Information System Security Officer

The Information System Security Officer (ISSO) will support the organization’s information assurance program and ensure appropriate safeguards are employed to protect sensitive data. The ISSO will work directly with Sponsored Program Services (SPS), Research Information Assurance, Export Control, other Purdue Systems Security (PSS) resources, Research Computing and Engineering Computing Network, research PIs, project managers, and other stakeholders to ensure Unclassified and Classified regulated research data are being appropriately secured. This position will also perform assurance activity for general compliance responsibilities including but not limited to FERPA, GLBA, HIPAA, PCI, etc. The ISSO will perform research, assist design, test, audit, and assess the organization’s security programs and information systems (both current and being considered (e.g., RFP)) to preserve the confidentiality, integrity, and availability of information. This position will monitor developments in regard to laws and regulations that could impact the organization, recommend changes where necessary, and certify that the organization’s information systems satisfy applicable requirements.

This position is at least 75% remote. There is a requirement to be able to be on-site on a schedule basis.

Purdue University offers a substantial benefits package   including medical, dental, and vision insurance as well as a generous paid time off package for sick and vacation days. 

• Bachelor's degree in Computer Science, Computer Technology, Business, Management or related discipline
• At least 6 years of progressive technical information security experience
• In lieu of degree, consideration will be given to an equivalent combination of education and experience
• Experience leading complex security initiatives
• Demonstrated expertise in developing or maintaining IT security programs such as a Classified/CUI Research Ecosystem or Security Awareness Program
• Must have the ability to interact with a variety of individuals at different levels in a professional manner 
• In-depth knowledge and skill architecting complex security solutions that involve strict regulations, such as CUI, FERPA, and HIPAA
• Knowledge of the needs of academic and administrative computer users with regard to security and adapting existing and emerging security technologies
• Demonstrated success in establishing internal and external partnerships for collaboration and major initiatives
• Effective oral, written, and interpersonal communication skills 
• Strong ability in analytical thinking, decision making, problem solving, and customer service. Keen attention to detail
• Ability to lead and manage projects  
• Must have demonstrated knowledge of federal regulations governing CUI, export controlled, and classified research. This includes CMMC standards.
• Must be able to obtain and maintain a Top Secret security clearance. 
• Must be able to be on-site on a scheduled basis for routine assessment or other duties.

Preferred:

• Higher education work experience. 
• Technical security certifications in information security, risk compliance, or related discipline (e.g., CISSP and GIAC)

Additional Information:

• This position is subject to Export Control regulations
• Purdue will not sponsor employment authorization for this position  
• A background check will be required for employment in this position
• FLSA: Exempt (Not Eligible For Overtime)
• Retirement Eligibility: Defined Contributions immediately  
• Purdue University is an EOE/AA employer. All individuals, including minorities, women, individuals with disabilities, and veterans are encouraged to apply