Deputy Chief Information Security and Privacy Officer

The University of Arkansas Deputy Chief Information Security Officer (D-CISO) and Privacy Officer is a senior-level position responsible for assisting the Chief Information Security Officer (CISO) and Chief Information Officer (CIO) in developing and implementing the university’s information security and privacy strategies. This role ensures the confidentiality, integrity, and availability of university data and systems while maintaining compliance with relevant laws and regulations. The Deputy CISO and Privacy Officer will lead a team of security professionals, manage security operations, and oversee privacy initiatives across the university and perform other duties as assigned. This is a full-time in person position.  

Regular, reliable, and non-disruptive attendance is an essential job duty, as is the ability to create and maintain collegial, harmonious working relationships with others.

Why Join the University of Arkansas?

We are committed to fostering a supportive and rewarding workplace where employees can grow professionally while enjoying an excellent work-life balance. Our comprehensive benefits package is designed to support the well-being of our employees and their families.

Exceptional Benefits Package

• Health & Wellness: Comprehensive medical, dental, and vision insurance options
• Retirement Plans: Up to 10% employer-matching contributions
• Paid Time Off: Generous vacation, sick leave, and paid holidays
• Tuition Assistance: Education discount for employees and their families
• Professional Development: Training programs and career growth opportunities
• Work-Life Balance: Flexible work arrangements and family-friendly policies
• Wellness Programs: Employee wellness initiatives, gym access, and counseling services

Located in Fayetteville, Arkansas, our campus is consistently ranked as one of the best places to live in the U.S. Employees enjoy a vibrant culture, low cost of living, and access to outdoor recreation in the stunning Ozark Mountains.

The University of Arkansas is an equal opportunity institution. The University does not discriminate in its education programs or activities (including in admission and employment) on the basis of any category or status protected by law, including age, race, color, national origin, disability, religion, protected veteran status, military service, genetic information, sex, sexual preference, or pregnancy. Federal law prohibits the University from discriminating on these bases. Questions or concerns about the application of Title IX, which prohibits discrimination on the basis of sex, may be sent to the University's Title IX Coordinator and to the U.S. Department of Education Office for Civil Rights. Persons must have proof of legal authority to work in the United States on the first day of employment.

All application information is subject to public disclosure under the Arkansas Freedom of Information Act.

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
• At least seven (7) years of experience in information security, with a minimum of three (3) years in a leadership role
• Professional certification such as CISSP, CISM, or CISA
• Experience using and strong knowledge of information security frameworks, standards, and best practices (e.g., NIST, ISO 27001)
• Experience with security technologies such as firewalls, intrusion detection/prevention systems, and SIEM solutions
• Excellent communication and interpersonal skills

Preferred Qualifications:

• Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Experience working in a higher education environment
• Additional certifications such as CIPT, CIPM, or CRISC
• Experience with multilateral federation and contemporary Identity and Access Management architecture
• Experience with cloud security and privacy

Knowledge, Skills, and Abilities:

• In-depth knowledge and understanding of information security principles and practices
• Strong understanding of privacy laws and regulations
• Strong analytical and problem-solving skills
• Excellent project management skills, with the ability to manage multiple projects simultaneously
• Ability to lead and motivate a team of security professionals
• Ability to communicate complex security concepts to non-technical stakeholders
• High level of integrity and ethical conduct