Information Security Data Privacy Officer

Thank you for your interest in employment with Nevada System of Higher Education (NSHE), System Administration and System Computing Services. We want your application process to go smoothly and quickly. We ask that you keep in mind the following when completing your application:

• Draft applications are saved automatically and can be accessed through your candidate home account.

• Final applications must be submitted prior to the close of the recruitment. Once a recruitment has closed, applications will no longer be accepted.

If you need assistance or have questions regarding the application process, please contact our Human Resources department at (775) 784-4901.

Job Description

The Nevada System of Higher Education (NSHE) invites applications and nominations for the position of Information Security Data Privacy Officer. This is a renewable, full-time, non-tenured, administrative position and reports to the Chief Information Security Officer.  The position will be physically located in either Reno or Las Vegas.  

The NSHE is comprised of eight institutions: three universities, four community colleges and a research institute.  The public system of higher education in Nevada continues to experience growth with significant opportunities in serving over 105,000 students and 15,000 employees. 

This position will be responsible for ensuring the security of information systems and the privacy of its users for the Nevada System of Higher Education (NSHE). This position will collaborate with various NSHE teams to identify, develop, and implement security strategies as well as policies and procedures to assure data privacy and compliance meet audit requirements. The final candidate will conduct risk assessments and verify that policies and practices comply with all applicable laws and regulations.   

SALARY/GRADE: Grade D (starting salary range is approximately between $100,000 – $135,000; commensurate with education, experience, and training). Benefits package that includes health, dental, vision, life, and retirement. 

APPROXIMATE STARTING DATE: May 1, 2024

MINIMUM QUALIFICATIONS: The successful candidate must have earned a Master’s degree from a regionally accredited institution in Information Technology or related field with three (3) years of relatable experience with audits and privacy compliance is required. The successful candidate must have in-depth knowledge of Data Privacy, Audit, and Compliance.

  

Knowledge of and experience in higher education, specifically the Nevada System of Higher Education is preferred, but not required.  

The Data Privacy Officer must have an in-depth knowledge of data privacy laws and regulations such as GLBA, GDPR, PCI DSS and is familiar with the NIST CSF. Knowledge of vulnerability scanners such as Tenable/Nessus, Security, and Information Event Management (SIEM) Systems such as Splunk, Microsoft Defender, and threat intelligence products such as Anomali will be highly beneficial for this position.

KNOWLEDGE, SKILLS, AND ABILITIES:  Successful candidates must possess the following knowledge, skills, and abilities.  It is recommended that applicants for this position address each of the following items in the resume or cover letter:

• Maintaining an effective threat and vulnerability mitigation program

• Payment Card Industry Data Security Standard

• Gramm-Leach-Bliley Act

• General Data Protection Regulation

• Family Educational Rights and Privacy Act

• Health Insurance Portability and Accountability Act 

• Information security infrastructure methodologies, technologies, and tools.

• Trends and developments in information security, as well as current and pending threats.  

• Information security frameworks, such as the NIST Cybersecurity Framework, and federal and state information security and data privacy laws.

• Working knowledge of government regulations and industry standards developed to protect and secure data and information of students, faculty, and staff.

• Personal Identifiable Information and how it applies to the NSHE mission.

• Advanced working experience in legal, audit, compliance, or risk management role.

• Must have working experience in:

  • Analyzing, trending, and reporting upon data being presented from the various security platforms.

  • Conducting and responding to audits in various fields and working with internal and external auditors

  • Researching, compiling, and interpreting data in order to categorize and assign risk scores.

  • Evaluating privacy threats to determine the potential impact and level of risk to the Nevada System of Higher Education.  

  • Collaborating with internal staff, institutional partners, and contracted vendors.

  • Working within established policies and procedures.  

• Written and verbal communication skills to be able to write and deliver reports, recommendations, and proposals to a variety of audiences.

• Strong analytical skills to be able to synthesize complex and diverse information and present it in an easy-to-understand format.

• Good problem-solving skills for the identification and resolution of problems, as well as finding alternative solutions. 

• Organizational skills that demonstrate time management and effectiveness.

• Ability to balance workload priorities, work effectively under pressure, and manage sensitive and confidential information.

• Ability to work and perform with minimal supervision.

• Ability to review information and detect anomalies that could be detrimental to NSHE.

• Ability to read information and determine its applicability to NSHE.

• Ability to analyze current trends, and proactively look for solutions.

RESPONSIBILITIES:  The duties of this position will include, but not be limited to, the following areas of responsibility:

• Routinely collect, review, and analyze information and reports from various sources such as Splunk, Nessus/Tenable, Anomali, M365 Defender, etc.

• Research data repositories to categorize and classify data to suggest benchmarks, guidelines, and procedures to secure and protect the data.

• Write reports and publications that will benefit the NSHE, while fostering good communications with all institutions.

• Assist with vulnerability assessments of NSHE systems and networks and prioritize remediation efforts.

• Represent the Information Security Department as a project resource for internal and NSHE-wide projects. Projects may also include work with external entities such as external auditors, law enforcement, and the State Office of Cyber Defense Coordination.

• Assist with the investigation of reported incidents and privacy violations.  

• This position will be responsible for System Computing Services/System Administration’s data handling, and provides support and guidance to all NSHE institutions.

• Provide expert advice and educate NSHE and its employees on important compliance requirements.

• Draft internal data protection policies, guidelines, and procedures, in consultation with NSHE institutions and key stakeholders.

TO APPLY: The application process will be handled through the Workday on-line search process.  Application materials must include a current resume, detailed cover letter, and names, addresses and telephone numbers of four professional references willing to be contacted.  Applicants should fully describe qualifications and experience, since the initial review will serve to evaluate applicants based on documented, relevant qualifications and professional work experience.  Applications will be considered incomplete without all requested materials.  References will only be contacted for those who advance to the final phase of the search and with prior consent of the applicant.  The review of materials will begin immediately.  Materials should be addressed to Sherry Olson, Human Resources, and are to be submitted via on-line application at http://system.nevada.edu/Careers/index.htm.  For assistance with NSHE’s on-line applicant portal, contact Sherry Olson at (775) 784-3401 or [email protected].

INTERNAL APPLICANTS:  Current employees within the Nevada System of Higher Education MUST use the “Find Jobs” process within Workday to find and apply for jobs at NSHE institutions.  Once you log into Workday and type “Find Jobs” in the search box which will navigate to the internal job posting site.  Locate the specific job posting by typing the requisition number (e.g. R0000000) in the search box.

APPLICATION DEADLINE: Applications may be submitted until the position is filled.  The review of materials will begin immediately, however, for full consideration applications should be submitted by April 30, 2024.   

For more information about the Nevada System of Higher Education, please visit our website at www.nevada.edu.  The Nevada System of Higher Education hires only United States citizens and aliens lawfully authorized to work in the U.S.  The NSHE is an affirmative action, equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, age, creed, national origin, veteran status, physical or mental disability, genetic information, sexual orientation, gender identity, or gender expression.

Exempt

Yes

Full-Time Equivalent

100.0%

Required Attachment(s)

Application materials must include a current resume, detailed cover letter, and names, addresses, and telephone numbers of four professional references willing to be contacted. 

Posting Close Date

Note to Applicant

A background check will be conducted on the candidate(s) selected for hire.

References will be contacted at the appropriate phase of the recruitment process.

As part of the hiring process, applicants for positions in the Nevada System of Higher Education may be required to demonstrate the ability to perform job-related tasks.

All document(s) must be received on or before the closing date of the job announcements.  Schedules are subject to change based on organizational needs.

HR will attempt to verify academic credentials upon receipt of hiring documents.