersecurity challenges.

Oversee the division’s information security operations and services, ensuring timely, high-quality, and cost-effective delivery aligned with the college’s values and strategic objectives. Develop and manage budget plans, prioritizing initiatives that maintain robust and reliable security measures, while also accommodating requests for new security services and enhancements to existing protocols. Lead efforts to recruit, retain, develop, and evaluate highly qualified information security professionals to support and advance the college’s cybersecurity posture.

Ensure robust mitigation strategies, incident response capabilities, and cyber recovery processes are in place to protect against emerging threats and support rapid restoration of services in the event of security incidents.

Develop, implement, and continuously monitor policies and practices to safeguard the College’s technology infrastructure and institutional data, including data classification, retention, and privacy policies that protect sensitive information and align with risk management frameworks.