Deputy Chief Information Security Officer

Job Description

Company: University of Mississippi

Location: Lafayette Springs, US

The University of Mississippi — fondly referred to as Ole Miss —
stands as a premier public research institution with a proud legacy
of academic distinction. We are devoted to nurturing a vibrant,
inclusive community where every member — student, faculty, and
staff — can achieve their fullest potential.

Join the Ole Miss Family — Build Your Legacy Here!

Department:

Information Technology

The Deputy Chief Information Security Officer (Deputy CISO) serves
as the principal deputy to the Chief Information Security Officer
(CISO). Reporting directly to the CISO, this position provides
senior executive leadership for the institution’s enterprise
information security program, in support of academic, research,
healthcare, and administrative missions.

The Deputy CISO plays a critical role in translating institutional
strategy, regulatory requirements, and risk tolerance into
effective, sustainable security operations across a highly
decentralized environment. This role assists in setting long-term
cybersecurity direction, oversees day-to-day security functions,
and represents the CISO as needed with executive leadership,
governing bodies, state agencies, and external partners.

Job Summary:

Provides strategic leadership and direction for the institution’s
information security program. This role ensures the development,
implementation, and continuous improvement of enterprise-wide
security strategies, policies, and operations to effectively manage
risk and support the university’s academic, research, and
administrative missions.

Job Description:

• Leads the development and execution of a comprehensive
information security strategy and multi-year roadmap aligned with
institutional priorities and risk tolerance

• Provides oversight of key cybersecurity domains, such as
security operations, governance, risk and compliance, identity and
access management, and infrastructure security

• Establishes and enforces information security policies,
standards, and procedures to ensure compliance with regulatory and
contractual requirements

• Directs institutional response to cybersecurity incidents,
vulnerabilities, and emerging threats, coordinating across
technical and non-technical stakeholders

• Partners with senior leadership, academic units, and
administrative functions to integrate security practices into
university operations while enabling research and innovation

• Develops and communicates security metrics, risks, and
recommendations to executive leadership, governing bodies, and
external stakeholders

• Oversees security-related budgeting, resource planning, and
vendor management to support program effectiveness and
sustainability

• Leads, develops, and scales information security teams,
fostering a culture of accountability, collaboration, and
continuous improvement

Job Responsibilities:

• Partners with the CISO to develop, implement, and mature the
university’s enterprise information security strategy and
multi-year roadmap.

• Provides executive oversight for assigned information security
domains, which may include Security Operations, Identity and Access
Management, Governance, Risk, and Compliance (GRC), Research
Security, Network and Systems Security, or Cloud Security.

• Oversees institutional cybersecurity incident response,
including coordination with central IT, distributed IT units, legal
counsel, privacy, research administration, communications, law
enforcement, and executive leadership.

• Leads security efforts related to federally funded research,
including compliance with requirements for Controlled Unclassified
Information (CUI), NIST SP 800-171/172, export controls, and
sponsor-specific security expectations.

• Collaborates with academic leadership, principal investigators,
and research administration to enable secure research while
managing institutional risk.

• Assists with development, implementation, and enforcement of
security policies, standards, and procedures aligned with
public-sector, higher education, and regulatory requirements (e.g.,
FERPA, HIPAA, GLBA, PCI DSS).

• Supports budget planning, procurement, and vendor management
for security technologies and services, consistent with public
university policies and state regulations.

• Develops security metrics and reporting for executive
leadership, auditors, and governing bodies.

• Mentors and develops information security leadership and staff,
promoting a culture of collaboration, accountability, and service
to the university mission.

Education Qualifications:

Bachelor’s (Required)

Experience:

Relevant experience | 10 Years Experience, 5 Years Supervisory |
Not Required

Compensation:

$147,201.60 – $220,792.00

Interview Requirement:

Interview Requirements: Any candidate who is called for an
interview must notify the Department of Equal
Opportunity/Regulatory Compliance in writing of any reasonable
accommodation needed prior to the date of the interview.

EEO Statement:

The University of Mississippi provides equal opportunity in any
employment practice, education program, or education activity to
all qualified persons. The University complies with all applicable
laws regarding equal opportunity and does not unlawfully
discriminate against any employee or applicant for employment based
upon race, color, gender, sex, pregnancy, sexual orientation,
gender identity or expression, religion, national origin,
ethnicity, citizenship, age, disability, military status, protected
veteran status, genetic information, or any other legally protected
status.

Background Check Statement:

The University of Mississippi is committed to providing a safe
campus community. UM conducts background investigations for
applicants being considered for employment. Background
investigations include a criminal history record check, and when
appropriate, a financial (credit) report or driving history
check.

Source: Chronicle Of Higher Education