Position Function:
The Deputy Chief Information Security Officer assists the Chief Information Security Officer (CISO) in providing operational and technical support for the University’s information security program. This role helps ensure the confidentiality, integrity, and availability of information assets, data, and systems. The Deputy CISO works closely with the CISO to implement security policies, standards, procedures, and controls, and helps coordinate the integration of security strategies and initiatives across all campuses and units. This position reports directly to the Chief Information Security Officer and collaborates with IT leadership, research computing, and campus stakeholders to support security capabilities that align with institutional objectives.
Salary Grade: 19
Please see Staff Compensation Structure or Skilled Crafts and Service Maintenance Compensation Schedule for salary ranges. For salary grade UC, these positions are "Unclassified" and salary ranges are determined by the hiring department.
Essential Duties and Responsibilities:
1. Assist the CISO in developing, implementing, and improving the University’s information security program and control environment.
2. Support the translation of the CISO’s strategy into actionable plans; help manage day-to-day security operations and resource prioritization across security domains (GRC, IAM, incident response, vulnerability management, architecture/engineering, and awareness).
3. Help maintain and enforce information security policies, standards, and procedures; assist in monitoring compliance across academic, research, and administrative units.
4. Support alignment with relevant frameworks and regulations (e.g., NIST CSF/800-53, ISO/IEC 27001/27002, CIS Controls, HIPAA, FERPA, GLBA, PCI DSS) and assist with assessments and audits.
5. Help maintain and test the incident response plan; assist with incident detection, containment, eradication, recovery, and post-incident reviews.
6. Support business continuity and disaster recovery planning in partnership with relevant teams to ensure resilient operations.
7. Assist with vendor and third-party risk management, including contract reviews, due diligence, and ongoing monitoring.
8. Promotes a culture of security awareness among university staff, faculty, and students through training programs and awareness communications.
9. Support data governance and privacy safeguards in collaboration with legal, audit, research compliance, and data stewards.
10. Help promote a culture of security by assisting with the design and delivery of role-based training, exercises, and campus-wide communications tailored to faculty, staff, students, and researchers.
11. Assist in preparing metrics, dashboards, and risk reports for the CISO and executive leadership; support briefings to governance bodies and external stakeholders as needed.
12. Support collaboration with campus IT leaders to integrate security into projects, procurements, and change management processes.
13. Assist in supervising managers and professional staff; help recruit, coach, and develop a high-performing, service-oriented security team.
14. May serve as acting CISO when delegated or in the CISO’s absence.
15. Performs miscellaneous job-related duties as assigned.
Supervisory Responsibility:
The Deputy Chief Information Security Officer provides guidance, mentorship, and oversight to information security staff and teams. This includes supporting training and making recommendations regarding professional development and employment decisions, in collaboration with senior leadership. The role may supervise small teams or project groups but does not carry sole or ultimate responsibility for all employment actions.
Minimum Qualifications:
Bachelor's degree in Computer Science, Management of Information Systems Technology, Information Technology, or other directly related information technology major.
Eight years of progressive information security experience, including supporting security operations and/or governance, risk, and compliance functions in a complex environment; demonstrated success implementing enterprise security programs and leading cross-functional initiatives.
Preferred Qualifications:
1. Master’s degree in a related field.
2. Professional certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA).
Knowledge, Skills, and Abilities:
1. Thorough knowledge and strategic understanding of information security principles, practices, and requirements as they relate to a major academic research institution.
2. Program planning, development, implementation, and leadership skills.
3. Demonstrated strategic planning and policy development skills gained at a senior level.
4. Knowledge of organizational structure, workflow, and operating procedures.
5. Outstanding interpersonal skills and demonstrated ability to communicate and work effectively in business partner relationships.
6. Demonstrated integrity and ability to maintain principles and make appropriate decisions under ethical pressure.
7. Knowledge and understanding of Federal, State, and University laws, regulations, and standards pertaining to information security and privacy.
8. Demonstrated understanding and appreciation of business management principles and processes.
9. Ability to effectively explain, promote, and defend the value of security initiatives to top management.
10. Ability to develop successful information security solutions that support institutional business strategies and practices.
11. Ability to anticipate need and effectively assist the organization to rapidly adjust and respond to ever-changing information security conditions and trends.
12. Knowledge and understanding of current and emerging technological and operational solutions in the area of information security.
13. Advanced analytical, evaluative, and objective critical thinking skills.
Working Conditions and Physical Effort
1. Significant amount of time working at a desk, reviewing reports, analyzing data, and making strategic decisions. Comfortable sitting for extended periods.
2. Extensive computer use is a fundamental part of the role. Operates computers, laptops, and other digital devices for communication, analysis, and managing security systems.
3. Frequently participate in meetings, discussions, and collaborations with other team members, stakeholders, and external partners. Involves sitting, standing, or moving between meeting locations.
4. Travel occasionally for meetings, conferences, or site visits. Travel requirements may vary.
5. In the event of a cybersecurity incident or emergency, maybe required to respond quickly, which could involve working outside of regular business hours.
6. Occasional instances to carry equipment or materials related to cybersecurity investigations or assessments.
Physical demands are generally light to moderate, with emphasis on cognitive and leadership skills. Role can be mentally demanding and require a high level of focus and attention to detail.
Instructions for Applying:
Link to apply: http://explore.msujobs.msstate.edu/
All applicants must apply online at www.msujobs.msstate.edu by attaching a cover letter and resume which includes the names and addresses of 3 professional references. We will accept applications only from persons with indefinite employment authorization in the U.S., and will not sponsor for nonimmigrant or immigrant status for this position.
Equal Employment Opportunity Statement:
Mississippi State University is an equal opportunity institution. Discrimination is prohibited in university employment, programs or activities based on race, color, ethnicity, sex, pregnancy, religion, national origin, disability, age, sexual orientation, genetic information, status as a U.S. veteran, or any other status to the extent protected by applicable law. Questions about equal opportunity programs or compliance should be directed to the Office of Civil Rights Compliance, 231 Famous Maroon Band Street, P.O. 6044, Mississippi State, MS 39762, (662) 325-5839.
What do I do if I need an accommodation?
In compliance with the ADA Amendments Act (ADA), if you have a disability and would like to request an accommodation in order to apply for a position with Mississippi State University, please contact the Department of Human Resources Management at tel: (662) 325-3713 or ada@hrm.msstate.edu.
If you have any questions regarding this policy, contact the Department of Human Resources Management at (662) 325-3713 or ada@hrm.msstate.edu. Upon request, sections of this job listing are available in large print, and readers are available to assist the visually impaired.
